summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--.depend347
-rw-r--r--.skipped-commit-ids2
-rw-r--r--ChangeLog3783
-rw-r--r--INSTALL12
-rw-r--r--Makefile.in31
-rw-r--r--OVERVIEW15
-rw-r--r--PROTOCOL37
-rw-r--r--PROTOCOL.certkeys22
-rw-r--r--PROTOCOL.chacha20poly13054
-rw-r--r--PROTOCOL.krl4
-rw-r--r--README2
-rw-r--r--README.platform2
-rw-r--r--TODO6
-rw-r--r--aclocal.m415
-rw-r--r--addrmatch.c25
-rw-r--r--audit-bsm.c1
-rw-r--r--audit.c2
-rw-r--r--auth-bsdauth.c6
-rw-r--r--auth-krb5.c6
-rw-r--r--auth-options.c152
-rw-r--r--auth-options.h6
-rw-r--r--auth-pam.c264
-rw-r--r--auth-passwd.c23
-rw-r--r--auth-rhosts.c6
-rw-r--r--auth-shadow.c23
-rw-r--r--auth-sia.c1
-rw-r--r--auth-skey.c1
-rw-r--r--auth.c63
-rw-r--r--auth.h8
-rw-r--r--auth2-chall.c83
-rw-r--r--auth2-gss.c127
-rw-r--r--auth2-hostbased.c7
-rw-r--r--auth2-kbdint.c14
-rw-r--r--auth2-none.c3
-rw-r--r--auth2-passwd.c3
-rw-r--r--auth2-pubkey.c45
-rw-r--r--auth2.c81
-rw-r--r--authfd.c28
-rw-r--r--authfd.h4
-rw-r--r--authfile.c24
-rw-r--r--bufaux.c259
-rw-r--r--bufbn.c69
-rw-r--r--bufec.c74
-rw-r--r--buffer.c118
-rw-r--r--buffer.h95
-rw-r--r--channels.c495
-rw-r--r--channels.h26
-rw-r--r--cipher.c2
-rw-r--r--clientloop.c236
-rw-r--r--clientloop.h4
-rw-r--r--compat.c47
-rw-r--r--compat.h4
-rw-r--r--config.h.in19
-rwxr-xr-xconfigure206
-rw-r--r--configure.ac85
-rwxr-xr-xcontrib/aix/buildbff.sh16
-rw-r--r--contrib/cygwin/ssh-host-config2
-rw-r--r--contrib/cygwin/ssh-user-config2
-rw-r--r--contrib/redhat/openssh.spec2
-rw-r--r--contrib/solaris/README2
-rw-r--r--contrib/suse/openssh.spec6
-rw-r--r--debian/.git-dpm14
-rw-r--r--debian/NEWS39
-rw-r--r--debian/changelog105
-rw-r--r--debian/patches/authorized-keys-man-symlink.patch6
-rw-r--r--debian/patches/debian-banner.patch26
-rw-r--r--debian/patches/debian-config.patch24
-rw-r--r--debian/patches/dnssec-sshfp.patch2
-rw-r--r--debian/patches/doc-hash-tab-completion.patch6
-rw-r--r--debian/patches/gnome-ssh-askpass2-icon.patch2
-rw-r--r--debian/patches/gssapi.patch565
-rw-r--r--debian/patches/keepalive-extensions.patch28
-rw-r--r--debian/patches/mention-ssh-keygen-on-keychange.patch8
-rw-r--r--debian/patches/no-openssl-version-status.patch2
-rw-r--r--debian/patches/openbsd-docs.patch26
-rw-r--r--debian/patches/package-versioning.patch12
-rw-r--r--debian/patches/restore-authorized_keys2.patch4
-rw-r--r--debian/patches/restore-tcp-wrappers.patch26
-rw-r--r--debian/patches/scp-quoting.patch4
-rw-r--r--debian/patches/seccomp-getuid-geteuid.patch44
-rw-r--r--debian/patches/seccomp-s390-flock-ipc.patch16
-rw-r--r--debian/patches/seccomp-s390-ioctl-ep11-crypto.patch6
-rw-r--r--debian/patches/selinux-role.patch177
-rw-r--r--debian/patches/series3
-rw-r--r--debian/patches/shell-path.patch8
-rw-r--r--debian/patches/ssh-agent-setgid.patch2
-rw-r--r--debian/patches/ssh-argv0.patch6
-rw-r--r--debian/patches/ssh-vulnkey-compat.patch10
-rw-r--r--debian/patches/syslog-level-silent.patch6
-rw-r--r--debian/patches/systemd-readiness.patch12
-rw-r--r--debian/patches/upstream-delay-bailout-for-invalid-authenticating-user.patch153
-rw-r--r--debian/patches/upstream-relax-checking-of-authorized_keys-environme.patch40
-rw-r--r--debian/patches/user-group-modes.patch36
-rw-r--r--defines.h6
-rw-r--r--dh.c18
-rw-r--r--entropy.c32
-rw-r--r--entropy.h7
-rw-r--r--gss-genr.c109
-rw-r--r--gss-serv-krb5.c5
-rw-r--r--gss-serv.c5
-rw-r--r--hostfile.c15
-rw-r--r--kex.c110
-rw-r--r--kex.h11
-rw-r--r--kexdhs.c4
-rw-r--r--kexgexs.c4
-rw-r--r--kexgssc.c12
-rw-r--r--kexgsss.c12
-rw-r--r--key.c236
-rw-r--r--key.h69
-rw-r--r--log.c8
-rw-r--r--log.h3
-rw-r--r--loginrec.c7
-rw-r--r--match.c36
-rw-r--r--match.h5
-rw-r--r--misc.c67
-rw-r--r--misc.h5
-rw-r--r--moduli843
-rw-r--r--moduli.02
-rw-r--r--monitor.c727
-rw-r--r--monitor.h10
-rw-r--r--monitor_wrap.c795
-rw-r--r--monitor_wrap.h10
-rw-r--r--msg.c4
-rw-r--r--mux.c932
-rw-r--r--myproposal.h4
-rw-r--r--opacket.c2
-rw-r--r--opacket.h4
-rw-r--r--openbsd-compat/Makefile.in1
-rw-r--r--openbsd-compat/arc4random.c16
-rw-r--r--openbsd-compat/bcrypt_pbkdf.c2
-rw-r--r--openbsd-compat/bsd-closefrom.c2
-rw-r--r--openbsd-compat/bsd-cygwin_util.c1
-rw-r--r--openbsd-compat/bsd-cygwin_util.h2
-rw-r--r--openbsd-compat/bsd-getline.c113
-rw-r--r--openbsd-compat/bsd-misc.c1
-rw-r--r--openbsd-compat/bsd-nextstep.h2
-rw-r--r--openbsd-compat/bsd-snprintf.c2
-rw-r--r--openbsd-compat/bsd-waitpid.h2
-rw-r--r--openbsd-compat/explicit_bzero.c2
-rw-r--r--openbsd-compat/fmt_scaled.c9
-rw-r--r--openbsd-compat/freezero.c1
-rw-r--r--openbsd-compat/openbsd-compat.h4
-rw-r--r--openbsd-compat/port-aix.c24
-rw-r--r--openbsd-compat/port-aix.h7
-rw-r--r--openbsd-compat/port-linux.c6
-rw-r--r--openbsd-compat/port-net.c4
-rw-r--r--openbsd-compat/port-uw.c4
-rw-r--r--openbsd-compat/sha2.c2
-rw-r--r--openbsd-compat/strndup.c2
-rw-r--r--openbsd-compat/strnlen.c2
-rw-r--r--openbsd-compat/sys-queue.h5
-rw-r--r--packet.c60
-rw-r--r--packet.h7
-rw-r--r--platform.c3
-rw-r--r--readconf.c190
-rw-r--r--readconf.h8
-rw-r--r--readpass.c3
-rw-r--r--regress/Makefile3
-rw-r--r--regress/allow-deny-users.sh12
-rw-r--r--regress/authinfo.sh2
-rw-r--r--regress/cert-file.sh6
-rw-r--r--regress/cert-hostkey.sh9
-rw-r--r--regress/cfgmatchlisten.sh202
-rw-r--r--regress/cfgparse.sh6
-rw-r--r--regress/forward-control.sh77
-rw-r--r--regress/forwarding.sh3
-rw-r--r--regress/key-options.sh5
-rw-r--r--regress/keygen-knownhosts.sh35
-rw-r--r--regress/mkdtemp.c61
-rw-r--r--regress/multiplex.sh3
-rw-r--r--regress/rekey.sh12
-rw-r--r--regress/setuid-allowed.c1
-rw-r--r--regress/sshcfgparse.sh62
-rw-r--r--regress/test-exec.sh32
-rw-r--r--regress/unittests/hostkeys/test_iterate.c37
-rw-r--r--regress/unittests/match/tests.c4
-rw-r--r--regress/unittests/sshkey/test_sshkey.c5
-rwxr-xr-xregress/valgrind-unit.sh6
-rw-r--r--sandbox-seccomp-filter.c27
-rw-r--r--sandbox-systrace.c1
-rw-r--r--scp.04
-rw-r--r--scp.16
-rw-r--r--scp.c6
-rw-r--r--servconf.c288
-rw-r--r--servconf.h24
-rw-r--r--serverloop.c33
-rw-r--r--session.c240
-rw-r--r--sftp-client.c26
-rw-r--r--sftp-server.02
-rw-r--r--sftp-server.c8
-rw-r--r--sftp.022
-rw-r--r--sftp.122
-rw-r--r--sftp.c29
-rw-r--r--ssh-add.02
-rw-r--r--ssh-agent.02
-rw-r--r--ssh-agent.c63
-rw-r--r--ssh-gss.h8
-rw-r--r--ssh-keygen.024
-rw-r--r--ssh-keygen.124
-rw-r--r--ssh-keygen.c40
-rw-r--r--ssh-keyscan.02
-rw-r--r--ssh-keyscan.c12
-rw-r--r--ssh-keysign.02
-rw-r--r--ssh-keysign.c10
-rw-r--r--ssh-pkcs11-client.c136
-rw-r--r--ssh-pkcs11-helper.02
-rw-r--r--ssh-rsa.c60
-rw-r--r--ssh.014
-rw-r--r--ssh.114
-rw-r--r--ssh.c321
-rw-r--r--ssh.h9
-rw-r--r--ssh_api.h4
-rw-r--r--ssh_config.082
-rw-r--r--ssh_config.577
-rw-r--r--sshbuf.c22
-rw-r--r--sshbuf.h11
-rw-r--r--sshconnect.c69
-rw-r--r--sshconnect.h24
-rw-r--r--sshconnect2.c882
-rw-r--r--sshd.038
-rw-r--r--sshd.842
-rw-r--r--sshd.c232
-rw-r--r--sshd_config3
-rw-r--r--sshd_config.0120
-rw-r--r--sshd_config.5113
-rw-r--r--ssherr.c4
-rw-r--r--ssherr.h3
-rw-r--r--sshkey-xmss.c8
-rw-r--r--sshkey.c106
-rw-r--r--sshkey.h5
-rw-r--r--sshlogin.c22
-rw-r--r--ttymodes.c129
-rw-r--r--uidswap.c39
-rw-r--r--uidswap.h3
-rw-r--r--umac.c14
-rw-r--r--utf8.c13
-rw-r--r--version.h4
-rw-r--r--xmss_wots.c4
238 files changed, 9059 insertions, 8161 deletions
diff --git a/.depend b/.depend
index 0893a87ab..7cc0bfdc8 100644
--- a/.depend
+++ b/.depend
@@ -1,182 +1,175 @@
1# DO NOT DELETE 1# DO NOT DELETE
2 2
3addrmatch.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h match.h log.h 3addrmatch.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h match.h log.h
4atomicio.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h atomicio.h 4atomicio.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h atomicio.h
5audit-bsm.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h 5audit-bsm.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
6audit-linux.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h 6audit-linux.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
7audit.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h 7audit.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
8auth-bsdauth.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h 8auth-bsdauth.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
9auth-krb5.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h xmalloc.h ssh.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h log.h misc.h servconf.h uidswap.h key.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h 9auth-krb5.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h log.h sshbuf.h sshkey.h misc.h servconf.h uidswap.h hostfile.h auth.h auth-pam.h audit.h loginrec.h
10auth-options.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h openbsd-compat/sys-queue.h xmalloc.h ssherr.h log.h misc.h sshkey.h match.h ssh2.h auth-options.h 10auth-options.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssherr.h log.h sshbuf.h misc.h sshkey.h match.h ssh2.h auth-options.h
11auth-pam.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h 11auth-pam.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
12auth-passwd.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h log.h misc.h servconf.h key.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h auth-options.h 12auth-passwd.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h sshbuf.h ssherr.h log.h misc.h servconf.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h auth-options.h
13auth-rhosts.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h uidswap.h pathnames.h log.h misc.h key.h sshkey.h servconf.h canohost.h hostfile.h auth.h auth-pam.h audit.h loginrec.h 13auth-rhosts.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h uidswap.h pathnames.h log.h misc.h sshbuf.h sshkey.h servconf.h canohost.h hostfile.h auth.h auth-pam.h audit.h loginrec.h
14auth-shadow.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h 14auth-shadow.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
15auth-sia.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h 15auth-sia.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
16auth-skey.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h 16auth-skey.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
17auth.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h xmalloc.h match.h groupaccess.h log.h misc.h servconf.h key.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h auth-options.h canohost.h uidswap.h packet.h openbsd-compat/sys-queue.h 17auth.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h match.h groupaccess.h log.h sshbuf.h misc.h servconf.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h auth-options.h canohost.h uidswap.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h
18auth.o: dispatch.h opacket.h authfile.h monitor_wrap.h ssherr.h compat.h channels.h 18auth.o: authfile.h monitor_wrap.h ssherr.h compat.h channels.h
19auth2-chall.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h xmalloc.h ssh2.h key.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h log.h misc.h servconf.h 19auth2-chall.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh2.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h sshbuf.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h ssherr.h log.h misc.h servconf.h
20auth2-gss.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h 20auth2-gss.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
21auth2-hostbased.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h xmalloc.h ssh2.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h log.h misc.h servconf.h compat.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h canohost.h 21auth2-hostbased.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh2.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h sshbuf.h log.h misc.h servconf.h compat.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h canohost.h monitor_wrap.h
22auth2-hostbased.o: monitor_wrap.h pathnames.h ssherr.h match.h 22auth2-hostbased.o: pathnames.h ssherr.h match.h
23auth2-kbdint.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h xmalloc.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h key.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h log.h misc.h servconf.h 23auth2-kbdint.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h hostfile.h auth.h auth-pam.h audit.h loginrec.h log.h misc.h servconf.h ssherr.h
24auth2-none.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h atomicio.h xmalloc.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h log.h misc.h servconf.h compat.h ssh2.h ssherr.h 24auth2-none.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h atomicio.h xmalloc.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h log.h misc.h servconf.h compat.h ssh2.h ssherr.h monitor_wrap.h
25auth2-none.o: monitor_wrap.h 25auth2-passwd.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h ssherr.h log.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h monitor_wrap.h misc.h servconf.h
26auth2-passwd.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h ssherr.h log.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h monitor_wrap.h misc.h servconf.h 26auth2-pubkey.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh.h ssh2.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h sshbuf.h log.h misc.h servconf.h compat.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h pathnames.h uidswap.h
27auth2-pubkey.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h xmalloc.h ssh.h ssh2.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h log.h misc.h servconf.h compat.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h pathnames.h uidswap.h
28auth2-pubkey.o: auth-options.h canohost.h monitor_wrap.h authfile.h match.h ssherr.h channels.h session.h 27auth2-pubkey.o: auth-options.h canohost.h monitor_wrap.h authfile.h match.h ssherr.h channels.h session.h
29auth2.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h atomicio.h xmalloc.h ssh2.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h log.h misc.h servconf.h compat.h key.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h pathnames.h 28auth2.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h atomicio.h xmalloc.h ssh2.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h log.h sshbuf.h misc.h servconf.h compat.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h pathnames.h ssherr.h
30auth2.o: monitor_wrap.h ssherr.h 29auth2.o: monitor_wrap.h digest.h
31authfd.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h xmalloc.h ssh.h sshkey.h authfd.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h compat.h log.h atomicio.h misc.h ssherr.h 30authfd.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh.h sshbuf.h sshkey.h authfd.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h compat.h log.h atomicio.h misc.h ssherr.h
32authfile.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h ssh.h log.h authfile.h misc.h atomicio.h sshkey.h ssherr.h krl.h 31authfile.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h ssh.h log.h authfile.h misc.h atomicio.h sshkey.h sshbuf.h ssherr.h krl.h
33bitmap.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h bitmap.h 32bitmap.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h bitmap.h
34bufaux.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h log.h ssherr.h 33canohost.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h log.h canohost.h misc.h
35bufbn.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h 34chacha.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h chacha.h
36bufec.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h log.h ssherr.h 35channels.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h ssherr.h sshbuf.h packet.h dispatch.h opacket.h log.h misc.h channels.h compat.h canohost.h sshkey.h authfd.h pathnames.h match.h
37buffer.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h log.h ssherr.h 36cipher-aes.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/openssl-compat.h
38canohost.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h xmalloc.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h log.h canohost.h misc.h 37cipher-aesctr.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h cipher-aesctr.h rijndael.h
39chacha.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h chacha.h 38cipher-chachapoly.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h sshbuf.h ssherr.h cipher-chachapoly.h chacha.h poly1305.h
40channels.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h ssherr.h packet.h dispatch.h opacket.h log.h misc.h channels.h compat.h canohost.h key.h sshkey.h authfd.h pathnames.h 39cipher-ctr.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
41cipher-aes.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h openbsd-compat/openssl-compat.h 40cipher.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h misc.h sshbuf.h ssherr.h digest.h openbsd-compat/openssl-compat.h
42cipher-aesctr.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h cipher-aesctr.h rijndael.h 41cleanup.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h
43cipher-chachapoly.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h log.h ssherr.h cipher-chachapoly.h chacha.h poly1305.h 42clientloop.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h packet.h dispatch.h opacket.h sshbuf.h compat.h channels.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h kex.h mac.h
44cipher-ctr.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h 43clientloop.o: myproposal.h log.h misc.h readconf.h clientloop.h sshconnect.h authfd.h atomicio.h sshpty.h match.h msg.h ssherr.h hostfile.h
45cipher.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h misc.h ssherr.h digest.h openbsd-compat/openssl-compat.h 44compat.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h compat.h log.h match.h kex.h mac.h
46cleanup.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h log.h 45crc32.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h crc32.h
47clientloop.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h packet.h dispatch.h opacket.h compat.h channels.h key.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h 46dh.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
48clientloop.o: kex.h mac.h myproposal.h log.h misc.h readconf.h clientloop.h sshconnect.h authfd.h atomicio.h sshpty.h match.h msg.h ssherr.h hostfile.h 47digest-libc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssherr.h sshbuf.h digest.h
49compat.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h xmalloc.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h compat.h log.h match.h kex.h mac.h key.h sshkey.h 48digest-openssl.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
50crc32.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h crc32.h 49dispatch.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssh2.h log.h dispatch.h packet.h openbsd-compat/sys-queue.h opacket.h compat.h ssherr.h
51dh.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h 50dns.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h sshkey.h ssherr.h dns.h log.h digest.h
52digest-libc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h ssherr.h digest.h 51ed25519.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h crypto_api.h ge25519.h fe25519.h sc25519.h
53digest-openssl.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h 52entropy.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
54dispatch.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h ssh2.h log.h dispatch.h packet.h openbsd-compat/sys-queue.h opacket.h compat.h ssherr.h 53fatal.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h
55dns.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h xmalloc.h sshkey.h ssherr.h dns.h log.h digest.h 54fe25519.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h fe25519.h crypto_api.h
56ed25519.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h crypto_api.h ge25519.h fe25519.h sc25519.h 55ge25519.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h fe25519.h crypto_api.h sc25519.h ge25519.h ge25519_base.data
57entropy.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h 56groupaccess.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h groupaccess.h match.h log.h
58fatal.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h log.h 57gss-genr.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
59fe25519.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h fe25519.h crypto_api.h 58gss-serv-krb5.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
60ge25519.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h fe25519.h crypto_api.h sc25519.h ge25519.h ge25519_base.data 59gss-serv.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
61groupaccess.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h xmalloc.h groupaccess.h match.h log.h 60hash.o: crypto_api.h includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h digest.h log.h ssherr.h
62gss-genr.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h 61hmac.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshbuf.h digest.h hmac.h
63gss-serv-krb5.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h 62hostfile.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h match.h sshkey.h hostfile.h log.h misc.h ssherr.h digest.h hmac.h
64gss-serv.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h 63kex.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssh2.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h compat.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h sshkey.h kex.h mac.h log.h match.h misc.h monitor.h ssherr.h sshbuf.h
65hash.o: crypto_api.h includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h digest.h log.h ssherr.h 64kex.o: digest.h
66hmac.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h digest.h hmac.h 65kexc25519.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshbuf.h ssh2.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h kex.h mac.h log.h digest.h ssherr.h
67hostfile.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h xmalloc.h match.h sshkey.h hostfile.h log.h misc.h ssherr.h digest.h hmac.h 66kexc25519c.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h kex.h mac.h log.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h ssh2.h sshbuf.h digest.h ssherr.h
68kex.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h ssh2.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h compat.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h sshkey.h kex.h mac.h key.h log.h match.h misc.h 67kexc25519s.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h digest.h kex.h mac.h log.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h ssh2.h sshbuf.h ssherr.h
69kex.o: monitor.h ssherr.h digest.h 68kexdh.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
70kexc25519.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h ssh2.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h kex.h mac.h key.h log.h digest.h ssherr.h 69kexdhc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
71kexc25519c.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h kex.h mac.h key.h log.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h ssh2.h digest.h ssherr.h 70kexdhs.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
72kexc25519s.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h digest.h kex.h mac.h key.h log.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h ssh2.h ssherr.h 71kexecdh.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
73kexdh.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h 72kexecdhc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
74kexdhc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h 73kexecdhs.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
75kexdhs.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h 74kexgex.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
76kexecdh.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h 75kexgexc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
77kexecdhc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h 76kexgexs.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
78kexecdhs.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h 77krl.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ./openbsd-compat/sys-tree.h openbsd-compat/sys-queue.h sshbuf.h ssherr.h sshkey.h authfile.h misc.h log.h digest.h bitmap.h krl.h
79kexgex.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h 78log.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h
80kexgexc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h 79loginrec.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h sshkey.h hostfile.h ssh.h loginrec.h log.h atomicio.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h canohost.h auth.h auth-pam.h audit.h sshbuf.h ssherr.h
81kexgexs.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h 80logintest.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h loginrec.h
82key.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h key.h sshkey.h compat.h ssherr.h log.h authfile.h 81mac.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h digest.h hmac.h umac.h mac.h misc.h ssherr.h sshbuf.h openbsd-compat/openssl-compat.h
83krl.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h ./openbsd-compat/sys-tree.h openbsd-compat/sys-queue.h ssherr.h sshkey.h authfile.h misc.h log.h digest.h bitmap.h krl.h 82match.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h match.h misc.h
84log.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h log.h 83md5crypt.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
85loginrec.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h xmalloc.h key.h sshkey.h hostfile.h ssh.h loginrec.h log.h atomicio.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h canohost.h auth.h auth-pam.h audit.h 84misc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h misc.h log.h ssh.h sshbuf.h ssherr.h
86logintest.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h loginrec.h 85moduli.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
87mac.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h digest.h hmac.h umac.h mac.h misc.h ssherr.h openbsd-compat/openssl-compat.h 86monitor.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ./openbsd-compat/sys-tree.h openbsd-compat/sys-queue.h atomicio.h xmalloc.h ssh.h sshkey.h sshbuf.h hostfile.h auth.h auth-pam.h audit.h loginrec.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h
88match.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h xmalloc.h match.h misc.h 87monitor.o: rijndael.h kex.h mac.h dh.h packet.h dispatch.h opacket.h auth-options.h sshpty.h channels.h session.h sshlogin.h canohost.h log.h misc.h servconf.h monitor.h monitor_wrap.h monitor_fdpass.h compat.h ssh2.h authfd.h match.h ssherr.h
89md5crypt.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h 88monitor_fdpass.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h monitor_fdpass.h
90misc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h xmalloc.h misc.h log.h ssh.h ssherr.h uidswap.h 89monitor_wrap.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h sshbuf.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h kex.h mac.h hostfile.h auth.h auth-pam.h audit.h loginrec.h
91moduli.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h 90monitor_wrap.o: auth-options.h packet.h dispatch.h opacket.h log.h monitor.h monitor_wrap.h atomicio.h monitor_fdpass.h misc.h channels.h session.h servconf.h ssherr.h
92monitor.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h ./openbsd-compat/sys-tree.h openbsd-compat/sys-queue.h atomicio.h xmalloc.h ssh.h key.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h cipher.h cipher-chachapoly.h chacha.h poly1305.h 91msg.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshbuf.h ssherr.h log.h atomicio.h msg.h misc.h
93monitor.o: cipher-aesctr.h rijndael.h kex.h mac.h dh.h packet.h dispatch.h opacket.h auth-options.h sshpty.h channels.h session.h sshlogin.h canohost.h log.h misc.h servconf.h monitor.h monitor_wrap.h monitor_fdpass.h compat.h ssh2.h authfd.h match.h ssherr.h 92mux.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h log.h ssh.h ssh2.h pathnames.h misc.h match.h sshbuf.h channels.h msg.h packet.h dispatch.h opacket.h monitor_fdpass.h sshpty.h sshkey.h readconf.h clientloop.h ssherr.h
94monitor_fdpass.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h log.h monitor_fdpass.h 93nchan.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h ssh2.h sshbuf.h ssherr.h packet.h dispatch.h opacket.h channels.h compat.h log.h
95monitor_wrap.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h openbsd-compat/sys-queue.h xmalloc.h ssh.h key.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h kex.h mac.h hostfile.h auth.h auth-pam.h audit.h 94opacket.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssherr.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h log.h
96monitor_wrap.o: loginrec.h auth-options.h packet.h dispatch.h opacket.h log.h monitor.h monitor_wrap.h atomicio.h monitor_fdpass.h misc.h channels.h session.h servconf.h ssherr.h 95packet.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h crc32.h compat.h ssh2.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h sshkey.h kex.h mac.h digest.h log.h canohost.h misc.h channels.h ssh.h
97msg.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h ssherr.h log.h atomicio.h msg.h misc.h 96packet.o: packet.h dispatch.h opacket.h ssherr.h sshbuf.h
98mux.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h openbsd-compat/sys-queue.h xmalloc.h log.h ssh.h ssh2.h pathnames.h misc.h match.h channels.h msg.h packet.h dispatch.h opacket.h monitor_fdpass.h sshpty.h key.h sshkey.h readconf.h clientloop.h 97platform-misc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
99mux.o: ssherr.h 98platform-pledge.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
100nchan.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h openbsd-compat/sys-queue.h ssh2.h ssherr.h packet.h dispatch.h opacket.h channels.h compat.h log.h 99platform-tracing.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h
101opacket.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h ssherr.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h log.h 100platform.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h misc.h servconf.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h
102packet.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h openbsd-compat/sys-queue.h key.h sshkey.h xmalloc.h crc32.h compat.h ssh2.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h kex.h mac.h digest.h log.h canohost.h misc.h 101poly1305.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h poly1305.h
103packet.o: channels.h ssh.h packet.h dispatch.h opacket.h ssherr.h 102progressmeter.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h progressmeter.h atomicio.h misc.h
104platform-misc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h 103readconf.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/glob.h xmalloc.h ssh.h ssherr.h compat.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h pathnames.h log.h sshkey.h misc.h readconf.h match.h kex.h mac.h uidswap.h
105platform-pledge.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h 104readconf.o: myproposal.h digest.h
106platform-tracing.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h log.h 105readpass.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h misc.h pathnames.h log.h ssh.h uidswap.h
107platform.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h log.h misc.h servconf.h key.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h 106rijndael.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h rijndael.h
108poly1305.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h poly1305.h 107sandbox-capsicum.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
109progressmeter.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h progressmeter.h atomicio.h misc.h 108sandbox-darwin.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
110readconf.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h openbsd-compat/glob.h xmalloc.h ssh.h compat.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h pathnames.h log.h sshkey.h misc.h readconf.h match.h kex.h mac.h key.h 109sandbox-null.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
111readconf.o: uidswap.h myproposal.h digest.h 110sandbox-pledge.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
112readpass.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h xmalloc.h misc.h pathnames.h log.h ssh.h uidswap.h 111sandbox-rlimit.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
113rijndael.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h rijndael.h 112sandbox-seccomp-filter.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
114sandbox-capsicum.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h 113sandbox-solaris.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
115sandbox-darwin.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h 114sandbox-systrace.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
116sandbox-null.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h 115sc25519.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sc25519.h crypto_api.h
117sandbox-pledge.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h 116scp.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssh.h atomicio.h pathnames.h log.h misc.h progressmeter.h utf8.h
118sandbox-rlimit.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h 117servconf.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h log.h sshbuf.h misc.h servconf.h compat.h pathnames.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h sshkey.h kex.h mac.h match.h channels.h
119sandbox-seccomp-filter.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h 118servconf.o: groupaccess.h canohost.h packet.h dispatch.h opacket.h ssherr.h hostfile.h auth.h auth-pam.h audit.h loginrec.h myproposal.h digest.h
120sandbox-solaris.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h 119serverloop.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h packet.h dispatch.h opacket.h sshbuf.h log.h misc.h servconf.h canohost.h sshpty.h channels.h compat.h ssh2.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h
121sandbox-systrace.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h 120serverloop.o: cipher-aesctr.h rijndael.h kex.h mac.h hostfile.h auth.h auth-pam.h audit.h loginrec.h session.h auth-options.h serverloop.h ssherr.h
122sc25519.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h sc25519.h crypto_api.h 121session.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h sshpty.h packet.h dispatch.h opacket.h sshbuf.h ssherr.h match.h uidswap.h compat.h channels.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h
123scp.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h xmalloc.h ssh.h atomicio.h pathnames.h log.h misc.h progressmeter.h utf8.h
124servconf.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h openbsd-compat/sys-queue.h xmalloc.h ssh.h log.h misc.h servconf.h compat.h pathnames.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h key.h sshkey.h kex.h mac.h
125servconf.o: match.h channels.h groupaccess.h canohost.h packet.h dispatch.h opacket.h hostfile.h auth.h auth-pam.h audit.h loginrec.h myproposal.h digest.h
126serverloop.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h openbsd-compat/sys-queue.h xmalloc.h packet.h dispatch.h opacket.h log.h misc.h servconf.h canohost.h sshpty.h channels.h compat.h ssh2.h key.h sshkey.h cipher.h cipher-chachapoly.h chacha.h
127serverloop.o: poly1305.h cipher-aesctr.h rijndael.h kex.h mac.h hostfile.h auth.h auth-pam.h audit.h loginrec.h session.h auth-options.h serverloop.h ssherr.h
128session.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h sshpty.h packet.h dispatch.h opacket.h match.h uidswap.h compat.h channels.h key.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h
129session.o: cipher-aesctr.h rijndael.h hostfile.h auth.h auth-pam.h audit.h loginrec.h auth-options.h authfd.h pathnames.h log.h misc.h servconf.h sshlogin.h serverloop.h canohost.h session.h kex.h mac.h monitor_wrap.h sftp.h atomicio.h 122session.o: cipher-aesctr.h rijndael.h hostfile.h auth.h auth-pam.h audit.h loginrec.h auth-options.h authfd.h pathnames.h log.h misc.h servconf.h sshlogin.h serverloop.h canohost.h session.h kex.h mac.h monitor_wrap.h sftp.h atomicio.h
130sftp-client.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h openbsd-compat/sys-queue.h xmalloc.h ssherr.h log.h atomicio.h progressmeter.h misc.h utf8.h sftp.h sftp-common.h sftp-client.h openbsd-compat/glob.h 123sftp-client.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssherr.h sshbuf.h log.h atomicio.h progressmeter.h misc.h utf8.h sftp.h sftp-common.h sftp-client.h openbsd-compat/glob.h
131sftp-common.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h xmalloc.h ssherr.h log.h misc.h sftp.h sftp-common.h 124sftp-common.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h ssherr.h sshbuf.h log.h misc.h sftp.h sftp-common.h
132sftp-glob.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h xmalloc.h sftp.h sftp-common.h sftp-client.h openbsd-compat/glob.h 125sftp-glob.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h sftp.h sftp-common.h sftp-client.h openbsd-compat/glob.h
133sftp-server-main.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h log.h sftp.h misc.h xmalloc.h 126sftp-server-main.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h sftp.h misc.h xmalloc.h
134sftp-server.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h xmalloc.h ssherr.h log.h misc.h match.h uidswap.h sftp.h sftp-common.h 127sftp-server.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h sshbuf.h ssherr.h log.h misc.h match.h uidswap.h sftp.h sftp-common.h
135sftp.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h xmalloc.h log.h pathnames.h misc.h utf8.h sftp.h ssherr.h sftp-common.h sftp-client.h openbsd-compat/glob.h 128sftp.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h log.h pathnames.h misc.h utf8.h sftp.h ssherr.h sshbuf.h sftp-common.h sftp-client.h openbsd-compat/glob.h
136ssh-add.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h openbsd-compat/openssl-compat.h xmalloc.h ssh.h log.h sshkey.h authfd.h authfile.h pathnames.h misc.h ssherr.h digest.h 129ssh-add.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/openssl-compat.h xmalloc.h ssh.h log.h sshkey.h sshbuf.h authfd.h authfile.h pathnames.h misc.h ssherr.h digest.h
137ssh-agent.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h openbsd-compat/sys-queue.h xmalloc.h ssh.h sshkey.h authfd.h compat.h log.h misc.h digest.h ssherr.h match.h 130ssh-agent.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h sshbuf.h sshkey.h authfd.h compat.h log.h misc.h digest.h ssherr.h match.h
138ssh-dss.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h 131ssh-dss.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
139ssh-ecdsa.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h 132ssh-ecdsa.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
140ssh-ed25519.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h crypto_api.h log.h sshkey.h ssherr.h ssh.h 133ssh-ed25519.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h crypto_api.h log.h sshbuf.h sshkey.h ssherr.h ssh.h
141ssh-keygen.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h xmalloc.h sshkey.h authfile.h uuencode.h pathnames.h log.h misc.h match.h hostfile.h dns.h ssh.h ssh2.h ssherr.h ssh-pkcs11.h atomicio.h krl.h digest.h utf8.h authfd.h 134ssh-keygen.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h sshkey.h authfile.h uuencode.h sshbuf.h pathnames.h log.h misc.h match.h hostfile.h dns.h ssh.h ssh2.h ssherr.h ssh-pkcs11.h atomicio.h krl.h digest.h utf8.h authfd.h
142ssh-keyscan.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h openbsd-compat/sys-queue.h xmalloc.h ssh.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h kex.h mac.h key.h compat.h myproposal.h packet.h dispatch.h 135ssh-keyscan.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h sshbuf.h sshkey.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h kex.h mac.h compat.h myproposal.h packet.h dispatch.h opacket.h log.h
143ssh-keyscan.o: opacket.h log.h atomicio.h misc.h hostfile.h ssherr.h ssh_api.h ssh2.h dns.h 136ssh-keyscan.o: atomicio.h misc.h hostfile.h ssherr.h ssh_api.h ssh2.h dns.h
144ssh-keysign.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h xmalloc.h log.h sshkey.h ssh.h ssh2.h misc.h authfile.h msg.h canohost.h pathnames.h readconf.h uidswap.h ssherr.h 137ssh-keysign.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h log.h sshkey.h ssh.h ssh2.h misc.h sshbuf.h authfile.h msg.h canohost.h pathnames.h readconf.h uidswap.h ssherr.h
145ssh-pkcs11-client.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h 138ssh-pkcs11-client.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
146ssh-pkcs11-helper.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h openbsd-compat/sys-queue.h xmalloc.h log.h misc.h sshkey.h authfd.h ssh-pkcs11.h ssherr.h 139ssh-pkcs11-helper.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h sshbuf.h log.h misc.h sshkey.h authfd.h ssh-pkcs11.h ssherr.h
147ssh-pkcs11.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h 140ssh-pkcs11.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
148ssh-rsa.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h 141ssh-rsa.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
149ssh-xmss.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h 142ssh-xmss.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
150ssh.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h openbsd-compat/openssl-compat.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h canohost.h compat.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h digest.h packet.h 143ssh.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/openssl-compat.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h canohost.h compat.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h digest.h packet.h dispatch.h opacket.h
151ssh.o: dispatch.h opacket.h channels.h key.h sshkey.h authfd.h authfile.h pathnames.h clientloop.h log.h misc.h readconf.h sshconnect.h kex.h mac.h sshpty.h match.h msg.h uidswap.h version.h ssherr.h myproposal.h utf8.h 144ssh.o: sshbuf.h channels.h sshkey.h authfd.h authfile.h pathnames.h clientloop.h log.h misc.h readconf.h sshconnect.h kex.h mac.h sshpty.h match.h msg.h version.h ssherr.h myproposal.h utf8.h
152ssh_api.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h ssh_api.h openbsd-compat/sys-queue.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h sshkey.h kex.h mac.h key.h ssh.h ssh2.h packet.h dispatch.h opacket.h compat.h 145ssh_api.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssh_api.h openbsd-compat/sys-queue.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h sshkey.h kex.h mac.h ssh.h ssh2.h packet.h dispatch.h opacket.h compat.h log.h authfile.h misc.h
153ssh_api.o: log.h authfile.h misc.h version.h myproposal.h ssherr.h 146ssh_api.o: version.h myproposal.h ssherr.h sshbuf.h
154sshbuf-getput-basic.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h ssherr.h 147sshbuf-getput-basic.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssherr.h sshbuf.h
155sshbuf-getput-crypto.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h ssherr.h 148sshbuf-getput-crypto.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssherr.h sshbuf.h
156sshbuf-misc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h ssherr.h 149sshbuf-misc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssherr.h sshbuf.h
157sshbuf.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h ssherr.h misc.h 150sshbuf.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssherr.h sshbuf.h misc.h
158sshconnect.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h xmalloc.h key.h sshkey.h hostfile.h ssh.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h uidswap.h compat.h sshconnect.h log.h misc.h readconf.h atomicio.h dns.h monitor_fdpass.h 151sshconnect.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h hostfile.h ssh.h sshbuf.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h compat.h sshkey.h sshconnect.h log.h misc.h readconf.h atomicio.h dns.h monitor_fdpass.h ssh2.h version.h authfile.h
159sshconnect.o: ssh2.h version.h authfile.h ssherr.h authfd.h 152sshconnect.o: ssherr.h authfd.h
160sshconnect2.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h packet.h dispatch.h opacket.h compat.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h key.h sshkey.h kex.h mac.h 153sshconnect2.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h sshbuf.h packet.h dispatch.h opacket.h compat.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h sshkey.h kex.h mac.h myproposal.h
161sshconnect2.o: myproposal.h sshconnect.h authfile.h dh.h authfd.h log.h misc.h readconf.h match.h canohost.h msg.h pathnames.h uidswap.h hostfile.h ssherr.h utf8.h 154sshconnect2.o: sshconnect.h authfile.h dh.h authfd.h log.h misc.h readconf.h match.h canohost.h msg.h pathnames.h uidswap.h hostfile.h ssherr.h utf8.h
162sshd.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h ./openbsd-compat/sys-tree.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h sshpty.h packet.h dispatch.h opacket.h log.h misc.h match.h servconf.h uidswap.h compat.h cipher.h cipher-chachapoly.h 155sshd.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ./openbsd-compat/sys-tree.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h sshpty.h packet.h dispatch.h opacket.h log.h sshbuf.h misc.h match.h servconf.h uidswap.h compat.h cipher.h cipher-chachapoly.h chacha.h
163sshd.o: chacha.h poly1305.h cipher-aesctr.h rijndael.h digest.h key.h sshkey.h kex.h mac.h myproposal.h authfile.h pathnames.h atomicio.h canohost.h hostfile.h auth.h auth-pam.h audit.h loginrec.h authfd.h msg.h channels.h session.h monitor.h monitor_wrap.h ssh-sandbox.h auth-options.h version.h ssherr.h 156sshd.o: poly1305.h cipher-aesctr.h rijndael.h digest.h sshkey.h kex.h mac.h myproposal.h authfile.h pathnames.h atomicio.h canohost.h hostfile.h auth.h auth-pam.h audit.h loginrec.h authfd.h msg.h channels.h session.h monitor.h monitor_wrap.h ssh-sandbox.h auth-options.h version.h ssherr.h
164ssherr.o: ssherr.h 157ssherr.o: ssherr.h
165sshkey-xmss.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h 158sshkey-xmss.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
166sshkey.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h crypto_api.h ssh2.h ssherr.h misc.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h digest.h sshkey.h sshkey-xmss.h match.h xmss_fast.h 159sshkey.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h crypto_api.h ssh2.h ssherr.h misc.h sshbuf.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h digest.h sshkey.h sshkey-xmss.h match.h xmss_fast.h
167sshlogin.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h loginrec.h log.h misc.h servconf.h 160sshlogin.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshlogin.h ssherr.h loginrec.h log.h sshbuf.h misc.h servconf.h
168sshpty.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h sshpty.h log.h misc.h 161sshpty.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshpty.h log.h misc.h
169sshtty.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h sshpty.h 162sshtty.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshpty.h
170ttymodes.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h log.h compat.h ttymodes.h 163ttymodes.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h log.h compat.h sshbuf.h ssherr.h ttymodes.h
171uidswap.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h log.h uidswap.h xmalloc.h 164uidswap.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h uidswap.h xmalloc.h
172umac.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h xmalloc.h umac.h misc.h rijndael.h 165umac.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h umac.h misc.h rijndael.h
173umac128.o: umac.c includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h xmalloc.h umac.h misc.h rijndael.h 166umac128.o: umac.c includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h umac.h misc.h rijndael.h
174utf8.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h utf8.h 167utf8.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h utf8.h
175uuencode.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h xmalloc.h uuencode.h 168uuencode.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h uuencode.h
176verify.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h crypto_api.h 169verify.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h crypto_api.h
177xmalloc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h xmalloc.h log.h 170xmalloc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h log.h
178xmss_commons.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h 171xmss_commons.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
179xmss_fast.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h 172xmss_fast.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
180xmss_hash.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h 173xmss_hash.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
181xmss_hash_address.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h 174xmss_hash_address.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
182xmss_wots.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h buffer.h sshbuf.h 175xmss_wots.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
diff --git a/.skipped-commit-ids b/.skipped-commit-ids
index b51baf90d..b94cadf1c 100644
--- a/.skipped-commit-ids
+++ b/.skipped-commit-ids
@@ -2,6 +2,8 @@
2a337e886a49f96701ccbc4832bed086a68abfa85 Makefile changes 2a337e886a49f96701ccbc4832bed086a68abfa85 Makefile changes
3f2c9feb26963615c4fece921906cf72e248b61ee more Makefile 3f2c9feb26963615c4fece921906cf72e248b61ee more Makefile
4fa728823ba21c4b45212750e1d3a4b2086fd1a62 more Makefile refactoring 4fa728823ba21c4b45212750e1d3a4b2086fd1a62 more Makefile refactoring
51de0e85522051eb2ffa00437e1885e9d7b3e0c2e moduli update
6814b2f670df75759e1581ecef530980b2b3d7e0f remove redundant make defs
5 7
6Old upstream tree: 8Old upstream tree:
7 9
diff --git a/ChangeLog b/ChangeLog
index bb729917c..6d7a7d265 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,1866 @@
1commit 71508e06fab14bc415a79a08f5535ad7bffa93d9
2Author: Damien Miller <djm@mindrot.org>
3Date: Thu Aug 23 15:41:42 2018 +1000
4
5 shorten temporary SSH_REGRESS_TMP path
6
7 Previous path was exceeding max socket length on at least one platform (OSX)
8
9commit 26739cf5bdc9030a583b41ae5261dedd862060f0
10Author: Damien Miller <djm@mindrot.org>
11Date: Thu Aug 23 13:06:02 2018 +1000
12
13 rebuild dependencies
14
15commit ff729025c7463cf5d0a8d1ca1823306e48c6d4cf
16Author: Damien Miller <djm@mindrot.org>
17Date: Thu Aug 23 13:03:32 2018 +1000
18
19 fix path in distclean target
20
21 Patch from Jakub Jelen
22
23commit 7fef173c28f7462dcd8ee017fdf12b5073f54c02
24Author: djm@openbsd.org <djm@openbsd.org>
25Date: Thu Aug 23 03:01:08 2018 +0000
26
27 upstream: memleak introduced in r1.83; from Colin Watson
28
29 OpenBSD-Commit-ID: 5c019104c280cbd549a264a7217b67665e5732dc
30
31commit b8ae02a2896778b8984c7f51566c7f0f56fa8b56
32Author: schwarze@openbsd.org <schwarze@openbsd.org>
33Date: Tue Aug 21 13:56:27 2018 +0000
34
35 upstream: AIX reports the CODESET as "ISO8859-1" in the POSIX locale.
36
37 Treating that as a safe encoding is OK because even when other systems return
38 that string for real ISO8859-1, it is still safe in the sense that it is
39 ASCII-compatible and stateless.
40
41 Issue reported by Val dot Baranov at duke dot edu. Additional
42 information provided by Michael dot Felt at felt dot demon dot nl.
43 Tested by Michael Felt on AIX 6.1 and by Val Baranov on AIX 7.1.
44 Tweak and OK djm@.
45
46 OpenBSD-Commit-ID: 36f1210e0b229817d10eb490d6038f507b8256a7
47
48commit bc44ee088ad269d232e514f037c87ada4c2fd3f0
49Author: Tim Rice <tim@multitalents.net>
50Date: Tue Aug 21 08:57:24 2018 -0700
51
52 modified: openbsd-compat/port-uw.c
53 remove obsolete and un-needed include
54
55commit 829fc28a9c54e3f812ee7248c7a3e31eeb4f0b3a
56Author: Damien Miller <djm@mindrot.org>
57Date: Mon Aug 20 15:57:29 2018 +1000
58
59 Missing unistd.h for regress/mkdtemp.c
60
61commit c8313e492355a368a91799131520d92743d8d16c
62Author: Damien Miller <djm@mindrot.org>
63Date: Fri Aug 17 05:45:20 2018 +1000
64
65 update version numbers in anticipation of release
66
67commit 477b49a34b89f506f4794b35e3c70b3e2e83cd38
68Author: Corinna Vinschen <vinschen@redhat.com>
69Date: Mon Aug 13 17:08:51 2018 +0200
70
71 configure: work around GCC shortcoming on Cygwin
72
73 Cygwin's latest 7.x GCC allows to specify -mfunction-return=thunk
74 as well as -mindirect-branch=thunk on the command line, albeit
75 producing invalid code, leading to an error at link stage.
76
77 The check in configure.ac only checks if the option is present,
78 but not if it produces valid code.
79
80 This patch fixes it by special-casing Cygwin. Another solution
81 may be to change these to linker checks.
82
83 Signed-off-by: Corinna Vinschen <vinschen@redhat.com>
84
85commit b0917945efa374be7648d67dbbaaff323ab39edc
86Author: Corinna Vinschen <vinschen@redhat.com>
87Date: Mon Aug 13 17:05:05 2018 +0200
88
89 cygwin: add missing stdarg.h include
90
91 Further header file standarization in Cygwin uncovered a lazy
92 indirect include in bsd-cygwin_util.c
93
94 Signed-off-by: Corinna Vinschen <vinschen@redhat.com>
95
96commit c3903c38b0fd168ab3d925c2b129d1a599593426
97Author: djm@openbsd.org <djm@openbsd.org>
98Date: Mon Aug 13 02:41:05 2018 +0000
99
100 upstream: revert compat.[ch] section of the following change. It
101
102 causes double-free under some circumstances.
103
104 --
105
106 date: 2018/07/31 03:07:24; author: djm; state: Exp; lines: +33 -18; commitid: f7g4UI8eeOXReTPh;
107 fix some memory leaks spotted by Coverity via Jakub Jelen in bz#2366
108 feedback and ok dtucker@
109
110 OpenBSD-Commit-ID: 1e77547f60fdb5e2ffe23e2e4733c54d8d2d1137
111
112commit 1b9dd4aa15208100fbc3650f33ea052255578282
113Author: djm@openbsd.org <djm@openbsd.org>
114Date: Sun Aug 12 20:19:13 2018 +0000
115
116 upstream: better diagnosics on alg list assembly errors; ok
117
118 deraadt@ markus@
119
120 OpenBSD-Commit-ID: 5a557e74b839daf13cc105924d2af06a1560faee
121
122commit e36a5f61b0f5bebf6d49c215d228cd99dfe86e28
123Author: Damien Miller <djm@mindrot.org>
124Date: Sat Aug 11 18:08:45 2018 -0700
125
126 Some AIX fixes; report from Michael Felt
127
128commit 2f4766ceefe6657c5ad5fe92d13c411872acae0e
129Author: dtucker@openbsd.org <dtucker@openbsd.org>
130Date: Fri Aug 10 01:35:49 2018 +0000
131
132 upstream: The script that cooks up PuTTY format host keys does not
133
134 understand the new key format so convert back to old format to create the
135 PuTTY key and remove it once done.
136
137 OpenBSD-Regress-ID: 2a449a18846c3a144bc645135b551ba6177e38d3
138
139commit e1b26ce504662a5d5b991091228984ccfd25f280
140Author: djm@openbsd.org <djm@openbsd.org>
141Date: Fri Aug 10 00:44:01 2018 +0000
142
143 upstream: improve
144
145 OpenBSD-Commit-ID: 40d839db0977b4e7ac8b647b16d5411d4faf2f60
146
147commit 7c712966a3139622f7fb55045368d05de4e6782c
148Author: djm@openbsd.org <djm@openbsd.org>
149Date: Fri Aug 10 00:42:29 2018 +0000
150
151 upstream: Describe pubkey format, prompted by bz#2853
152
153 While I'm here, describe and link to the remaining local PROTOCOL.*
154 docs that weren't already mentioned (PROTOCOL.key, PROTOCOL.krl and
155 PROTOCOL.mux)
156
157 OpenBSD-Commit-ID: 2a900f9b994ba4d53e7aeb467d44d75829fd1231
158
159commit ef100a2c5a8ed83afac0b8f36520815803da227a
160Author: djm@openbsd.org <djm@openbsd.org>
161Date: Fri Aug 10 00:27:15 2018 +0000
162
163 upstream: fix numbering
164
165 OpenBSD-Commit-ID: bc7a1764dff23fa4c5ff0e3379c9c4d5b63c9596
166
167commit ed7bd5d93fe14c7bd90febd29b858ea985d14d45
168Author: djm@openbsd.org <djm@openbsd.org>
169Date: Wed Aug 8 01:16:01 2018 +0000
170
171 upstream: Use new private key format by default. This format is
172
173 suported by OpenSSH >= 6.5 (released January 2014), so it should be supported
174 by most OpenSSH versions in active use.
175
176 It is possible to convert new-format private keys to the older
177 format using "ssh-keygen -f /path/key -pm PEM".
178
179 ok deraadt dtucker
180
181 OpenBSD-Commit-ID: e3bd4f2509a2103bfa2f710733426af3ad6d8ab8
182
183commit 967226a1bdde59ea137e8f0df871854ff7b91366
184Author: djm@openbsd.org <djm@openbsd.org>
185Date: Sat Aug 4 00:55:06 2018 +0000
186
187 upstream: invalidate dh->priv_key after freeing it in error path;
188
189 avoids unlikely double-free later. Reported by Viktor Dukhovni via
190 https://github.com/openssh/openssh-portable/pull/96 feedback jsing@ tb@
191
192 OpenBSD-Commit-ID: e317eb17c3e05500ae851f279ef6486f0457c805
193
194commit 74287f5df9966a0648b4a68417451dd18f079ab8
195Author: djm@openbsd.org <djm@openbsd.org>
196Date: Tue Jul 31 03:10:27 2018 +0000
197
198 upstream: delay bailout for invalid authentic
199
200 =?UTF-8?q?ating=20user=20until=20after=20the=20packet=20containing=20the?=
201 =?UTF-8?q?=20request=20has=20been=20fully=20parsed.=20Reported=20by=20Dar?=
202 =?UTF-8?q?iusz=20Tytko=20and=20Micha=C5=82=20Sajdak;=20ok=20deraadt?=
203 MIME-Version: 1.0
204 Content-Type: text/plain; charset=UTF-8
205 Content-Transfer-Encoding: 8bit
206
207 OpenBSD-Commit-ID: b4891882fbe413f230fe8ac8a37349b03bd0b70d
208
209commit 1a66079c0669813306cc69e5776a4acd9fb49015
210Author: djm@openbsd.org <djm@openbsd.org>
211Date: Tue Jul 31 03:07:24 2018 +0000
212
213 upstream: fix some memory leaks spotted by Coverity via Jakub Jelen
214
215 in bz#2366 feedback and ok dtucker@
216
217 OpenBSD-Commit-ID: 8402bbae67d578bedbadb0ce68ff7c5a136ef563
218
219commit 87f08be054b7eeadbb9cdeb3fb4872be79ccf218
220Author: Damien Miller <djm@mindrot.org>
221Date: Fri Jul 20 13:18:28 2018 +1000
222
223 Remove support for S/Key
224
225 Most people will 1) be using modern multi-factor authentication methods
226 like TOTP/OATH etc and 2) be getting support for multi-factor
227 authentication via PAM or BSD Auth.
228
229commit 5d14019ba2ff54acbfd20a6b9b96bb860a8c7c31
230Author: markus@openbsd.org <markus@openbsd.org>
231Date: Fri Jul 27 12:03:17 2018 +0000
232
233 upstream: avoid expensive channel_open_message() calls; ok djm@
234
235 OpenBSD-Commit-ID: aea3b5512ad681cd8710367d743e8a753d4425d9
236
237commit e655ee04a3cb7999dbf9641b25192353e2b69418
238Author: dtucker@openbsd.org <dtucker@openbsd.org>
239Date: Fri Jul 27 05:34:42 2018 +0000
240
241 upstream: Now that ssh can't be setuid, remove the
242
243 original_real_uid and original_effective_uid globals and replace with calls
244 to plain getuid(). ok djm@
245
246 OpenBSD-Commit-ID: 92561c0cd418d34e6841e20ba09160583e27b68c
247
248commit 73ddb25bae4c33a0db361ac13f2e3a60d7c6c4a5
249Author: dtucker@openbsd.org <dtucker@openbsd.org>
250Date: Fri Jul 27 05:13:02 2018 +0000
251
252 upstream: Remove uid checks from low port binds. Now that ssh
253
254 cannot be setuid and sshd always has privsep on, we can remove the uid checks
255 for low port binds and just let the system do the check. We leave a sanity
256 check for the !privsep case so long as the code is stil there. with & ok
257 djm@
258
259 OpenBSD-Commit-ID: 9535cfdbd1cd54486fdbedfaee44ce4367ec7ca0
260
261commit c12033e102760d043bc5c98e6c8180e4d331b0df
262Author: dtucker@openbsd.org <dtucker@openbsd.org>
263Date: Fri Jul 27 03:55:22 2018 +0000
264
265 upstream: ssh(1) no longer supports being setuid root. Remove reference
266
267 to crc32 which went with protocol 1. Pointed out by deraadt@.
268
269 OpenBSD-Commit-ID: f8763c25fd96ed91dd1abdab5667fd2e27e377b6
270
271commit 4492e2ec4e1956a277ef507f51d66e5c2aafaaf8
272Author: Damien Miller <djm@mindrot.org>
273Date: Fri Jul 27 14:15:28 2018 +1000
274
275 correct snprintf truncation check in closefrom()
276
277 Truncation cannot happen unless the system has set PATH_MAX to some
278 nonsensically low value.
279
280 bz#2862, patch from Daniel Le
281
282commit 149cab325a8599a003364ed833f878449c15f259
283Author: Darren Tucker <dtucker@dtucker.net>
284Date: Fri Jul 27 13:46:06 2018 +1000
285
286 Include stdarg.h in mkdtemp for va_list.
287
288commit 6728f31bdfdc864d192773c32465b1860e23f556
289Author: deraadt@openbsd.org <deraadt@openbsd.org>
290Date: Wed Jul 25 17:12:35 2018 +0000
291
292 upstream: Don't redefine Makefile choices which come correct from
293
294 bsd.*.mk ok markus
295
296 OpenBSD-Commit-ID: 814b2f670df75759e1581ecef530980b2b3d7e0f
297
298commit 21fd477a855753c1a8e450963669e28e39c3b5d2
299Author: deraadt@openbsd.org <deraadt@openbsd.org>
300Date: Wed Jul 25 13:56:23 2018 +0000
301
302 upstream: fix indent; Clemens Goessnitzer
303
304 OpenBSD-Commit-ID: b5149a6d92b264d35f879d24608087b254857a83
305
306commit 8e433c2083db8664c41499ee146448ea7ebe7dbf
307Author: beck@openbsd.org <beck@openbsd.org>
308Date: Wed Jul 25 13:10:56 2018 +0000
309
310 upstream: Use the caller provided (copied) pwent struct in
311
312 load_public_identity_files instead of calling getpwuid() again and discarding
313 the argument. This prevents a client crash where tilde_expand_filename calls
314 getpwuid() again before the pwent pointer is used. Issue noticed and reported
315 by Pierre-Olivier Martel <pom@apple.com> ok djm@ deraadt@
316
317 OpenBSD-Commit-ID: a067d74b5b098763736c94cc1368de8ea3f0b157
318
319commit e2127abb105ae72b6fda64fff150e6b24b3f1317
320Author: jmc@openbsd.org <jmc@openbsd.org>
321Date: Mon Jul 23 19:53:55 2018 +0000
322
323 upstream: oops, failed to notice that SEE ALSO got messed up;
324
325 OpenBSD-Commit-ID: 61c1306542cefdc6e59ac331751afe961557427d
326
327commit ddf1b797c2d26bbbc9d410aa4f484cbe94673587
328Author: kn@openbsd.org <kn@openbsd.org>
329Date: Mon Jul 23 19:02:49 2018 +0000
330
331 upstream: Point to glob in section 7 for the actual list of special
332
333 characters instead the C API in section 3.
334
335 OK millert jmc nicm, "the right idea" deraadt
336
337 OpenBSD-Commit-ID: a74fd215488c382809e4d041613aeba4a4b1ffc6
338
339commit 01c98d9661d0ed6156e8602b650f72eed9fc4d12
340Author: dtucker@openbsd.org <dtucker@openbsd.org>
341Date: Sun Jul 22 12:16:59 2018 +0000
342
343 upstream: Switch authorized_keys example from ssh-dss to ssh-rsa
344
345 since the former is no longer enabled by default. Pointed out by Daniel A.
346 Maierhofer, ok jmc
347
348 OpenBSD-Commit-ID: 6a196cef53d7524e0c9b58cdbc1b5609debaf8c7
349
350commit 472269f8fe19343971c2d08f504ab5cbb8234b33
351Author: djm@openbsd.org <djm@openbsd.org>
352Date: Fri Jul 20 05:01:10 2018 +0000
353
354 upstream: slightly-clearer description for AuthenticationMethods - the
355
356 lists have comma-separated elements; bz#2663 from Hans Meier
357
358 OpenBSD-Commit-ID: 931c983d0fde4764d0942fb2c2b5017635993b5a
359
360commit c59aca8adbdf7f5597084ad360a19bedb3f80970
361Author: Damien Miller <djm@mindrot.org>
362Date: Fri Jul 20 14:53:42 2018 +1000
363
364 Create control sockets in clean temp directories
365
366 Adds a regress/mkdtemp tool and uses it to create empty temp
367 directories for tests needing control sockets.
368
369 Patch from Colin Watson via bz#2660; ok dtucker
370
371commit 6ad8648e83e4f4ace37b742a05c2a6b6b872514e
372Author: djm@openbsd.org <djm@openbsd.org>
373Date: Fri Jul 20 03:46:34 2018 +0000
374
375 upstream: remove unused zlib.h
376
377 OpenBSD-Commit-ID: 8d274a9b467c7958df12668b49144056819f79f1
378
379commit 3ba6e6883527fe517b6e4a824876e2fe62af22fc
380Author: dtucker@openbsd.org <dtucker@openbsd.org>
381Date: Thu Jul 19 23:03:16 2018 +0000
382
383 upstream: Fix typo in comment. From Alexandru Iacob via github.
384
385 OpenBSD-Commit-ID: eff4ec07c6c8c5483533da43a4dda37d72ef7f1d
386
387commit c77bc73c91bc656e343a1961756e09dd1b170820
388Author: Darren Tucker <dtucker@dtucker.net>
389Date: Fri Jul 20 13:48:51 2018 +1000
390
391 Explicitly include openssl before zlib.
392
393 Some versions of OpenSSL have "free_func" in their headers, which zlib
394 typedefs. Including openssl after zlib (eg via sshkey.h) results in
395 "syntax error before `free_func'", which this fixes.
396
397commit 95d41e90eafcd1286a901e8e361e4a37b98aeb52
398Author: dtucker@openbsd.org <dtucker@openbsd.org>
399Date: Thu Jul 19 10:28:47 2018 +0000
400
401 upstream: Deprecate UsePrivilegedPort now that support for running
402
403 ssh(1) setuid has been removed, remove supporting code and clean up
404 references to it in the man pages
405
406 We have not shipped ssh(1) the setuid bit since 2002. If ayone
407 really needs to make connections from a low port number this can
408 be implemented via a small setuid ProxyCommand.
409
410 ok markus@ jmc@ djm@
411
412 OpenBSD-Commit-ID: d03364610b7123ae4c6792f5274bd147b6de717e
413
414commit 258dc8bb07dfb35a46e52b0822a2c5b7027df60a
415Author: dtucker@openbsd.org <dtucker@openbsd.org>
416Date: Wed Jul 18 11:34:04 2018 +0000
417
418 upstream: Remove support for running ssh(1) setuid and fatal if
419
420 attempted. Do not link uidwap.c into ssh any more. Neuters
421 UsePrivilegedPort, which will be marked as deprecated shortly. ok markus@
422 djm@
423
424 OpenBSD-Commit-ID: c4ba5bf9c096f57a6ed15b713a1d7e9e2e373c42
425
426commit ac590760b251506b0a152551abbf8e8d6dc2f527
427Author: dtucker@openbsd.org <dtucker@openbsd.org>
428Date: Mon Jul 16 22:25:01 2018 +0000
429
430 upstream: Slot 0 in the hostbased key array was previously RSA1,
431
432 but that is now gone and the slot is unused so remove it. Remove two
433 now-unused macros, and add an array bounds check to the two remaining ones
434 (array is statically sized, so mostly a safety check on future changes). ok
435 markus@
436
437 OpenBSD-Commit-ID: 2e4c0ca6cc1d8daeccead2aa56192a3f9d5e1e7a
438
439commit 26efc2f5df0e3bcf6a6bbdd0506fd682d60c2145
440Author: dtucker@openbsd.org <dtucker@openbsd.org>
441Date: Mon Jul 16 11:05:41 2018 +0000
442
443 upstream: Remove support for loading HostBasedAuthentication keys
444
445 directly in ssh(1) and always use ssh-keysign. This removes one of the few
446 remaining reasons why ssh(1) might be setuid. ok markus@
447
448 OpenBSD-Commit-ID: 97f01e1448707129a20d75f86bad5d27c3cf0b7d
449
450commit 3eb7f1038d17af7aea3c2c62d1e30cd545607640
451Author: djm@openbsd.org <djm@openbsd.org>
452Date: Mon Jul 16 07:06:50 2018 +0000
453
454 upstream: keep options.identity_file_userprovided array in sync when we
455
456 load keys, fixing some spurious error messages; ok markus
457
458 OpenBSD-Commit-ID: c63e3d5200ee2cf9e35bda98de847302566c6a00
459
460commit 2f131e1b34502aa19f345e89cabf6fa3fc097f09
461Author: djm@openbsd.org <djm@openbsd.org>
462Date: Mon Jul 16 03:09:59 2018 +0000
463
464 upstream: memleak in unittest; found by valgrind
465
466 OpenBSD-Regress-ID: 168c23b0fb09fc3d0b438628990d3fd9260a8a5e
467
468commit de2997a4cf22ca0a524f0e5b451693c583e2fd89
469Author: djm@openbsd.org <djm@openbsd.org>
470Date: Mon Jul 16 03:09:13 2018 +0000
471
472 upstream: memleaks; found by valgrind
473
474 OpenBSD-Commit-ID: 6c3ba22be53e753c899545f771e8399fc93cd844
475
476commit 61cc0003eb37fa07603c969c12b7c795caa498f3
477Author: Darren Tucker <dtucker@dtucker.net>
478Date: Sat Jul 14 16:49:01 2018 +1000
479
480 Undef a few new macros in sys-queue.h.
481
482 Prevents macro redefinition warnings on OSX.
483
484commit 30a2c213877a54a44dfdffb6ca8db70be5b457e0
485Author: Darren Tucker <dtucker@dtucker.net>
486Date: Fri Jul 13 13:40:20 2018 +1000
487
488 Include unistd.h for geteuid declaration.
489
490commit 1dd32c23f2a85714dfafe2a9cc516971d187caa4
491Author: Darren Tucker <dtucker@dtucker.net>
492Date: Fri Jul 13 13:38:10 2018 +1000
493
494 Fallout from buffer conversion in AUDIT_EVENTS.
495
496 Supply missing "int r" and fix error path for sshbuf_new().
497
498commit 7449c178e943e5c4f6c8416a4e41d93b70c11c9e
499Author: djm@openbsd.org <djm@openbsd.org>
500Date: Fri Jul 13 02:13:50 2018 +0000
501
502 upstream: make this use ssh_proxy rather than starting/stopping a
503
504 daemon for each testcase
505
506 OpenBSD-Regress-ID: 608b7655ea65b1ba8fff5a13ce9caa60ef0c8166
507
508commit dbab02f9208d9baa134cec1d007054ec82b96ca9
509Author: djm@openbsd.org <djm@openbsd.org>
510Date: Fri Jul 13 02:13:19 2018 +0000
511
512 upstream: fix leaks in unit test; with this, all unit tests are
513
514 leak free (as far as valgrind can spot anyway)
515
516 OpenBSD-Regress-ID: b824d8b27998365379963440e5d18b95ca03aa17
517
518commit 2f6accff5085eb79b0dbe262d8b85ed017d1a51c
519Author: Damien Miller <djm@mindrot.org>
520Date: Fri Jul 13 11:39:25 2018 +1000
521
522 Enable leak checks for unit tests with valgrind
523
524 Leave the leak checking on unconditionally when running with valgrind.
525 The unit tests are leak-free and I want them to stay that way.
526
527commit e46cfbd9db5e907b821bf4fd0184d4dab99815ee
528Author: Damien Miller <djm@mindrot.org>
529Date: Fri Jul 13 11:38:59 2018 +1000
530
531 increase timeout to match cfgmatch.sh
532
533 lets test pass under valgrind (on my workstation at least)
534
535commit 6aa1bf475cf3e7a2149acc5a1e80e904749f064c
536Author: Damien Miller <djm@mindrot.org>
537Date: Thu Jul 12 14:54:18 2018 +1000
538
539 rm regress/misc/kexfuzz/*.o in distclean target
540
541commit eef1447ddb559c03725a23d4aa6d03f40e8b0049
542Author: Damien Miller <djm@mindrot.org>
543Date: Thu Jul 12 14:49:26 2018 +1000
544
545 repair !WITH_OPENSSL build
546
547commit 4d3b2f36fd831941d1627ac587faae37b6d3570f
548Author: Damien Miller <djm@mindrot.org>
549Date: Thu Jul 12 14:49:14 2018 +1000
550
551 missing headers
552
553commit 3f420a692b293921216549c1099c2e46ff284eae
554Author: Darren Tucker <dtucker@dtucker.net>
555Date: Thu Jul 12 14:57:46 2018 +1000
556
557 Remove key.h from portable files too.
558
559 Commit 5467fbcb removed key.h so stop including it in portable files
560 too. Fixes builds on lots of platforms.
561
562commit e2c4af311543093f16005c10044f7e06af0426f0
563Author: djm@openbsd.org <djm@openbsd.org>
564Date: Thu Jul 12 04:35:25 2018 +0000
565
566 upstream: remove prototype to long-gone function
567
568 OpenBSD-Commit-ID: 0414642ac7ce01d176b9f359091a66a8bbb640bd
569
570commit 394a842e60674bf8ee5130b9f15b01452a0b0285
571Author: markus@openbsd.org <markus@openbsd.org>
572Date: Wed Jul 11 18:55:11 2018 +0000
573
574 upstream: treat ssh_packet_write_wait() errors as fatal; ok djm@
575
576 OpenBSD-Commit-ID: f88ba43c9d54ed2d911218aa8d3f6285430629c3
577
578commit 5467fbcb09528ecdcb914f4f2452216c24796790
579Author: markus@openbsd.org <markus@openbsd.org>
580Date: Wed Jul 11 18:53:29 2018 +0000
581
582 upstream: remove legacy key emulation layer; ok djm@
583
584 OpenBSD-Commit-ID: 2b1f9619259e222bbd4fe9a8d3a0973eafb9dd8d
585
586commit 5dc4c59d5441a19c99e7945779f7ec9051126c25
587Author: martijn@openbsd.org <martijn@openbsd.org>
588Date: Wed Jul 11 08:19:35 2018 +0000
589
590 upstream: s/wuth/with/ in comment
591
592 OpenBSD-Commit-ID: 9de41468afd75f54a7f47809d2ad664aa577902c
593
594commit 1c688801e9dd7f9889fb2a29bc2b6fbfbc35a11f
595Author: Darren Tucker <dtucker@dtucker.net>
596Date: Wed Jul 11 12:12:38 2018 +1000
597
598 Include stdlib.h for declaration of free.
599
600 Fixes build with -Werror on at least Fedora and probably others.
601
602commit fccfa239def497615f92ed28acc57cfe63da3666
603Author: Damien Miller <djm@mindrot.org>
604Date: Wed Jul 11 10:19:56 2018 +1000
605
606 VALGRIND_CHECK_LEAKS logic was backwards :(
607
608commit 416287d45fcde0a8e66eee8b99aa73bd58607588
609Author: Darren Tucker <dtucker@dtucker.net>
610Date: Wed Jul 11 10:10:26 2018 +1000
611
612 Fix sshbuf_new error path in skey.
613
614commit 7aab109b8b90a353c1af780524f1ac0d3af47bab
615Author: Darren Tucker <dtucker@dtucker.net>
616Date: Wed Jul 11 10:06:18 2018 +1000
617
618 Supply missing third arg in skey.
619
620 During the change to the new buffer api the third arg to
621 sshbuf_get_cstring was ommitted. Fixes build when configured with skey.
622
623commit 380320bb72cc353a901790ab04b6287fd335dc4a
624Author: Darren Tucker <dtucker@dtucker.net>
625Date: Wed Jul 11 10:03:34 2018 +1000
626
627 Supply some more missing "int r" in skey
628
629commit d20720d373d8563ee737d1a45dc5e0804d622dbc
630Author: Damien Miller <djm@mindrot.org>
631Date: Wed Jul 11 09:56:36 2018 +1000
632
633 disable valgrind memleak checking by default
634
635 Add VALGRIND_CHECK_LEAKS knob to turn it back on.
636
637commit 79c9d35018f3a5e30ae437880b669aa8636cd3cd
638Author: Darren Tucker <dtucker@dtucker.net>
639Date: Wed Jul 11 09:54:00 2018 +1000
640
641 Supply missing "int r" in skey code.
642
643commit 984bacfaacbbe31c35191b828fb5b5b2f0362c36
644Author: sf@openbsd.org <sf@openbsd.org>
645Date: Tue Jul 10 09:36:58 2018 +0000
646
647 upstream: re-remove some pre-auth compression bits
648
649 This time, make sure to not remove things that are necessary for
650 pre-auth compression on the client. Add a comment that pre-auth
651 compression is still supported in the client.
652
653 ok markus@
654
655 OpenBSD-Commit-ID: 282c6fec7201f18a5c333bbb68d9339734d2f784
656
657commit 120a1ec74e8d9d29f4eb9a27972ddd22351ddef9
658Author: Damien Miller <djm@mindrot.org>
659Date: Tue Jul 10 19:39:52 2018 +1000
660
661 Adapt portable to legacy buffer API removal
662
663commit 0f3958c1e6ffb8ea4ba27e2a97a00326fce23246
664Author: djm@openbsd.org <djm@openbsd.org>
665Date: Tue Jul 10 09:13:30 2018 +0000
666
667 upstream: kerberos/gssapi fixes for buffer removal
668
669 OpenBSD-Commit-ID: 1cdf56fec95801e4563c47f21696f04cd8b60c4c
670
671commit c74ae8e7c45f325f3387abd48fa7dfef07a08069
672Author: djm@openbsd.org <djm@openbsd.org>
673Date: Tue Jul 10 06:45:29 2018 +0000
674
675 upstream: buffer.[ch] and bufaux.c are no more
676
677 OpenBSD-Commit-ID: d1a1852284e554f39525eb4d4891b207cfb3d3a0
678
679commit a881e5a133d661eca923fb0633a03152ab2b70b2
680Author: djm@openbsd.org <djm@openbsd.org>
681Date: Tue Jul 10 06:43:52 2018 +0000
682
683 upstream: one mention of Buffer that almost got away :)
684
685 OpenBSD-Commit-ID: 30d7c27a90b4544ad5dfacf654595710cd499f02
686
687commit 49f47e656b60bcd1d1db98d88105295f4b4e600d
688Author: markus@openbsd.org <markus@openbsd.org>
689Date: Mon Jul 9 21:59:10 2018 +0000
690
691 upstream: replace cast with call to sshbuf_mutable_ptr(); ok djm@
692
693 OpenBSD-Commit-ID: 4dfe9d29fa93d9231645c89084f7217304f7ba29
694
695commit cb30cd47041edb03476be1c8ef7bc1f4b69d1555
696Author: markus@openbsd.org <markus@openbsd.org>
697Date: Mon Jul 9 21:56:06 2018 +0000
698
699 upstream: remove legacy buffer API emulation layer; ok djm@
700
701 OpenBSD-Commit-ID: 2dd5dc17cbc23195be4299fa93be2707a0e08ad9
702
703commit 235c7c4e3bf046982c2d8242f30aacffa01073d1
704Author: markus@openbsd.org <markus@openbsd.org>
705Date: Mon Jul 9 21:53:45 2018 +0000
706
707 upstream: sshd: switch monitor to sshbuf API; lots of help & ok
708
709 djm@
710
711 OpenBSD-Commit-ID: d89bd02d33974fd35ca0b8940d88572227b34a48
712
713commit b8d9214d969775e409e1408ecdf0d58fad99b344
714Author: markus@openbsd.org <markus@openbsd.org>
715Date: Mon Jul 9 21:37:55 2018 +0000
716
717 upstream: sshd: switch GSSAPI to sshbuf API; ok djm@
718
719 OpenBSD-Commit-ID: e48449ab4be3f006f7ba33c66241b7d652973e30
720
721commit c7d39ac8dc3587c5f05bdd5bcd098eb5c201c0c8
722Author: markus@openbsd.org <markus@openbsd.org>
723Date: Mon Jul 9 21:35:50 2018 +0000
724
725 upstream: sshd: switch authentication to sshbuf API; ok djm@
726
727 OpenBSD-Commit-ID: 880aa06bce4b140781e836bb56bec34873290641
728
729commit c3cb7790e9efb14ba74b2d9f543ad593b3d55b31
730Author: markus@openbsd.org <markus@openbsd.org>
731Date: Mon Jul 9 21:29:36 2018 +0000
732
733 upstream: sshd: switch config to sshbuf API; ok djm@
734
735 OpenBSD-Commit-ID: 72b02017bac7feac48c9dceff8355056bea300bd
736
737commit 2808d18ca47ad3d251836c555f0e22aaca03d15c
738Author: markus@openbsd.org <markus@openbsd.org>
739Date: Mon Jul 9 21:26:02 2018 +0000
740
741 upstream: sshd: switch loginmsg to sshbuf API; ok djm@
742
743 OpenBSD-Commit-ID: f3cb4e54bff15c593602d95cc43e32ee1a4bac42
744
745commit 89dd615b8b531979be63f05f9d5624367c9b28e6
746Author: markus@openbsd.org <markus@openbsd.org>
747Date: Mon Jul 9 21:20:26 2018 +0000
748
749 upstream: ttymodes: switch to sshbuf API; ok djm@
750
751 OpenBSD-Commit-ID: 5df340c5965e822c9da21e19579d08dea3cbe429
752
753commit f4608a7065480516ab46214f554e5f853fb7870f
754Author: markus@openbsd.org <markus@openbsd.org>
755Date: Mon Jul 9 21:18:10 2018 +0000
756
757 upstream: client: switch mux to sshbuf API; with & ok djm@
758
759 OpenBSD-Commit-ID: 5948fb98d704f9c4e075b92edda64e0290b5feb2
760
761commit cecee2d607099a7bba0a84803e2325d15be4277b
762Author: markus@openbsd.org <markus@openbsd.org>
763Date: Mon Jul 9 21:03:30 2018 +0000
764
765 upstream: client: switch to sshbuf API; ok djm@
766
767 OpenBSD-Commit-ID: 60cb0356114acc7625ab85105f6f6a7cd44a8d05
768
769commit ff55f4ad898137d4703e7a2bcc81167dfe8e9324
770Author: markus@openbsd.org <markus@openbsd.org>
771Date: Mon Jul 9 20:39:28 2018 +0000
772
773 upstream: pkcs11: switch to sshbuf API; ok djm@
774
775 OpenBSD-Commit-ID: 98cc4e800f1617c51caf59a6cb3006f14492db79
776
777commit 168b46f405d6736960ba7930389eecb9b6710b7e
778Author: sf@openbsd.org <sf@openbsd.org>
779Date: Mon Jul 9 13:37:10 2018 +0000
780
781 upstream: Revert previous two commits
782
783 It turns out we still support pre-auth compression on the client.
784 Therefore revert the previous two commits:
785
786 date: 2018/07/06 09:06:14; author: sf; commitid: yZVYKIRtUZWD9CmE;
787 Rename COMP_DELAYED to COMP_ZLIB
788
789 Only delayed compression is supported nowadays.
790
791 ok markus@
792
793 date: 2018/07/06 09:05:01; author: sf; commitid: rEGuT5UgI9f6kddP;
794 Remove leftovers from pre-authentication compression
795
796 Support for this has been removed in 2016.
797 COMP_DELAYED will be renamed in a later commit.
798
799 ok markus@
800
801 OpenBSD-Commit-ID: cdfef526357e4e1483c86cf599491b2dafb77772
802
803commit ab39267fa1243d02b6c330615539fc4b21e17dc4
804Author: sf@openbsd.org <sf@openbsd.org>
805Date: Fri Jul 6 09:06:14 2018 +0000
806
807 upstream: Rename COMP_DELAYED to COMP_ZLIB
808
809 Only delayed compression is supported nowadays.
810
811 ok markus@
812
813 OpenBSD-Commit-ID: 5b1dbaf3d9a4085aaa10fec0b7a4364396561821
814
815commit 95db395d2e56a6f868193aead6cadb2493f036c6
816Author: sf@openbsd.org <sf@openbsd.org>
817Date: Fri Jul 6 09:05:01 2018 +0000
818
819 upstream: Remove leftovers from pre-authentication compression
820
821 Support for this has been removed in 2016.
822 COMP_DELAYED will be renamed in a later commit.
823
824 ok markus@
825
826 OpenBSD-Commit-ID: 6a99616c832627157113fcb0cf5a752daf2e6b58
827
828commit f28a4d5cd24c4aa177e96b4f96957991e552cb70
829Author: sf@openbsd.org <sf@openbsd.org>
830Date: Fri Jul 6 09:03:02 2018 +0000
831
832 upstream: Remove unused ssh_packet_start_compression()
833
834 ok markus@
835
836 OpenBSD-Commit-ID: 9d34cf2f59aca5422021ae2857190578187dc2b4
837
838commit 872517ddbb72deaff31d4760f28f2b0a1c16358f
839Author: Darren Tucker <dtucker@dtucker.net>
840Date: Fri Jul 6 13:32:02 2018 +1000
841
842 Defer setting bufsiz in getdelim.
843
844 Do not write to bufsiz until we are sure the malloc has succeeded,
845 in case any callers rely on it (which they shouldn't). ok djm@
846
847commit 3deb56f7190a414dc264e21e087a934fa1847283
848Author: Darren Tucker <dtucker@dtucker.net>
849Date: Thu Jul 5 13:32:01 2018 +1000
850
851 Fix other callers of read_environment_file.
852
853 read_environment_file recently gained an extra argument Some platform
854 specific code also calls it so add the argument to those too. Fixes
855 build on Solaris and AIX.
856
857commit 314908f451e6b2d4ccf6212ad246fa4619c721d3
858Author: djm@openbsd.org <djm@openbsd.org>
859Date: Wed Jul 4 13:51:45 2018 +0000
860
861 upstream: deal with API rename: match_filter_list() =>
862
863 match_filter_blacklist()
864
865 OpenBSD-Regress-ID: 2da342be913efeb51806351af906fab01ba4367f
866
867commit 89f54cdf6b9cf1cf5528fd33897f1443913ddfb4
868Author: djm@openbsd.org <djm@openbsd.org>
869Date: Wed Jul 4 13:51:12 2018 +0000
870
871 upstream: exercise new expansion behaviour of
872
873 PubkeyAcceptedKeyTypes and, by proxy, test kex_assemble_names()
874
875 ok markus@
876
877 OpenBSD-Regress-ID: 292978902e14d5729aa87e492dd166c842f72736
878
879commit 187633f24c71564e970681c8906df5a6017dcccf
880Author: djm@openbsd.org <djm@openbsd.org>
881Date: Tue Jul 3 13:53:26 2018 +0000
882
883 upstream: add a comment that could have saved me 45 minutes of wild
884
885 goose chasing
886
887 OpenBSD-Regress-ID: d469b29ffadd3402c090e21b792d627d46fa5297
888
889commit 312d2f2861a2598ed08587cb6c45c0e98a85408f
890Author: djm@openbsd.org <djm@openbsd.org>
891Date: Wed Jul 4 13:49:31 2018 +0000
892
893 upstream: repair PubkeyAcceptedKeyTypes (and friends) after RSA
894
895 signature work - returns ability to add/remove/specify algorithms by
896 wildcard.
897
898 Algorithm lists are now fully expanded when the server/client configs
899 are finalised, so errors are reported early and the config dumps
900 (e.g. "ssh -G ...") now list the actual algorithms selected.
901
902 Clarify that, while wildcards are accepted in algorithm lists, they
903 aren't full pattern-lists that support negation.
904
905 (lots of) feedback, ok markus@
906
907 OpenBSD-Commit-ID: a8894c5c81f399a002f02ff4fe6b4fa46b1f3207
908
909commit 303af5803bd74bf05d375c04e1a83b40c30b2be5
910Author: djm@openbsd.org <djm@openbsd.org>
911Date: Tue Jul 3 11:43:49 2018 +0000
912
913 upstream: some magic for RSA-SHA2 checks
914
915 OpenBSD-Regress-ID: e5a9b11368ff6d86e7b25ad10ebe43359b471cd4
916
917commit 7d68e262944c1fff1574600fe0e5e92ec8b398f5
918Author: Damien Miller <djm@mindrot.org>
919Date: Tue Jul 3 23:27:11 2018 +1000
920
921 depend
922
923commit b4d4eda633af433d20232cbf7e855ceac8b83fe5
924Author: djm@openbsd.org <djm@openbsd.org>
925Date: Tue Jul 3 13:20:25 2018 +0000
926
927 upstream: some finesse to fix RSA-SHA2 certificate authentication
928
929 for certs hosted in ssh-agent
930
931 OpenBSD-Commit-ID: e5fd5edd726137dda2d020e1cdebc464110a010f
932
933commit d78b75df4a57e0f92295f24298e5f2930e71c172
934Author: djm@openbsd.org <djm@openbsd.org>
935Date: Tue Jul 3 13:07:58 2018 +0000
936
937 upstream: check correct variable; unbreak agent keys
938
939 OpenBSD-Commit-ID: c36981fdf1f3ce04966d3310826a3e1e6233d93e
940
941commit 2f30300c5e15929d0e34013f38d73e857f445e12
942Author: djm@openbsd.org <djm@openbsd.org>
943Date: Tue Jul 3 11:42:12 2018 +0000
944
945 upstream: crank version number to 7.8; needed for new compat flag
946
947 for prior version; part of RSA-SHA2 strictification, ok markus@
948
949 OpenBSD-Commit-ID: 84a11fc0efd2674c050712336b5093f5d408e32b
950
951commit 4ba0d54794814ec0de1ec87987d0c3b89379b436
952Author: djm@openbsd.org <djm@openbsd.org>
953Date: Tue Jul 3 11:39:54 2018 +0000
954
955 upstream: Improve strictness and control over RSA-SHA2 signature
956
957 In ssh, when an agent fails to return a RSA-SHA2 signature when
958 requested and falls back to RSA-SHA1 instead, retry the signature to
959 ensure that the public key algorithm sent in the SSH_MSG_USERAUTH
960 matches the one in the signature itself.
961
962 In sshd, strictly enforce that the public key algorithm sent in the
963 SSH_MSG_USERAUTH message matches what appears in the signature.
964
965 Make the sshd_config PubkeyAcceptedKeyTypes and
966 HostbasedAcceptedKeyTypes options control accepted signature algorithms
967 (previously they selected supported key types). This allows these
968 options to ban RSA-SHA1 in favour of RSA-SHA2.
969
970 Add new signature algorithms "rsa-sha2-256-cert-v01@openssh.com" and
971 "rsa-sha2-512-cert-v01@openssh.com" to force use of RSA-SHA2 signatures
972 with certificate keys.
973
974 feedback and ok markus@
975
976 OpenBSD-Commit-ID: c6e9f6d45eed8962ad502d315d7eaef32c419dde
977
978commit 95344c257412b51199ead18d54eaed5bafb75617
979Author: djm@openbsd.org <djm@openbsd.org>
980Date: Tue Jul 3 10:59:35 2018 +0000
981
982 upstream: allow sshd_config PermitUserEnvironment to accept a
983
984 pattern-list of whitelisted environment variable names in addition to yes|no.
985
986 bz#1800, feedback and ok markus@
987
988 OpenBSD-Commit-ID: 77dc2b468e0bf04b53f333434ba257008a1fdf24
989
990commit 6f56fe4b9578b0627667f8bce69d4d938a88324c
991Author: millert@openbsd.org <millert@openbsd.org>
992Date: Tue Jun 26 11:23:59 2018 +0000
993
994 upstream: Fix "WARNING: line 6 disappeared in /etc/moduli, giving up"
995
996 when choosing a prime. An extra increment of linenum snuck in as part of the
997 conversion to getline(). OK djm@ markus@
998
999 OpenBSD-Commit-ID: 0019225cb52ed621b71cd9f19ee2e78e57e3dd38
1000
1001commit 1eee79a11c1b3594f055b01e387c49c9a6e80005
1002Author: dtucker@openbsd.org <dtucker@openbsd.org>
1003Date: Mon Jul 2 14:13:30 2018 +0000
1004
1005 upstream: One ampersand is enough to backgroud an process. OpenBSD
1006
1007 doesn't seem to mind, but some platforms in -portable object to the second.
1008
1009 OpenBSD-Regress-ID: d6c3e404871764343761dc25c3bbe29c2621ff74
1010
1011commit 6301e6c787d4e26bfae1119ab4f747bbcaa94e44
1012Author: Darren Tucker <dtucker@dtucker.net>
1013Date: Mon Jul 2 21:16:58 2018 +1000
1014
1015 Add implementation of getline.
1016
1017 Add getline for the benefit of platforms that don't have it. Sourced
1018 from NetBSD (OpenBSD's implementation is a little too chummy with the
1019 internals of FILE).
1020
1021commit 84623e0037628f9992839063151f7a9f5f13099a
1022Author: djm@openbsd.org <djm@openbsd.org>
1023Date: Tue Jun 26 02:02:36 2018 +0000
1024
1025 upstream: whitespace
1026
1027 OpenBSD-Commit-ID: 9276951caf4daf555f6d262e95720e7f79244572
1028
1029commit 90e51d672711c19a36573be1785caf35019ae7a8
1030Author: djm@openbsd.org <djm@openbsd.org>
1031Date: Mon Jun 25 22:28:33 2018 +0000
1032
1033 upstream: fix NULL dereference in open_listen_match_tcpip()
1034
1035 OpenBSD-Commit-ID: c968c1d29e392352383c0f9681fcc1e93620c4a9
1036
1037commit f535ff922a67d9fcc5ee69d060d1b21c8bb01d14
1038Author: jmc@openbsd.org <jmc@openbsd.org>
1039Date: Tue Jun 19 05:36:57 2018 +0000
1040
1041 upstream: spelling;
1042
1043 OpenBSD-Commit-ID: db542918185243bea17202383a581851736553cc
1044
1045commit 80e199d6175904152aafc5c297096c3e18297691
1046Author: djm@openbsd.org <djm@openbsd.org>
1047Date: Tue Jun 19 03:02:17 2018 +0000
1048
1049 upstream: test PermitListen with bare port numbers
1050
1051 OpenBSD-Regress-ID: 4b50a02dfb0ccaca08247f3877c444126ba901b3
1052
1053commit 87ddd676da0f3abd08b778b12b53b91b670dc93c
1054Author: djm@openbsd.org <djm@openbsd.org>
1055Date: Tue Jun 19 02:59:41 2018 +0000
1056
1057 upstream: allow bare port numbers to appear in PermitListen directives,
1058
1059 e.g.
1060
1061 PermitListen 2222 8080
1062
1063 is equivalent to:
1064
1065 PermitListen *:2222 *:8080
1066
1067 Some bonus manpage improvements, mostly from markus@
1068
1069 "looks fine" markus@
1070
1071 OpenBSD-Commit-ID: 6546b0cc5aab7f53d65ad0a348ca0ae591d6dd24
1072
1073commit 26f96ca10ad0ec5da9b05b99de1e1ccea15a11be
1074Author: djm@openbsd.org <djm@openbsd.org>
1075Date: Fri Jun 15 07:01:11 2018 +0000
1076
1077 upstream: invalidate supplemental group cache used by
1078
1079 temporarily_use_uid() when the target uid differs; could cause failure to
1080 read authorized_keys under some configurations. patch by Jakub Jelen via
1081 bz2873; ok dtucker, markus
1082
1083 OpenBSD-Commit-ID: 48a345f0ee90f6c465a078eb5e89566b23abd8a1
1084
1085commit 89a85d724765b6b82e0135ee5a1181fdcccea9c6
1086Author: djm@openbsd.org <djm@openbsd.org>
1087Date: Sun Jun 10 23:45:41 2018 +0000
1088
1089 upstream: unbreak SendEnv; patch from tb@
1090
1091 OpenBSD-Commit-ID: fc808daced813242563b80976e1478de95940056
1092
1093commit acf4260f0951f89c64e1ebbc4c92f451768871ad
1094Author: jmc@openbsd.org <jmc@openbsd.org>
1095Date: Sat Jun 9 06:36:31 2018 +0000
1096
1097 upstream: sort previous;
1098
1099 OpenBSD-Commit-ID: 27d80d8b8ca99bc33971dee905e8ffd0053ec411
1100
1101commit 1678d4236451060b735cb242d2e26e1ac99f0947
1102Author: djm@openbsd.org <djm@openbsd.org>
1103Date: Sat Jun 9 03:18:11 2018 +0000
1104
1105 upstream: slightly better wording re handing of $TERM, from Jakub
1106
1107 Jelen via bz2386
1108
1109 OpenBSD-Commit-ID: 14bea3f069a93c8be66a7b97794255a91fece964
1110
1111commit 28013759f09ed3ebf7e8335e83a62936bd7a7f47
1112Author: djm@openbsd.org <djm@openbsd.org>
1113Date: Sat Jun 9 03:03:10 2018 +0000
1114
1115 upstream: add a SetEnv directive for sshd_config to allow an
1116
1117 administrator to explicitly specify environment variables set in sessions
1118 started by sshd. These override the default environment and any variables set
1119 by user configuration (PermitUserEnvironment, etc), but not the SSH_*
1120 variables set by sshd itself.
1121
1122 ok markus@
1123
1124 OpenBSD-Commit-ID: b6a96c0001ccd7dd211df6cae9e961c20fd718c0
1125
1126commit 7082bb58a2eb878d23ec674587c742e5e9673c36
1127Author: djm@openbsd.org <djm@openbsd.org>
1128Date: Sat Jun 9 03:01:12 2018 +0000
1129
1130 upstream: add a SetEnv directive to ssh_config that allows setting
1131
1132 environment variables for the remote session (subject to the server accepting
1133 them)
1134
1135 refactor SendEnv to remove the arbitrary limit of variable names.
1136
1137 ok markus@
1138
1139 OpenBSD-Commit-ID: cfbb00d9b0e10c1ffff1d83424351fd961d1f2be
1140
1141commit 3b9798bda15bd3f598f5ef07595d64e23504da91
1142Author: djm@openbsd.org <djm@openbsd.org>
1143Date: Sat Jun 9 02:58:02 2018 +0000
1144
1145 upstream: reorder child environment preparation so that variables
1146
1147 read from ~/.ssh/environment (if enabled) do not override SSH_* variables set
1148 by the server.
1149
1150 OpenBSD-Commit-ID: 59f9d4c213cdcef2ef21f4b4ae006594dcf2aa7a
1151
1152commit 0368889f82f63c82ff8db9f8c944d89e7c657db4
1153Author: djm@openbsd.org <djm@openbsd.org>
1154Date: Fri Jun 8 03:35:36 2018 +0000
1155
1156 upstream: fix incorrect expansion of %i in
1157
1158 load_public_identity_files(); reported by Roumen Petrov
1159
1160 OpenBSD-Commit-ID: a827289e77149b5e0850d72a350c8b0300e7ef25
1161
1162commit 027607fc2db6a0475a3380f8d95c635482714cb0
1163Author: djm@openbsd.org <djm@openbsd.org>
1164Date: Fri Jun 8 01:55:40 2018 +0000
1165
1166 upstream: fix some over-long lines and __func__ up some debug
1167
1168 messages
1169
1170 OpenBSD-Commit-ID: c70a60b4c8207d9f242fc2351941ba50916bb267
1171
1172commit 6ff6fda705bc204456a5fa12518dde6e8790bb02
1173Author: jmc@openbsd.org <jmc@openbsd.org>
1174Date: Thu Jun 7 11:26:14 2018 +0000
1175
1176 upstream: tweak previous;
1177
1178 OpenBSD-Commit-ID: f98f16af10b28e24bcecb806cb71ea994b648fd6
1179
1180commit f2c06ab8dd90582030991f631a2715216bf45e5a
1181Author: Darren Tucker <dtucker@dtucker.net>
1182Date: Fri Jun 8 17:43:36 2018 +1000
1183
1184 Remove ability to override $LD.
1185
1186 Since autoconf always uses $CC to link C programs, allowing users to
1187 override LD caused mismatches between what LD_LINK_IFELSE thought worked
1188 and what ld thought worked. If you do need to do this kind of thing you
1189 need to set a compiler flag such as gcc's -fuse-ld in LDFLAGS.
1190
1191commit e1542a80797b4ea40a91d2896efdcc76a57056d2
1192Author: Darren Tucker <dtucker@dtucker.net>
1193Date: Fri Jun 8 13:55:59 2018 +1000
1194
1195 Better detection of unsupported compiler options.
1196
1197 Should prevent "unsupported -Wl,-z,retpoline" warnings during linking.
1198 ok djm@
1199
1200commit 57379dbd013ad32ee3f9989bf5f5741065428360
1201Author: djm@openbsd.org <djm@openbsd.org>
1202Date: Thu Jun 7 14:29:43 2018 +0000
1203
1204 upstream: test the correct configuration option name
1205
1206 OpenBSD-Regress-ID: 492279ea9f65657f97a970e0e7c7fd0b339fee23
1207
1208commit 6d41815e202fbd6182c79780b6cc90e1ec1c9981
1209Author: djm@openbsd.org <djm@openbsd.org>
1210Date: Thu Jun 7 09:26:42 2018 +0000
1211
1212 upstream: some permitlisten fixes from markus@ that I missed in my
1213
1214 insomnia-fueled commits last night
1215
1216 OpenBSD-Commit-ID: 26f23622e928996086e85b1419cc1c0f136e359c
1217
1218commit 4319f7a868d86d435fa07112fcb6153895d03a7f
1219Author: djm@openbsd.org <djm@openbsd.org>
1220Date: Thu Jun 7 04:46:34 2018 +0000
1221
1222 upstream: permitlisten/PermitListen unit test from Markus
1223
1224 OpenBSD-Regress-ID: ab12eb42f0e14926980441cf7c058a6d1d832ea5
1225
1226commit fa09076410ffc2d34d454145af23c790d728921e
1227Author: djm@openbsd.org <djm@openbsd.org>
1228Date: Thu Jun 7 04:31:51 2018 +0000
1229
1230 upstream: fix regression caused by recent permitlisten option commit:
1231
1232 authorized_keys lines that contained permitopen/permitlisten were being
1233 treated as invalid.
1234
1235 OpenBSD-Commit-ID: 7ef41d63a5a477b405d142dc925b67d9e7aaa31b
1236
1237commit 7f90635216851f6cb4bf3999e98b825f85d604f8
1238Author: markus@openbsd.org <markus@openbsd.org>
1239Date: Wed Jun 6 18:29:18 2018 +0000
1240
1241 upstream: switch config file parsing to getline(3) as this avoids
1242
1243 static limits noted by gerhard@; ok dtucker@, djm@
1244
1245 OpenBSD-Commit-ID: 6d702eabef0fa12e5a1d75c334a8c8b325298b5c
1246
1247commit 392db2bc83215986a91c0b65feb0e40e7619ce7e
1248Author: djm@openbsd.org <djm@openbsd.org>
1249Date: Wed Jun 6 18:25:33 2018 +0000
1250
1251 upstream: regress test for PermitOpen
1252
1253 OpenBSD-Regress-ID: ce8b5f28fc039f09bb297fc4a92319e65982ddaf
1254
1255commit 803d896ef30758135e2f438bdd1a0be27989e018
1256Author: djm@openbsd.org <djm@openbsd.org>
1257Date: Wed Jun 6 18:24:15 2018 +0000
1258
1259 upstream: man bits for permitlisten authorized_keys option
1260
1261 OpenBSD-Commit-ID: 86910af8f781a4ac5980fea125442eb25466dd78
1262
1263commit 04df43208b5b460d7360e1598f876b92a32f5922
1264Author: djm@openbsd.org <djm@openbsd.org>
1265Date: Wed Jun 6 18:24:00 2018 +0000
1266
1267 upstream: man bits for PermitListen
1268
1269 OpenBSD-Commit-ID: 35b200cba4e46a16a4db6a80ef11838ab0fad67c
1270
1271commit 93c06ab6b77514e0447fe4f1d822afcbb2a9be08
1272Author: djm@openbsd.org <djm@openbsd.org>
1273Date: Wed Jun 6 18:23:32 2018 +0000
1274
1275 upstream: permitlisten option for authorized_keys; ok markus@
1276
1277 OpenBSD-Commit-ID: 8650883018d7aa893173d703379e4456a222c672
1278
1279commit 115063a6647007286cc8ca70abfd2a7585f26ccc
1280Author: djm@openbsd.org <djm@openbsd.org>
1281Date: Wed Jun 6 18:22:41 2018 +0000
1282
1283 upstream: Add a PermitListen directive to control which server-side
1284
1285 addresses may be listened on when the client requests remote forwarding (ssh
1286 -R).
1287
1288 This is the converse of the existing PermitOpen directive and this
1289 includes some refactoring to share much of its implementation.
1290
1291 feedback and ok markus@
1292
1293 OpenBSD-Commit-ID: 15a931238c61a3f2ac74ea18a98c933e358e277f
1294
1295commit 7703ae5f5d42eb302ded51705166ff6e19c92892
1296Author: Darren Tucker <dtucker@dtucker.net>
1297Date: Wed Jun 6 16:04:29 2018 +1000
1298
1299 Use ssh-keygen -A to generate missing host keys.
1300
1301 Instead of testing for each specific key type, use ssh-keygen -A to
1302 generate any missing host key types.
1303
1304commit e8d59fef1098e24f408248dc64e5c8efa5d01f3c
1305Author: jmc@openbsd.org <jmc@openbsd.org>
1306Date: Fri Jun 1 06:23:10 2018 +0000
1307
1308 upstream: add missing punctuation after %i in ssh_config.5, and
1309
1310 make the grammatical format in sshd_config.5 match that in ssh_config.5;
1311
1312 OpenBSD-Commit-ID: e325663b9342f3d556e223e5306e0d5fa1a74fa0
1313
1314commit a1f737d6a99314e291a87856122cb4dbaf64c641
1315Author: jmc@openbsd.org <jmc@openbsd.org>
1316Date: Fri Jun 1 05:52:26 2018 +0000
1317
1318 upstream: oops - further adjustment to text neccessary;
1319
1320 OpenBSD-Commit-ID: 23585576c807743112ab956be0fb3c786bdef025
1321
1322commit 294028493471e0bd0c7ffe55dc0c0a67cba6ec41
1323Author: jmc@openbsd.org <jmc@openbsd.org>
1324Date: Fri Jun 1 05:50:18 2018 +0000
1325
1326 upstream: %U needs to be escaped; tweak text;
1327
1328 OpenBSD-Commit-ID: 30887b73ece257273fb619ab6f4e86dc92ddc15e
1329
1330commit e5019da3c5a31e6e729a565f2b886a80c4be96cc
1331Author: dtucker@openbsd.org <dtucker@openbsd.org>
1332Date: Fri Jun 1 04:31:48 2018 +0000
1333
1334 upstream: Apply umask to all incoming files and directories not
1335
1336 just files. This makes sure it gets applied to directories too, and prevents
1337 a race where files get chmodded after creation. bz#2839, ok djm@
1338
1339 OpenBSD-Commit-ID: 3168ee6c7c39093adac4fd71039600cfa296203b
1340
1341commit a1dcafc41c376332493b9385ee39f9754dc145ec
1342Author: djm@openbsd.org <djm@openbsd.org>
1343Date: Fri Jun 1 03:52:37 2018 +0000
1344
1345 upstream: Adapt to extra default verboisity from ssh-keygen when
1346
1347 searching for and hashing known_hosts entries in a single operation
1348 (ssh-keygen -HF ...) Patch from Anton Kremenetsky
1349
1350 OpenBSD-Regress-ID: 519585a4de35c4611285bd6a7272766c229b19dd
1351
1352commit 76f314c75dffd4a55839d50ee23622edad52c168
1353Author: djm@openbsd.org <djm@openbsd.org>
1354Date: Tue May 22 00:22:49 2018 +0000
1355
1356 upstream: Add TEST_SSH_FAIL_FATAL variable, to force all failures
1357
1358 to instantly abort the test. Useful in capturing clean logs for individual
1359 failure cases.
1360
1361 OpenBSD-Regress-ID: feba18cf338c2328b9601bd4093cabdd9baa3af1
1362
1363commit 065c8c055df8d83ae7c92e5e524a579d87668aab
1364Author: dtucker@openbsd.org <dtucker@openbsd.org>
1365Date: Fri May 11 03:51:06 2018 +0000
1366
1367 upstream: Clean up comment.
1368
1369 OpenBSD-Regress-ID: 6adb35f384d447e7dcb9f170d4f0d546d3973e10
1370
1371commit 01b048c8eba3b021701bd0ab26257fc82903cba8
1372Author: djm@openbsd.org <djm@openbsd.org>
1373Date: Fri Jun 1 04:21:29 2018 +0000
1374
1375 upstream: whitespace
1376
1377 OpenBSD-Commit-ID: e5edb5e843ddc9b73a8e46518899be41d5709add
1378
1379commit 854ae209f992465a276de0b5f10ef770510c2418
1380Author: djm@openbsd.org <djm@openbsd.org>
1381Date: Fri Jun 1 04:05:29 2018 +0000
1382
1383 upstream: make ssh_remote_ipaddr() capable of being called after
1384
1385 the ssh->state has been torn down; bz#2773
1386
1387 OpenBSD-Commit-ID: 167f12523613ca3d16d7716a690e7afa307dc7eb
1388
1389commit 3e088aaf236ef35beeef3c9be93fd53700df5861
1390Author: djm@openbsd.org <djm@openbsd.org>
1391Date: Fri Jun 1 03:51:34 2018 +0000
1392
1393 upstream: return correct exit code when searching for and hashing
1394
1395 known_hosts entries in a single operation (ssh-keygen -HF hostname); bz2772
1396 Report and fix from Anton Kremenetsky
1397
1398 OpenBSD-Commit-ID: ac10ca13eb9bb0bc50fcd42ad11c56c317437b58
1399
1400commit 9c935dd9bf05628826ad2495d3e8bdf3d3271c21
1401Author: djm@openbsd.org <djm@openbsd.org>
1402Date: Fri Jun 1 03:33:53 2018 +0000
1403
1404 upstream: make UID available as a %-expansion everywhere that the
1405
1406 username is available currently. In the client this is via %i, in the server
1407 %U (since %i was already used in the client in some places for this, but used
1408 for something different in the server); bz#2870, ok dtucker@
1409
1410 OpenBSD-Commit-ID: c7e912b0213713316cb55db194b3a6415b3d4b95
1411
1412commit d8748b91d1d6c108c0c260ed41fa55f37b9ef34b
1413Author: djm@openbsd.org <djm@openbsd.org>
1414Date: Fri Jun 1 03:11:49 2018 +0000
1415
1416 upstream: prefer argv0 to "ssh" when re-executing ssh for ProxyJump
1417
1418 directive; bz2831, feedback and ok dtucker@
1419
1420 OpenBSD-Commit-ID: 3cec709a131499fbb0c1ea8a0a9e0b0915ce769e
1421
1422commit fbb4b5fd4f8e0bb89732670a01954e18b69e15ba
1423Author: djm@openbsd.org <djm@openbsd.org>
1424Date: Fri May 25 07:11:01 2018 +0000
1425
1426 upstream: Do not ban PTY allocation when a sshd session is restricted
1427
1428 because the user password is expired as it breaks password change dialog.
1429
1430 regression in openssh-7.7 reported by Daniel Wagner
1431
1432 OpenBSD-Commit-ID: 9fc09c584c6f1964b00595e3abe7f83db4d90d73
1433
1434commit f6a59a22b0c157c4c4e5fd7232f868138223be64
1435Author: djm@openbsd.org <djm@openbsd.org>
1436Date: Fri May 25 04:25:46 2018 +0000
1437
1438 upstream: Fix return value confusion in several functions (readdir,
1439
1440 download and fsync). These should return -1 on error, not a sftp status code.
1441
1442 patch from Petr Cerny in bz#2871
1443
1444 OpenBSD-Commit-ID: 651aa0220ad23c9167d9297a436162d741f97a09
1445
1446commit 1da5934b860ac0378d52d3035b22b6670f6a967e
1447Author: dtucker@openbsd.org <dtucker@openbsd.org>
1448Date: Fri May 25 03:20:59 2018 +0000
1449
1450 upstream: If select() fails in ssh_packet_read_seqnr go directly to
1451
1452 the error path instead of trying to read from the socket on the way out,
1453 which resets errno and causes the true error to be misreported. ok djm@
1454
1455 OpenBSD-Commit-ID: 2614edaadbd05a957aa977728aa7a030af7c6f0a
1456
1457commit 4ef75926ef517d539f2c7aac3188b09f315c86a7
1458Author: Damien Miller <djm@mindrot.org>
1459Date: Fri May 25 13:36:58 2018 +1000
1460
1461 Permit getuid()/geteuid() syscalls.
1462
1463 Requested for Linux/s390; patch from Eduardo Barretto via bz#2752;
1464 ok dtucker
1465
1466commit 4b22fd8ecefd059a66140be67f352eb6145a9d88
1467Author: djm@openbsd.org <djm@openbsd.org>
1468Date: Tue May 22 00:13:26 2018 +0000
1469
1470 upstream: support ProxyJump=none to disable ProxyJump
1471
1472 functionality; bz#2869 ok dtucker@
1473
1474 OpenBSD-Commit-ID: 1c06ee08eb78451b5837fcfd8cbebc5ff3a67a01
1475
1476commit f41bcd70f55b4f0fc4d8e1039cb361ac922b23fb
1477Author: jmc@openbsd.org <jmc@openbsd.org>
1478Date: Tue May 15 05:40:11 2018 +0000
1479
1480 upstream: correct keyowrd name (permitemptypasswords); from brendan
1481
1482 macdonell
1483
1484 OpenBSD-Commit-ID: ef1bdbc936b2ea693ee37a4c20a94d4d43f5fda3
1485
1486commit f18bc97151340127859634d20d79fd39ec8a7f39
1487Author: djm@openbsd.org <djm@openbsd.org>
1488Date: Fri May 11 04:01:11 2018 +0000
1489
1490 upstream: Emphasise that -w implicitly sets Tunnel=point-to-point
1491
1492 and that users should specify an explicit Tunnel directive if they don't want
1493 this. bz#2365.
1494
1495 OpenBSD-Commit-ID: 1a8d9c67ae213ead180481900dbbb3e04864560d
1496
1497commit 32e4e94e1511fe0020fbfbb62399d31b2d22a801
1498Author: Damien Miller <djm@mindrot.org>
1499Date: Mon May 14 14:40:08 2018 +1000
1500
1501 sync fmt_scaled.c
1502
1503 revision 1.17
1504 date: 2018/05/14 04:39:04; author: djm; state: Exp; lines: +5 -2;
1505 commitid: 53zY8GjViUBnWo8Z;
1506 constrain fractional part to [0-9] (less confusing to static analysis); ok ian@
1507
1508commit 54268d589e85ecc43d3eba8d83f327bdada9d696
1509Author: Damien Miller <djm@mindrot.org>
1510Date: Fri May 11 14:04:40 2018 +1000
1511
1512 fix key-options.sh on platforms without openpty(3)
1513
1514 Skip the pty tests if the platform lacks openpty(3) and has to chown(2)
1515 the pty device explicitly. This typically requires root permissions that
1516 this test lacks.
1517
1518 bz#2856 ok dtucker@
1519
1520commit b2140a739be4c3b43cc1dc08322dca39a1e39d20
1521Author: djm@openbsd.org <djm@openbsd.org>
1522Date: Fri May 11 03:38:51 2018 +0000
1523
1524 upstream: implement EMFILE mitigation for ssh-agent: remember the
1525
1526 fd rlimit and stop accepting new connections when it is exceeded (with some
1527 grace). Accept is resumed when enough connections are closed.
1528
1529 bz#2576. feedback deraadt; ok dtucker@
1530
1531 OpenBSD-Commit-ID: 6a85d9cec7b85741961e7116a49f8dae777911ea
1532
1533commit fdba503fdfc647ee8a244002f1581e869c1f3d90
1534Author: dtucker@openbsd.org <dtucker@openbsd.org>
1535Date: Fri May 11 03:22:55 2018 +0000
1536
1537 upstream: Explicit cast when snprintf'ing an uint64. Prevents
1538
1539 warnings on platforms where int64 is long not long long. ok djm@
1540
1541 OpenBSD-Commit-ID: 9c5359e2fbfce11dea2d93f7bc257e84419bd001
1542
1543commit e7751aa4094d51a9bc00778aa8d07e22934c55ee
1544Author: bluhm@openbsd.org <bluhm@openbsd.org>
1545Date: Thu Apr 26 14:47:03 2018 +0000
1546
1547 upstream: Since the previous commit, ssh regress test sftp-chroot was
1548
1549 failing. The sftp program terminated with the wrong exit code as sftp called
1550 fatal() instad of exit(0). So when the sigchld handler waits for the child,
1551 remember that it was found. Then don't expect that main() can wait again. OK
1552 dtucker@
1553
1554 OpenBSD-Commit-ID: bfafd940c0de5297940c71ddf362053db0232266
1555
1556commit 7c15301841e2e9d37cae732400de63ae9c0961d6
1557Author: Darren Tucker <dtucker@dtucker.net>
1558Date: Sun Apr 29 17:54:12 2018 +1000
1559
1560 Use includes.h instead of config.h.
1561
1562 This ensures it picks up the definition of DEF_WEAK, the lack of which
1563 can cause compile errors in some cases (eg modern AIX). From
1564 michael at felt.demon.nl.
1565
1566commit cec338967a666b7c8ad8b88175f2faeddf268116
1567Author: Darren Tucker <dtucker@dtucker.net>
1568Date: Thu Apr 19 09:53:14 2018 +1000
1569
1570 Omit 3des-cbc if OpenSSL built without DES.
1571
1572 Patch from hongxu.jia at windriver.com, ok djm@
1573
1574commit a575ddd58835759393d2dddd16ebe5abdb56485e
1575Author: djm@openbsd.org <djm@openbsd.org>
1576Date: Mon Apr 16 22:50:44 2018 +0000
1577
1578 upstream: Disable SSH2_MSG_DEBUG messages for Twisted Conch clients
1579
1580 without version numbers since they choke on them under some circumstances.
1581 https://twistedmatrix.com/trac/ticket/9422 via Colin Watson
1582
1583 Newer Conch versions have a version number in their ident string and
1584 handle debug messages okay. https://twistedmatrix.com/trac/ticket/9424
1585
1586 OpenBSD-Commit-ID: 6cf7be262af0419c58ddae11324d9c0dc1577539
1587
1588commit 390c7000a8946db565b66eab9e52fb11948711fa
1589Author: djm@openbsd.org <djm@openbsd.org>
1590Date: Sat Apr 14 21:50:41 2018 +0000
1591
1592 upstream: don't free the %C expansion, it's used later for
1593
1594 LocalCommand
1595
1596 OpenBSD-Commit-ID: 857b5cb37b2d856bfdfce61289a415257a487fb1
1597
1598commit 3455f1e7c48e2e549192998d330214975b9b1dc7
1599Author: djm@openbsd.org <djm@openbsd.org>
1600Date: Fri Apr 13 05:04:12 2018 +0000
1601
1602 upstream: notify user immediately when underlying ssh process dies;
1603
1604 patch from Thomas Kuthan in bz2719; ok dtucker@
1605
1606 OpenBSD-Commit-ID: 78fac88c2f08054d1fc5162c43c24162b131cf78
1607
1608commit 1c5b4bc827f4abc3e65888cda061ad5edf1b8c7c
1609Author: Darren Tucker <dtucker@dtucker.net>
1610Date: Fri Apr 13 16:23:57 2018 +1000
1611
1612 Allow nanosleep in preauth privsep child.
1613
1614 The new timing attack mitigation code uses nanosleep in the preauth
1615 codepath, allow in systrace andbox too.
1616
1617commit 0e73428038d5ecfa5d2a28cff26661502a7aff4e
1618Author: Darren Tucker <dtucker@dtucker.net>
1619Date: Fri Apr 13 16:06:29 2018 +1000
1620
1621 Allow nanosleep in preauth privsep child.
1622
1623 The new timing attack mitigation code uses nanosleep in the preauth
1624 codepath, allow in sandbox.
1625
1626commit e9d910b0289c820852f7afa67f584cef1c05fe95
1627Author: dtucker@openbsd.org <dtucker@openbsd.org>
1628Date: Fri Apr 13 03:57:26 2018 +0000
1629
1630 upstream: Defend against user enumeration timing attacks. This
1631
1632 establishes a minimum time for each failed authentication attempt (5ms) and
1633 adds a per-user constant derived from a host secret (0-4ms). Based on work
1634 by joona.kannisto at tut.fi, ok markus@ djm@.
1635
1636 OpenBSD-Commit-ID: b7845b355bb7381703339c8fb0e57e81a20ae5ca
1637
1638commit d97874cbd909eb706886cd0cdd418f812c119ef9
1639Author: Darren Tucker <dtucker@dtucker.net>
1640Date: Fri Apr 13 13:43:55 2018 +1000
1641
1642 Using "==" in shell tests is not portable.
1643
1644 Patch from rsbecker at nexbridge.com.
1645
1646commit cfb1d9bc76734681e3dea532a1504fcd466fbe91
1647Author: Damien Miller <djm@mindrot.org>
1648Date: Fri Apr 13 13:38:06 2018 +1000
1649
1650 Fix tunnel forwarding broken in 7.7p1
1651
1652 bz2855, ok dtucker@
1653
1654commit afa6e79b76fb52a0c09a29688b5c0d125eb08302
1655Author: Damien Miller <djm@mindrot.org>
1656Date: Fri Apr 13 13:31:42 2018 +1000
1657
1658 prefer to use getrandom() for PRNG seeding
1659
1660 Only applies when built --without-openssl. Thanks Jann Horn for
1661 reminder.
1662
1663commit 575fac34a97f69bc217b235f81de9f8f433eceed
1664Author: Darren Tucker <dtucker@dtucker.net>
1665Date: Fri Apr 13 13:13:33 2018 +1000
1666
1667 Revert $REGRESSTMP changes.
1668
1669 Revert 3fd2d229 and subsequent changes as they turned out to be a
1670 portability hassle.
1671
1672commit 10479cc2a4acd6faaf643eb305233b49d70c31c1
1673Author: Damien Miller <djm@mindrot.org>
1674Date: Tue Apr 10 10:19:02 2018 +1000
1675
1676 Many typo fixes from Karsten Weiss
1677
1678 Spotted using https://github.com/lucasdemarchi/codespell
1679
1680commit 907da2f88519b34189fd03fac96de0c52d448233
1681Author: djm@openbsd.org <djm@openbsd.org>
1682Date: Tue Apr 10 00:14:10 2018 +0000
1683
1684 upstream: more typos spotted by Karsten Weiss using codespell
1685
1686 OpenBSD-Regress-ID: d906a2aea0663810a658b7d0bc61a1d2907d4d69
1687
1688commit 37e5f4a7ab9a8026e5fc2f47dafb0f1b123d39e9
1689Author: djm@openbsd.org <djm@openbsd.org>
1690Date: Tue Apr 10 00:13:27 2018 +0000
1691
1692 upstream: make this a bit more portable-friendly
1693
1694 OpenBSD-Regress-ID: 62f7b9e055e8dfaab92b3825f158beeb4ca3f963
1695
1696commit 001aa55484852370488786bd40e9fdad4b465811
1697Author: djm@openbsd.org <djm@openbsd.org>
1698Date: Tue Apr 10 00:10:49 2018 +0000
1699
1700 upstream: lots of typos in comments/docs. Patch from Karsten Weiss
1701
1702 after checking with codespell tool
1703 (https://github.com/lucasdemarchi/codespell)
1704
1705 OpenBSD-Commit-ID: 373222f12d7ab606598a2d36840c60be93568528
1706
1707commit 260ede2787fe80b18b8d5920455b4fb268519c7d
1708Author: djm@openbsd.org <djm@openbsd.org>
1709Date: Mon Apr 9 23:54:49 2018 +0000
1710
1711 upstream: don't kill ssh-agent's listening socket entriely if we
1712
1713 fail to accept a connection; bz#2837, patch from Lukas Kuster
1714
1715 OpenBSD-Commit-ID: 52413f5069179bebf30d38f524afe1a2133c738f
1716
1717commit ebc8b4656f9b0f834a642a9fb3c9fbca86a61838
1718Author: tj@openbsd.org <tj@openbsd.org>
1719Date: Mon Apr 9 20:41:22 2018 +0000
1720
1721 upstream: the UseLogin option was removed, so remove it here too.
1722
1723 ok dtucker
1724
1725 OpenBSD-Commit-ID: 7080be73a64d68e21f22f5408a67a0ba8b1b6b06
1726
1727commit 3e36f281851fc8e9c996b33f108b2ae167314fbe
1728Author: jmc@openbsd.org <jmc@openbsd.org>
1729Date: Sun Apr 8 07:36:02 2018 +0000
1730
1731 upstream: tweak previous;
1732
1733 OpenBSD-Commit-ID: 2b9c23022ea7b9dddb62864de4e906000f9d7474
1734
1735commit 8368571efd6693c5c57f850e23a2372acf3f865f
1736Author: jmc@openbsd.org <jmc@openbsd.org>
1737Date: Sat Apr 7 13:50:10 2018 +0000
1738
1739 upstream: tweak previous;
1740
1741 OpenBSD-Commit-ID: 38e347b6f8e888f5e0700d01abb1eba7caa154f9
1742
1743commit 555294a7279914ae6795b71bedf4e6011b7636df
1744Author: djm@openbsd.org <djm@openbsd.org>
1745Date: Fri Apr 6 13:02:39 2018 +0000
1746
1747 upstream: Allow "SendEnv -PATTERN" to clear environment variables
1748
1749 previously labeled for sendind. bz#1285 ok dtucker@
1750
1751 OpenBSD-Commit-ID: f6fec9e3d0f366f15903094fbe1754cb359a0df9
1752
1753commit 40f5f03544a07ebd2003b443d42e85cb51d94d59
1754Author: djm@openbsd.org <djm@openbsd.org>
1755Date: Fri Apr 6 04:15:45 2018 +0000
1756
1757 upstream: relax checking of authorized_keys environment="..."
1758
1759 options to allow underscores in variable names (regression introduced in
1760 7.7). bz2851, ok deraadt@
1761
1762 OpenBSD-Commit-ID: 69690ffe0c97ff393f2c76d25b4b3d2ed4e4ac9c
1763
1764commit 30fd7f9af0f553aaa2eeda5a1f53f26cfc222b5e
1765Author: djm@openbsd.org <djm@openbsd.org>
1766Date: Fri Apr 6 03:51:27 2018 +0000
1767
1768 upstream: add a couple of missed options to the config dump; patch
1769
1770 from Jakub Jelen via bz2835
1771
1772 OpenBSD-Commit-ID: 5970adadf6ef206bee0dddfc75d24c2019861446
1773
1774commit 8d6829be324452d2acd282d5f8ceb0adaa89a4de
1775Author: djm@openbsd.org <djm@openbsd.org>
1776Date: Fri Apr 6 03:34:27 2018 +0000
1777
1778 upstream: ssh does not accept -oInclude=... on the commandline, the
1779
1780 Include keyword is for configuration files only. bz#2840, patch from Jakub
1781 Jelen
1782
1783 OpenBSD-Commit-ID: 32d052b4a7a7f22df35fe3f71c368c02b02cacb0
1784
1785commit 00c5222ddc0c8edcaa4ea45ac03befdc8013d137
1786Author: djm@openbsd.org <djm@openbsd.org>
1787Date: Thu Apr 5 22:54:28 2018 +0000
1788
1789 upstream: We don't offer CBC cipher by default any more. Spotted by
1790
1791 Renaud Allard (via otto@)
1792
1793 OpenBSD-Commit-ID: a559b1eef741557dd959ae378b665a2977d92dca
1794
1795commit 5ee8448ad7c306f05a9f56769f95336a8269f379
1796Author: job@openbsd.org <job@openbsd.org>
1797Date: Wed Apr 4 15:12:17 2018 +0000
1798
1799 upstream: Update default IPQoS in ssh(1), sshd(8) to DSCP AF21 for
1800
1801 interactive and CS1 for bulk
1802
1803 AF21 was selected as this is the highest priority within the low-latency
1804 service class (and it is higher than what we have today). SSH is elastic
1805 and time-sensitive data, where a user is waiting for a response via the
1806 network in order to continue with a task at hand. As such, these flows
1807 should be considered foreground traffic, with delays or drops to such
1808 traffic directly impacting user-productivity.
1809
1810 For bulk SSH traffic, the CS1 "Lower Effort" marker was chosen to enable
1811 networks implementing a scavanger/lower-than-best effort class to
1812 discriminate scp(1) below normal activities, such as web surfing. In
1813 general this type of bulk SSH traffic is a background activity.
1814
1815 An advantage of using "AF21" for interactive SSH and "CS1" for bulk SSH
1816 is that they are recognisable values on all common platforms (IANA
1817 https://www.iana.org/assignments/dscp-registry/dscp-registry.xml), and
1818 for AF21 specifically a definition of the intended behavior exists
1819 https://tools.ietf.org/html/rfc4594#section-4.7 in addition to the definition
1820 of the Assured Forwarding PHB group https://tools.ietf.org/html/rfc2597, and
1821 for CS1 (Lower Effort) there is https://tools.ietf.org/html/rfc3662
1822
1823 The first three bits of "AF21" map to the equivalent IEEEE 802.1D PCP, IEEE
1824 802.11e, MPLS EXP/CoS and IP Precedence value of 2 (also known as "Immediate",
1825 or "AC_BE"), and CS1's first 3 bits map to IEEEE 802.1D PCP, IEEE 802.11e,
1826 MPLS/CoS and IP Precedence value 1 ("Background" or "AC_BK").
1827
1828 OK deraadt@, "no objection" djm@
1829
1830 OpenBSD-Commit-ID: d11d2a4484f461524ef0c20870523dfcdeb52181
1831
1832commit 424b544fbda963f973da80f884717c3e0a513288
1833Author: dtucker@openbsd.org <dtucker@openbsd.org>
1834Date: Tue Apr 3 02:14:08 2018 +0000
1835
1836 upstream: Import regenerated moduli file.
1837
1838 OpenBSD-Commit-ID: 1de0e85522051eb2ffa00437e1885e9d7b3e0c2e
1839
1840commit 323f66ce934df2da551f256f37d69822428e1ca1
1841Author: dtucker@openbsd.org <dtucker@openbsd.org>
1842Date: Fri Apr 6 04:18:35 2018 +0000
1843
1844 upstream: Add test for username options parsing order, prompted by
1845
1846 bz#2849.
1847
1848 OpenBSD-Regress-ID: 6985cd32f38596882a3ac172ff8c510693b65283
1849
1850commit e8f474554e3bda102a797a2fbab0594ccc66f097
1851Author: Damien Miller <djm@mindrot.org>
1852Date: Fri Apr 6 14:11:44 2018 +1000
1853
1854 Expose SSH_AUTH_INFO_0 to PAM auth modules
1855
1856 bz#2408, patch from Radoslaw Ejsmont; ok dtucker@
1857
1858commit 014ba209cf4c6a159baa30ecebbaddfa97da7100
1859Author: Darren Tucker <dtucker@dtucker.net>
1860Date: Tue Apr 3 12:18:00 2018 +1000
1861
1862 Import regenerated moduli file.
1863
1commit a0349a1cc4a18967ad1dbff5389bcdf9da098814 1864commit a0349a1cc4a18967ad1dbff5389bcdf9da098814
2Author: Damien Miller <djm@mindrot.org> 1865Author: Damien Miller <djm@mindrot.org>
3Date: Mon Apr 2 15:38:28 2018 +1000 1866Date: Mon Apr 2 15:38:28 2018 +1000
@@ -7876,1923 +9739,3 @@ Date: Tue Aug 23 08:17:42 2016 +0000
7876 in addr_match_list() 9739 in addr_match_list()
7877 9740
7878 Upstream-ID: 07c3d53e357214153d9d08f234411e0d1a3d6f5c 9741 Upstream-ID: 07c3d53e357214153d9d08f234411e0d1a3d6f5c
7879
7880commit a39627134f6d90e7009eeb14e9582ecbc7a99192
7881Author: djm@openbsd.org <djm@openbsd.org>
7882Date: Tue Aug 23 06:36:23 2016 +0000
7883
7884 upstream commit
7885
7886 remove Protocol directive from client/server configs that
7887 causes spammy deprecation warnings
7888
7889 hardcode SSH_PROTOCOLS=2, since that's all we support on the server
7890 now (the client still may support both, so it could get confused)
7891
7892 Upstream-Regress-ID: c16662c631af51633f9fd06aca552a70535de181
7893
7894commit 6ee4f1c01ee31e65245881d49d4bccf014956066
7895Author: Damien Miller <djm@mindrot.org>
7896Date: Tue Aug 23 16:33:48 2016 +1000
7897
7898 hook match and utf8 unittests up to Makefile
7899
7900commit 114efe2bc0dd2842d997940a833f115e6fc04854
7901Author: djm@openbsd.org <djm@openbsd.org>
7902Date: Fri Aug 19 06:44:13 2016 +0000
7903
7904 upstream commit
7905
7906 add tests for matching functions
7907
7908 Upstream-Regress-ID: 0869d4f5c5d627c583c6a929d69c17d5dd65882c
7909
7910commit 857568d2ac81c14bcfd625b27536c1e28c992b3c
7911Author: Damien Miller <djm@mindrot.org>
7912Date: Tue Aug 23 14:32:37 2016 +1000
7913
7914 removing UseLogin bits from configure.ac
7915
7916commit cc182d01cef8ca35a1d25ea9bf4e2ff72e588208
7917Author: djm@openbsd.org <djm@openbsd.org>
7918Date: Tue Aug 23 03:24:10 2016 +0000
7919
7920 upstream commit
7921
7922 fix negated address matching where the address list
7923 consists of a single negated match, e.g. "Match addr !192.20.0.1"
7924
7925 Report and patch from Jakub Jelen. bz#2397 ok dtucker@
7926
7927 Upstream-ID: 01dcac3f3e6ca47518cf293e31c73597a4bb40d8
7928
7929commit 4067ec8a4c64ccf16250c35ff577b4422767da64
7930Author: djm@openbsd.org <djm@openbsd.org>
7931Date: Tue Aug 23 03:22:49 2016 +0000
7932
7933 upstream commit
7934
7935 fix matching for pattern lists that contain a single
7936 negated match, e.g. "Host !example"
7937
7938 report and patch from Robin Becker. bz#1918 ok dtucker@
7939
7940 Upstream-ID: 05a0cb323ea4bc20e98db099b42c067bfb9ea1ea
7941
7942commit 83b581862a1dbb06fc859959f829dde2654aef3c
7943Author: djm@openbsd.org <djm@openbsd.org>
7944Date: Fri Aug 19 03:18:06 2016 +0000
7945
7946 upstream commit
7947
7948 remove UseLogin option and support for having /bin/login
7949 manage login sessions; ok deraadt markus dtucker
7950
7951 Upstream-ID: bea7213fbf158efab7e602d9d844fba4837d2712
7952
7953commit ffe6549c2f7a999cc5264b873a60322e91862581
7954Author: naddy@openbsd.org <naddy@openbsd.org>
7955Date: Mon Aug 15 12:32:04 2016 +0000
7956
7957 upstream commit
7958
7959 Catch up with the SSH1 code removal and delete all
7960 mention of protocol 1 particularities, key files and formats, command line
7961 options, and configuration keywords from the server documentation and
7962 examples. ok jmc@
7963
7964 Upstream-ID: 850328854675b4b6a0d4a90f0b4a9dd9ca4e905f
7965
7966commit c38ea634893a1975dbbec798fb968c9488013f4a
7967Author: naddy@openbsd.org <naddy@openbsd.org>
7968Date: Mon Aug 15 12:27:56 2016 +0000
7969
7970 upstream commit
7971
7972 Remove more SSH1 server code: * Drop sshd's -k option. *
7973 Retire configuration keywords that only apply to protocol 1, as well as the
7974 "protocol" keyword. * Remove some related vestiges of protocol 1 support.
7975
7976 ok markus@
7977
7978 Upstream-ID: 9402f82886de917779db12f8ee3f03d4decc244d
7979
7980commit 33ba55d9e358c07f069e579bfab80eccaaad52cb
7981Author: Darren Tucker <dtucker@zip.com.au>
7982Date: Wed Aug 17 16:26:04 2016 +1000
7983
7984 Only check for prctl once.
7985
7986commit 976ba8a8fd66a969bf658280c1e5adf694cc2fc6
7987Author: Darren Tucker <dtucker@zip.com.au>
7988Date: Wed Aug 17 15:33:10 2016 +1000
7989
7990 Fix typo.
7991
7992commit 9abf84c25ff4448891edcde60533a6e7b2870de1
7993Author: Darren Tucker <dtucker@zip.com.au>
7994Date: Wed Aug 17 14:25:43 2016 +1000
7995
7996 Correct LDFLAGS for clang example.
7997
7998 --with-ldflags isn't used until after the -ftrapv test, so mention
7999 LDFLAGS instead for now.
8000
8001commit 1e8013a17ff11e3c6bd0012fb1fc8d5f1330eb21
8002Author: Darren Tucker <dtucker@zip.com.au>
8003Date: Wed Aug 17 14:08:42 2016 +1000
8004
8005 Remove obsolete CVS $Id from source files.
8006
8007 Since -portable switched to git the CVS $Id tags are no longer being
8008 updated and are becoming increasingly misleading. Remove them.
8009
8010commit adab758242121181700e48b4f6c60d6b660411fe
8011Author: Darren Tucker <dtucker@zip.com.au>
8012Date: Wed Aug 17 13:40:58 2016 +1000
8013
8014 Remove now-obsolete CVS $Id tags from text files.
8015
8016 Since -portable switched to git, the CVS $Id tags are no longer being
8017 updated and are becoming increasingly misleading. Remove them.
8018
8019commit 560c0068541315002ec4c1c00a560bbd30f2d671
8020Author: Darren Tucker <dtucker@zip.com.au>
8021Date: Wed Aug 17 13:38:30 2016 +1000
8022
8023 Add a section for compiler specifics.
8024
8025 Add a section for compiler specifics and document the runtime requirements
8026 for clang's integer sanitization.
8027
8028commit a8fc0f42e1eda2fa3393d1ea5e61322d5e07a9cd
8029Author: Darren Tucker <dtucker@zip.com.au>
8030Date: Wed Aug 17 13:35:43 2016 +1000
8031
8032 Test multiplying two long long ints.
8033
8034 When using clang with -ftrapv or -sanitize=integer the tests would pass
8035 but linking would fail with "undefined reference to __mulodi4".
8036 Explicitly test for this before enabling -trapv.
8037
8038commit a1cc637e7e11778eb727559634a6ef1c19c619f6
8039Author: Damien Miller <djm@mindrot.org>
8040Date: Tue Aug 16 14:47:34 2016 +1000
8041
8042 add a --with-login-program configure argument
8043
8044 Saves messing around with LOGIN_PROGRAM env var, which come
8045 packaging environments make hard to do during configure phase.
8046
8047commit 8bd81e1596ab1bab355146cb65e82fb96ade3b23
8048Author: Damien Miller <djm@mindrot.org>
8049Date: Tue Aug 16 13:30:56 2016 +1000
8050
8051 add --with-pam-service to specify PAM service name
8052
8053 Saves messing around with CFLAGS to do it.
8054
8055commit 74433a19bb6f4cef607680fa4d1d7d81ca3826aa
8056Author: Damien Miller <djm@mindrot.org>
8057Date: Tue Aug 16 13:28:23 2016 +1000
8058
8059 fix false positives when compiled with msan
8060
8061 Our explicit_bzero successfully confused clang -fsanitize-memory
8062 in to thinking that memset is never called to initialise memory.
8063 Ensure that it is called in a way that the compiler recognises.
8064
8065commit 6cb6dcffe1a2204ba9006de20f73255c268fcb6b
8066Author: markus@openbsd.org <markus@openbsd.org>
8067Date: Sat Aug 13 17:47:40 2016 +0000
8068
8069 upstream commit
8070
8071 remove ssh1 server code; ok djm@
8072
8073 Upstream-ID: c24c0c32c49b91740d5a94ae914fb1898ea5f534
8074
8075commit 42d47adc5ad1187f22c726cbc52e71d6b1767ca2
8076Author: jca@openbsd.org <jca@openbsd.org>
8077Date: Fri Aug 12 19:19:04 2016 +0000
8078
8079 upstream commit
8080
8081 Use 2001:db8::/32, the official IPv6 subnet for
8082 configuration examples.
8083
8084 This makes the IPv6 example consistent with IPv4, and removes a dubious
8085 mention of a 6bone subnet.
8086
8087 ok sthen@ millert@
8088
8089 Upstream-ID: b027f3d0e0073419a132fd1bf002e8089b233634
8090
8091commit b61f53c0c3b43c28e013d3b3696d64d1c0204821
8092Author: dtucker@openbsd.org <dtucker@openbsd.org>
8093Date: Thu Aug 11 01:42:11 2016 +0000
8094
8095 upstream commit
8096
8097 Update moduli file.
8098
8099 Upstream-ID: 6da9a37f74aef9f9cc639004345ad893cad582d8
8100
8101commit f217d9bd42d306f69f56335231036b44502d8191
8102Author: Darren Tucker <dtucker@zip.com.au>
8103Date: Thu Aug 11 11:42:48 2016 +1000
8104
8105 Import updated moduli.
8106
8107commit 67dca60fbb4923b7a11c1645b90a5ca57c03d8be
8108Author: dtucker@openbsd.org <dtucker@openbsd.org>
8109Date: Mon Aug 8 22:40:57 2016 +0000
8110
8111 upstream commit
8112
8113 Improve error message for overlong ControlPath. ok markus@
8114 djm@
8115
8116 Upstream-ID: aed374e2e88dd3eb41390003e5303d0089861eb5
8117
8118commit 4706c1d8c15cd5565b59512853c2da9bd4ca26c9
8119Author: djm@openbsd.org <djm@openbsd.org>
8120Date: Wed Aug 3 05:41:57 2016 +0000
8121
8122 upstream commit
8123
8124 small refactor of cipher.c: make ciphercontext opaque to
8125 callers feedback and ok markus@
8126
8127 Upstream-ID: 094849f8be68c3bdad2c0f3dee551ecf7be87f6f
8128
8129commit e600348a7afd6325cc5cd783cb424065cbc20434
8130Author: dtucker@openbsd.org <dtucker@openbsd.org>
8131Date: Wed Aug 3 04:23:55 2016 +0000
8132
8133 upstream commit
8134
8135 Fix bug introduced in rev 1.467 which causes
8136 "buffer_get_bignum_ret: incomplete message" errors when built with WITH_SSH1
8137 and run such that no Protocol 1 ephemeral host key is generated (eg "Protocol
8138 2", no SSH1 host key supplied). Reported by rainer.laatsch at t-online.de,
8139 ok deraadt@
8140
8141 Upstream-ID: aa6b132da5c325523aed7989cc5a320497c919dc
8142
8143commit d7e7348e72f9b203189e3fffb75605afecba4fda
8144Author: djm@openbsd.org <djm@openbsd.org>
8145Date: Wed Jul 27 23:18:12 2016 +0000
8146
8147 upstream commit
8148
8149 better bounds check on iovcnt (we only ever use fixed,
8150 positive values)
8151
8152 Upstream-ID: 9baa6eb5cd6e30c9dc7398e5fe853721a3a5bdee
8153
8154commit 5faa52d295f764562ed6dd75c4a4ce9134ae71e3
8155Author: Darren Tucker <dtucker@zip.com.au>
8156Date: Tue Aug 2 15:22:40 2016 +1000
8157
8158 Use tabs consistently inside "case $host".
8159
8160commit 20e5e8ba9c5d868d897896190542213a60fffbd2
8161Author: Darren Tucker <dtucker@zip.com.au>
8162Date: Tue Aug 2 12:16:34 2016 +1000
8163
8164 Explicitly test for broken strnvis.
8165
8166 NetBSD added an strnvis and unfortunately made it incompatible with the
8167 existing one in OpenBSD and Linux's libbsd (the former having existed
8168 for over ten years). Despite this incompatibility being reported during
8169 development (see http://gnats.netbsd.org/44977) they still shipped it.
8170 Even more unfortunately FreeBSD and later MacOS picked up this incompatible
8171 implementation. Try to detect this mess, and assume the only safe option
8172 if we're cross compiling.
8173
8174 OpenBSD 2.9 (2001): strnvis(char *dst, const char *src, size_t dlen, int flag);
8175 NetBSD 6.0 (2012): strnvis(char *dst, size_t dlen, const char *src, int flag);
8176
8177 ok djm@
8178
8179commit b0b48beab1b74100b61ecbadb9140c9ab4c2ea8c
8180Author: Damien Miller <djm@mindrot.org>
8181Date: Tue Aug 2 11:06:23 2016 +1000
8182
8183 update recommended autoconf version
8184
8185commit 23902e31dfd18c6d7bb41ccd73de3b5358a377da
8186Author: Damien Miller <djm@mindrot.org>
8187Date: Tue Aug 2 10:48:04 2016 +1000
8188
8189 update config.guess and config.sub to current
8190
8191 upstream commit 562f3512b3911ba0c77a7f68214881d1f241f46e
8192
8193commit dd1031b78b83083615b68d7163c44f4408635be2
8194Author: Darren Tucker <dtucker@zip.com.au>
8195Date: Tue Aug 2 10:01:52 2016 +1000
8196
8197 Replace spaces with tabs.
8198
8199 Mechanically replace spaces with tabs in compat files not synced with
8200 OpenBSD.
8201
8202commit c20dccb5614c5714f4155dda01bcdebf97cfae7e
8203Author: Darren Tucker <dtucker@zip.com.au>
8204Date: Tue Aug 2 09:44:25 2016 +1000
8205
8206 Strip trailing whitespace.
8207
8208 Mechanically strip trailing whitespace on files not synced with OpenBSD
8209 (or in the case of bsd-snprint.c, rsync).
8210
8211commit 30f9bd1c0963c23bfba8468dfd26aa17609ba42f
8212Author: Darren Tucker <dtucker@zip.com.au>
8213Date: Tue Aug 2 09:06:27 2016 +1000
8214
8215 Repair $OpenBSD markers.
8216
8217commit 9715d4ad4b53877ec23dc8681dd7a405de9419a6
8218Author: Darren Tucker <dtucker@zip.com.au>
8219Date: Tue Aug 2 09:02:42 2016 +1000
8220
8221 Repair $OpenBSD marker.
8222
8223commit cf3e0be7f5828a5e5f6c296a607d20be2f07d60c
8224Author: Tim Rice <tim@multitalents.net>
8225Date: Mon Aug 1 14:31:52 2016 -0700
8226
8227 modified: configure.ac opensshd.init.in
8228 Skip generating missing RSA1 key on startup unless ssh1 support is enabled.
8229 Spotted by Jean-Pierre Radley
8230
8231commit 99522ba7ec6963a05c04a156bf20e3ba3605987c
8232Author: Damien Miller <djm@mindrot.org>
8233Date: Thu Jul 28 08:54:27 2016 +1000
8234
8235 define _OPENBSD_SOURCE for reallocarray on NetBSD
8236
8237 Report by and debugged with Hisashi T Fujinaka, dtucker nailed
8238 the problem (lack of prototype causing return type confusion).
8239
8240commit 3e1e076550c27c6bbdddf36d8f42bd79fbaaa187
8241Author: Damien Miller <djm@mindrot.org>
8242Date: Wed Jul 27 08:25:42 2016 +1000
8243
8244 KNF
8245
8246commit d99ee9c4e5e217e7d05eeec84e9ce641f4675331
8247Author: Damien Miller <djm@mindrot.org>
8248Date: Wed Jul 27 08:25:23 2016 +1000
8249
8250 Linux auditing also needs packet.h
8251
8252commit 393bd381a45884b589baa9aed4394f1d250255ca
8253Author: Damien Miller <djm@mindrot.org>
8254Date: Wed Jul 27 08:18:05 2016 +1000
8255
8256 fix auditing on Linux
8257
8258 get_remote_ipaddr() was replaced with ssh_remote_ipaddr()
8259
8260commit 80e766fb089de4f3c92b1600eb99e9495e37c992
8261Author: Damien Miller <djm@mindrot.org>
8262Date: Sun Jul 24 21:50:13 2016 +1000
8263
8264 crank version numbers
8265
8266commit b1a478792d458f2e938a302e64bab2b520edc1b3
8267Author: djm@openbsd.org <djm@openbsd.org>
8268Date: Sun Jul 24 11:45:36 2016 +0000
8269
8270 upstream commit
8271
8272 openssh-7.3
8273
8274 Upstream-ID: af106a7eb665f642648cf1993e162c899f358718
8275
8276commit 353766e0881f069aeca30275ab706cd60a1a8fdd
8277Author: Darren Tucker <dtucker@zip.com.au>
8278Date: Sat Jul 23 16:14:42 2016 +1000
8279
8280 Move Cygwin IPPORT_RESERVED overrride to defines.h
8281
8282 Patch from vinschen at redhat.com.
8283
8284commit 368dd977ae07afb93f4ecea23615128c95ab2b32
8285Author: djm@openbsd.org <djm@openbsd.org>
8286Date: Sat Jul 23 02:54:08 2016 +0000
8287
8288 upstream commit
8289
8290 fix pledge violation with ssh -f; reported by Valentin
8291 Kozamernik ok dtucker@
8292
8293 Upstream-ID: a61db7988db88d9dac3c4dd70e18876a8edf84aa
8294
8295commit f00211e3c6d24d6ea2b64b4b1209f671f6c1d42e
8296Author: djm@openbsd.org <djm@openbsd.org>
8297Date: Fri Jul 22 07:00:46 2016 +0000
8298
8299 upstream commit
8300
8301 improve wording; suggested by jmc@
8302
8303 Upstream-ID: 55cb0a24c8e0618b3ceec80998dc82c85db2d2f8
8304
8305commit 83cbca693c3b0719270e6a0f2efe3f9ee93a65b8
8306Author: dtucker@openbsd.org <dtucker@openbsd.org>
8307Date: Fri Jul 22 05:46:11 2016 +0000
8308
8309 upstream commit
8310
8311 Lower loglevel for "Authenticated with partial success"
8312 message similar to other similar level. bz#2599, patch from cgallek at
8313 gmail.com, ok markus@
8314
8315 Upstream-ID: 3faab814e947dc7b2e292edede23e94c608cb4dd
8316
8317commit 10358abd087ab228b7ce2048efc4f3854a9ab9a6
8318Author: Damien Miller <djm@mindrot.org>
8319Date: Fri Jul 22 14:06:36 2016 +1000
8320
8321 retry waitpid on EINTR failure
8322
8323 patch from Jakub Jelen on bz#2581; ok dtucker@
8324
8325commit da88a70a89c800e74ea8e5661ffa127a3cc79a92
8326Author: djm@openbsd.org <djm@openbsd.org>
8327Date: Fri Jul 22 03:47:36 2016 +0000
8328
8329 upstream commit
8330
8331 constify a few functions' arguments; patch from Jakub
8332 Jelen bz#2581
8333
8334 Upstream-ID: f2043f51454ea37830ff6ad60c8b32b4220f448d
8335
8336commit c36d91bd4ebf767f310f7cea88d61d1c15f53ddf
8337Author: djm@openbsd.org <djm@openbsd.org>
8338Date: Fri Jul 22 03:39:13 2016 +0000
8339
8340 upstream commit
8341
8342 move debug("%p", key) to before key is free'd; probable
8343 undefined behaviour on strict compilers; reported by Jakub Jelen bz#2581
8344
8345 Upstream-ID: 767f323e1f5819508a0e35e388ec241bac2f953a
8346
8347commit 286f5a77c3bfec1e8892ca268087ac885ac871bf
8348Author: djm@openbsd.org <djm@openbsd.org>
8349Date: Fri Jul 22 03:35:11 2016 +0000
8350
8351 upstream commit
8352
8353 reverse the order in which -J/JumpHost proxies are visited to
8354 be more intuitive and document
8355
8356 reported by and manpage bits naddy@
8357
8358 Upstream-ID: 3a68fd6a841fd6cf8cedf6552a9607ba99df179a
8359
8360commit fcd135c9df440bcd2d5870405ad3311743d78d97
8361Author: dtucker@openbsd.org <dtucker@openbsd.org>
8362Date: Thu Jul 21 01:39:35 2016 +0000
8363
8364 upstream commit
8365
8366 Skip passwords longer than 1k in length so clients can't
8367 easily DoS sshd by sending very long passwords, causing it to spend CPU
8368 hashing them. feedback djm@, ok markus@.
8369
8370 Brought to our attention by tomas.kuthan at oracle.com, shilei-c at
8371 360.cn and coredump at autistici.org
8372
8373 Upstream-ID: d0af7d4a2190b63ba1d38eec502bc4be0be9e333
8374
8375commit 324583e8fb3935690be58790425793df619c6d4d
8376Author: naddy@openbsd.org <naddy@openbsd.org>
8377Date: Wed Jul 20 10:45:27 2016 +0000
8378
8379 upstream commit
8380
8381 Do not clobber the global jump_host variables when
8382 parsing an inactive configuration. ok djm@
8383
8384 Upstream-ID: 5362210944d91417d5976346d41ac0b244350d31
8385
8386commit 32d921c323b989d28405e78d0a8923d12913d737
8387Author: jmc@openbsd.org <jmc@openbsd.org>
8388Date: Tue Jul 19 12:59:16 2016 +0000
8389
8390 upstream commit
8391
8392 tweak previous;
8393
8394 Upstream-ID: f3c1a5b3f05dff366f60c028728a2b43f15ff534
8395
8396commit d7eabc86fa049a12ba2c3fb198bd1d51b37f7025
8397Author: dtucker@openbsd.org <dtucker@openbsd.org>
8398Date: Tue Jul 19 11:38:53 2016 +0000
8399
8400 upstream commit
8401
8402 Allow wildcard for PermitOpen hosts as well as ports.
8403 bz#2582, patch from openssh at mzpqnxow.com and jjelen at redhat.com. ok
8404 markus@
8405
8406 Upstream-ID: af0294e9b9394c4e16e991424ca0a47a7cc605f2
8407
8408commit b98a2a8348e907b3d71caafd80f0be8fdd075943
8409Author: markus@openbsd.org <markus@openbsd.org>
8410Date: Mon Jul 18 11:35:33 2016 +0000
8411
8412 upstream commit
8413
8414 Reduce timing attack against obsolete CBC modes by always
8415 computing the MAC over a fixed size of data. Reported by Jean Paul
8416 Degabriele, Kenny Paterson, Torben Hansen and Martin Albrecht. ok djm@
8417
8418 Upstream-ID: f20a13279b00ba0afbacbcc1f04e62e9d41c2912
8419
8420commit dbf788b4d9d9490a5fff08a7b09888272bb10fcc
8421Author: Darren Tucker <dtucker@zip.com.au>
8422Date: Thu Jul 21 14:17:31 2016 +1000
8423
8424 Search users for one with a valid salt.
8425
8426 If the root account is locked (eg password "!!" or "*LK*") keep looking
8427 until we find a user with a valid salt to use for crypting passwords of
8428 invalid users. ok djm@
8429
8430commit e8b58f48fbb1b524fb4f0d4865fa0005d6a4b782
8431Author: Darren Tucker <dtucker@zip.com.au>
8432Date: Mon Jul 18 17:22:49 2016 +1000
8433
8434 Explicitly specify source files for regress tools.
8435
8436 Since adding $(REGRESSLIBS), $? is wrong because it includes only the
8437 changed source files. $< seems like it'd be right however it doesn't
8438 seem to work on some non-GNU makes, so do what works everywhere.
8439
8440commit eac1bbd06872c273f16ac0f9976b0aef026b701b
8441Author: Darren Tucker <dtucker@zip.com.au>
8442Date: Mon Jul 18 17:12:22 2016 +1000
8443
8444 Conditionally include err.h.
8445
8446commit 0a454147568746c503f669e1ba861f76a2e7a585
8447Author: Darren Tucker <dtucker@zip.com.au>
8448Date: Mon Jul 18 16:26:26 2016 +1000
8449
8450 Remove local implementation of err, errx.
8451
8452 We now have a shared implementation in libopenbsd-compat.
8453
8454commit eb999a4590846ba4d56ddc90bd07c23abfbab7b1
8455Author: djm@openbsd.org <djm@openbsd.org>
8456Date: Mon Jul 18 06:08:01 2016 +0000
8457
8458 upstream commit
8459
8460 Add some unsigned overflow checks for extra_pad. None of
8461 these are reachable with the amount of padding that we use internally.
8462 bz#2566, pointed out by Torben Hansen. ok markus@
8463
8464 Upstream-ID: 4d4be8450ab2fc1b852d5884339f8e8c31c3fd76
8465
8466commit c71ba790c304545464bb494de974cdf0f4b5cf1e
8467Author: Darren Tucker <dtucker@zip.com.au>
8468Date: Mon Jul 18 15:43:25 2016 +1000
8469
8470 Add dependency on libs for unit tests.
8471
8472 Makes "./configure && make tests" work again. ok djm@
8473
8474commit 8199d0311aea3e6fd0284c9025e7a83f4ece79e8
8475Author: Darren Tucker <dtucker@zip.com.au>
8476Date: Mon Jul 18 13:47:39 2016 +1000
8477
8478 Correct location for kexfuzz in clean target.
8479
8480commit 01558b7b07af43da774d3a11a5c51fa9c310849d
8481Author: Darren Tucker <dtucker@zip.com.au>
8482Date: Mon Jul 18 09:33:25 2016 +1000
8483
8484 Handle PAM_MAXTRIES from modules.
8485
8486 bz#2249: handle the case where PAM returns PAM_MAXTRIES by ceasing to offer
8487 password and keyboard-interative authentication methods. Should prevent
8488 "sshd ignoring max retries" warnings in the log. ok djm@
8489
8490 It probably won't trigger with keyboard-interactive in the default
8491 configuration because the retry counter is stored in module-private
8492 storage which goes away with the sshd PAM process (see bz#688). On the
8493 other hand, those cases probably won't log a warning either.
8494
8495commit 65c6c6b567ab5ab12945a5ad8e0ab3a8c26119cc
8496Author: djm@openbsd.org <djm@openbsd.org>
8497Date: Sun Jul 17 04:20:16 2016 +0000
8498
8499 upstream commit
8500
8501 support UTF-8 characters in ssh(1) banners using
8502 schwarze@'s safe fmprintf printer; bz#2058
8503
8504 feedback schwarze@ ok dtucker@
8505
8506 Upstream-ID: a72ce4e3644c957643c9524eea2959e41b91eea7
8507
8508commit e4eb7d910976fbfc7ce3e90c95c11b07b483d0d7
8509Author: jmc@openbsd.org <jmc@openbsd.org>
8510Date: Sat Jul 16 06:57:55 2016 +0000
8511
8512 upstream commit
8513
8514 - add proxyjump to the options list - formatting fixes -
8515 update usage()
8516
8517 ok djm
8518
8519 Upstream-ID: 43d318e14ce677a2eec8f21ef5ba2f9f68a59457
8520
8521commit af1f084857621f14bd9391aba8033d35886c2455
8522Author: dtucker@openbsd.org <dtucker@openbsd.org>
8523Date: Fri Jul 15 05:01:58 2016 +0000
8524
8525 upstream commit
8526
8527 Reduce the syslog level of some relatively common protocol
8528 events from LOG_CRIT by replacing fatal() calls with logdie(). Part of
8529 bz#2585, ok djm@
8530
8531 Upstream-ID: 9005805227c94edf6ac02a160f0e199638d288e5
8532
8533commit bd5f2b78b69cf38d6049a0de445a79c8595e4a1f
8534Author: Damien Miller <djm@mindrot.org>
8535Date: Fri Jul 15 19:14:48 2016 +1000
8536
8537 missing openssl/dh.h
8538
8539commit 4a984fd342effe5f0aad874a0d538c4322d973c0
8540Author: Damien Miller <djm@mindrot.org>
8541Date: Fri Jul 15 18:47:07 2016 +1000
8542
8543 cast to avoid type warning in error message
8544
8545commit 5abfb15ced985c340359ae7fb65a625ed3692b3e
8546Author: Darren Tucker <dtucker@zip.com.au>
8547Date: Fri Jul 15 14:48:30 2016 +1000
8548
8549 Move VA_COPY macro into compat header.
8550
8551 Some AIX compilers unconditionally undefine va_copy but don't set it back
8552 to an internal function, causing link errors. In some compat code we
8553 already use VA_COPY instead so move the two existing instances into the
8554 shared header and use for sshbuf-getput-basic.c too. Should fix building
8555 with at lease some versions of AIX's compiler. bz#2589, ok djm@
8556
8557commit 832b7443b7a8e181c95898bc5d73497b7190decd
8558Author: Damien Miller <djm@mindrot.org>
8559Date: Fri Jul 15 14:45:34 2016 +1000
8560
8561 disable ciphers not supported by OpenSSL
8562
8563 bz#2466 ok dtucker@
8564
8565commit 5fbe93fc6fbb2fe211e035703dec759d095e3dd8
8566Author: Damien Miller <djm@mindrot.org>
8567Date: Fri Jul 15 13:54:31 2016 +1000
8568
8569 add a --disable-pkcs11 knob
8570
8571commit 679ce88ec2a8e2fe6515261c489e8c1449bb9da9
8572Author: Damien Miller <djm@mindrot.org>
8573Date: Fri Jul 15 13:44:38 2016 +1000
8574
8575 fix newline escaping for unsupported_algorithms
8576
8577 The hmac-ripemd160 was incorrect and could lead to broken
8578 Makefiles on systems that lacked support for it, but I made
8579 all the others consistent too.
8580
8581commit ed877ef653847d056bb433975d731b7a1132a979
8582Author: djm@openbsd.org <djm@openbsd.org>
8583Date: Fri Jul 15 00:24:30 2016 +0000
8584
8585 upstream commit
8586
8587 Add a ProxyJump ssh_config(5) option and corresponding -J
8588 ssh(1) command-line flag to allow simplified indirection through a SSH
8589 bastion or "jump host".
8590
8591 These options construct a proxy command that connects to the
8592 specified jump host(s) (more than one may be specified) and uses
8593 port-forwarding to establish a connection to the next destination.
8594
8595 This codifies the safest way of indirecting connections through SSH
8596 servers and makes it easy to use.
8597
8598 ok markus@
8599
8600 Upstream-ID: fa899cb8b26d889da8f142eb9774c1ea36b04397
8601
8602commit 5c02dd126206a26785379e80f2d3848e4470b711
8603Author: Darren Tucker <dtucker@zip.com.au>
8604Date: Fri Jul 15 12:56:39 2016 +1000
8605
8606 Map umac_ctx struct name too.
8607
8608 Prevents size mismatch linker warnings on Solaris 11.
8609
8610commit 283b97ff33ea2c641161950849931bd578de6946
8611Author: Darren Tucker <dtucker@zip.com.au>
8612Date: Fri Jul 15 13:49:44 2016 +1000
8613
8614 Mitigate timing of disallowed users PAM logins.
8615
8616 When sshd decides to not allow a login (eg PermitRootLogin=no) and
8617 it's using PAM, it sends a fake password to PAM so that the timing for
8618 the failure is not noticeably different whether or not the password
8619 is correct. This behaviour can be detected by sending a very long
8620 password string which is slower to hash than the fake password.
8621
8622 Mitigate by constructing an invalid password that is the same length
8623 as the one from the client and thus takes the same time to hash.
8624 Diff from djm@
8625
8626commit 9286875a73b2de7736b5e50692739d314cd8d9dc
8627Author: Darren Tucker <dtucker@zip.com.au>
8628Date: Fri Jul 15 13:32:45 2016 +1000
8629
8630 Determine appropriate salt for invalid users.
8631
8632 When sshd is processing a non-PAM login for a non-existent user it uses
8633 the string from the fakepw structure as the salt for crypt(3)ing the
8634 password supplied by the client. That string has a Blowfish prefix, so on
8635 systems that don't understand that crypt will fail fast due to an invalid
8636 salt, and even on those that do it may have significantly different timing
8637 from the hash methods used for real accounts (eg sha512). This allows
8638 user enumeration by, eg, sending large password strings. This was noted
8639 by EddieEzra.Harari at verint.com (CVE-2016-6210).
8640
8641 To mitigate, use the same hash algorithm that root uses for hashing
8642 passwords for users that do not exist on the system. ok djm@
8643
8644commit a162dd5e58ca5b224d7500abe35e1ef32b5de071
8645Author: Darren Tucker <dtucker@zip.com.au>
8646Date: Thu Jul 14 21:19:59 2016 +1000
8647
8648 OpenSSL 1.1.x not currently supported.
8649
8650commit 7df91b01fc558a33941c5c5f31abbcdc53a729fb
8651Author: Darren Tucker <dtucker@zip.com.au>
8652Date: Thu Jul 14 12:25:24 2016 +1000
8653
8654 Check for VIS_ALL.
8655
8656 If we don't have it, set BROKEN_STRNVIS to activate the compat replacement.
8657
8658commit ee67716f61f1042d5e67f91c23707cca5dcdd7d0
8659Author: dtucker@openbsd.org <dtucker@openbsd.org>
8660Date: Thu Jul 14 01:24:21 2016 +0000
8661
8662 upstream commit
8663
8664 Correct equal in test.
8665
8666 Upstream-Regress-ID: 4e32f7a5c57a619c4e8766cb193be2a1327ec37a
8667
8668commit 372807c2065c8572fdc6478b25cc5ac363743073
8669Author: tb@openbsd.org <tb@openbsd.org>
8670Date: Mon Jul 11 21:38:13 2016 +0000
8671
8672 upstream commit
8673
8674 Add missing "recvfd" pledge promise: Raf Czlonka reported
8675 ssh coredumps when Control* keywords were set in ssh_config. This patch also
8676 fixes similar problems with scp and sftp.
8677
8678 ok deraadt, looks good to millert
8679
8680 Upstream-ID: ca2099eade1ef3e87a79614fefa26a0297ad8a3b
8681
8682commit e0453f3df64bf485c61c7eb6bd12893eee9fe2cd
8683Author: tedu@openbsd.org <tedu@openbsd.org>
8684Date: Mon Jul 11 03:19:44 2016 +0000
8685
8686 upstream commit
8687
8688 obsolete note about fascistloggin is obsolete. ok djm
8689 dtucker
8690
8691 Upstream-ID: dae60df23b2bb0e89f42661ddd96a7b0d1b7215a
8692
8693commit a2333584170a565adf4f209586772ef8053b10b8
8694Author: Darren Tucker <dtucker@zip.com.au>
8695Date: Thu Jul 14 10:59:09 2016 +1000
8696
8697 Add compat code for missing wcwidth.
8698
8699 If we don't have wcwidth force fallback implementations of nl_langinfo
8700 and mbtowc. Based on advice from Ingo Schwarze.
8701
8702commit 8aaec7050614494014c47510b7e94daf6e644c62
8703Author: Damien Miller <djm@mindrot.org>
8704Date: Thu Jul 14 09:48:48 2016 +1000
8705
8706 fix missing include for systems with err.h
8707
8708commit 6310ef27a2567cda66d6cf0c1ad290ee1167f243
8709Author: Darren Tucker <dtucker@zip.com.au>
8710Date: Wed Jul 13 14:42:35 2016 +1000
8711
8712 Move err.h replacements into compat lib.
8713
8714 Move implementations of err.h replacement functions into their own file
8715 in the libopenbsd-compat so we can use them in kexfuzz.c too. ok djm@
8716
8717commit f3f2cc8386868f51440c45210098f65f9787449a
8718Author: Darren Tucker <dtucker@zip.com.au>
8719Date: Mon Jul 11 17:23:38 2016 +1000
8720
8721 Check for wchar.h and langinfo.h
8722
8723 Wrap includes in the appropriate #ifdefs.
8724
8725commit b9c50614eba9d90939b2b119b6e1b7e03b462278
8726Author: Damien Miller <djm@mindrot.org>
8727Date: Fri Jul 8 13:59:13 2016 +1000
8728
8729 whitelist more architectures for seccomp-bpf
8730
8731 bz#2590 - testing and patch from Jakub Jelen
8732
8733commit 18813a32b6fd964037e0f5e1893cb4468ac6a758
8734Author: guenther@openbsd.org <guenther@openbsd.org>
8735Date: Mon Jul 4 18:01:44 2016 +0000
8736
8737 upstream commit
8738
8739 DEBUGLIBS has been broken since the gcc4 switch, so delete
8740 it. CFLAGS contains -g by default anyway
8741
8742 problem noted by Edgar Pettijohn (edgar (at) pettijohn-web.com)
8743 ok millert@ kettenis@ deraadt@
8744
8745 Upstream-Regress-ID: 4a0bb72f95c63f2ae9daa8a040ac23914bddb542
8746
8747commit 6d31193d0baa3da339c196ac49625b7ba1c2ecc7
8748Author: djm@openbsd.org <djm@openbsd.org>
8749Date: Fri Jul 8 03:44:42 2016 +0000
8750
8751 upstream commit
8752
8753 Improve crypto ordering for Encrypt-then-MAC (EtM) mode
8754 MAC algorithms.
8755
8756 Previously we were computing the MAC, decrypting the packet and then
8757 checking the MAC. This gave rise to the possibility of creating a
8758 side-channel oracle in the decryption step, though no such oracle has
8759 been identified.
8760
8761 This adds a mac_check() function that computes and checks the MAC in
8762 one pass, and uses it to advance MAC checking for EtM algorithms to
8763 before payload decryption.
8764
8765 Reported by Jean Paul Degabriele, Kenny Paterson, Torben Hansen and
8766 Martin Albrecht. feedback and ok markus@
8767
8768 Upstream-ID: 1999bb67cab47dda5b10b80d8155fe83d4a1867b
8769
8770commit 71f5598f06941f645a451948c4a5125c83828e1c
8771Author: guenther@openbsd.org <guenther@openbsd.org>
8772Date: Mon Jul 4 18:01:44 2016 +0000
8773
8774 upstream commit
8775
8776 DEBUGLIBS has been broken since the gcc4 switch, so
8777 delete it. CFLAGS contains -g by default anyway
8778
8779 problem noted by Edgar Pettijohn (edgar (at) pettijohn-web.com)
8780 ok millert@ kettenis@ deraadt@
8781
8782 Upstream-ID: 96c5054e3e1f170c6276902d5bc65bb3b87a2603
8783
8784commit e683fc6f1c8c7295648dbda679df8307786ec1ce
8785Author: dtucker@openbsd.org <dtucker@openbsd.org>
8786Date: Thu Jun 30 05:17:05 2016 +0000
8787
8788 upstream commit
8789
8790 Explicitly check for 100% completion to avoid potential
8791 floating point rounding error, which could cause progressmeter to report 99%
8792 on completion. While there invert the test so the 100% case is clearer. with
8793 & ok djm@
8794
8795 Upstream-ID: a166870c5878e422f3c71ff802e2ccd7032f715d
8796
8797commit 772e6cec0ed740fc7db618dc30b4134f5a358b43
8798Author: jmc@openbsd.org <jmc@openbsd.org>
8799Date: Wed Jun 29 17:14:28 2016 +0000
8800
8801 upstream commit
8802
8803 sort the -o list;
8804
8805 Upstream-ID: 1a97465ede8790b4d47cb618269978e07f41f8ac
8806
8807commit 46ecd19e554ccca15a7309cd1b6b44bc8e6b84af
8808Author: djm@openbsd.org <djm@openbsd.org>
8809Date: Thu Jun 23 05:17:51 2016 +0000
8810
8811 upstream commit
8812
8813 fix AuthenticationMethods during configuration re-parse;
8814 reported by Juan Francisco Cantero Hurtado
8815
8816 Upstream-ID: 8ffa1dac25c7577eca8238e825317ab20848f9b4
8817
8818commit 3147e7595d0f2f842a666c844ac53e6c7a253d7e
8819Author: djm@openbsd.org <djm@openbsd.org>
8820Date: Sun Jun 19 07:48:02 2016 +0000
8821
8822 upstream commit
8823
8824 revert 1.34; causes problems loading public keys
8825
8826 reported by semarie@
8827
8828 Upstream-ID: b393794f8935c8b15d98a407fe7721c62d2ed179
8829
8830commit ad23a75509f4320d43f628c50f0817e3ad12bfa7
8831Author: jmc@openbsd.org <jmc@openbsd.org>
8832Date: Fri Jun 17 06:33:30 2016 +0000
8833
8834 upstream commit
8835
8836 grammar fix;
8837
8838 Upstream-ID: 5d5b21c80f1e81db367333ce0bb3e5874fb3e463
8839
8840commit 5e28b1a2a3757548b40018cc2493540a17c82e27
8841Author: djm@openbsd.org <djm@openbsd.org>
8842Date: Fri Jun 17 05:06:23 2016 +0000
8843
8844 upstream commit
8845
8846 translate OpenSSL error codes to something more
8847 meaninful; bz#2522 reported by Jakub Jelen, ok dtucker@
8848
8849 Upstream-ID: 4cb0795a366381724314e6515d57790c5930ffe5
8850
8851commit b64faeb5eda7eff8210c754d00464f9fe9d23de5
8852Author: djm@openbsd.org <djm@openbsd.org>
8853Date: Fri Jun 17 05:03:40 2016 +0000
8854
8855 upstream commit
8856
8857 ban AuthenticationMethods="" and accept
8858 AuthenticationMethods=any for the default behaviour of not requiring multiple
8859 authentication
8860
8861 bz#2398 from Jakub Jelen; ok dtucker@
8862
8863 Upstream-ID: fabd7f44d59e4518d241d0d01e226435cc23cf27
8864
8865commit 9816fc5daee5ca924dd5c4781825afbaab728877
8866Author: dtucker@openbsd.org <dtucker@openbsd.org>
8867Date: Thu Jun 16 11:00:17 2016 +0000
8868
8869 upstream commit
8870
8871 Include stdarg.h for va_copy as per man page.
8872
8873 Upstream-ID: 105d6b2f1af2fbd9d91c893c436ab121434470bd
8874
8875commit b6cf84b51bc0f5889db48bf29a0c771954ade283
8876Author: jmc@openbsd.org <jmc@openbsd.org>
8877Date: Thu Jun 16 06:10:45 2016 +0000
8878
8879 upstream commit
8880
8881 keys stored in openssh format can have comments too; diff
8882 from yonas yanfa, tweaked a bit;
8883
8884 ok djm
8885
8886 Upstream-ID: 03d48536da6e51510d73ade6fcd44ace731ceb27
8887
8888commit aa37768f17d01974b6bfa481e5e83841b6c76f86
8889Author: Darren Tucker <dtucker@zip.com.au>
8890Date: Mon Jun 20 15:55:34 2016 +1000
8891
8892 get_remote_name_or_ip inside LOGIN_NEEDS_UTMPX
8893
8894 Apply the same get_remote_name_or_ip -> session_get_remote_name_or_ip
8895 change as commit 95767262 to the code inside #ifdef LOGIN_NEEDS_UTMPX.
8896 Fixes build on AIX.
8897
8898commit 009891afc8df37bc2101e15d1e0b6433cfb90549
8899Author: Darren Tucker <dtucker@zip.com.au>
8900Date: Fri Jun 17 14:34:09 2016 +1000
8901
8902 Remove duplicate code from PAM. ok djm@
8903
8904commit e690fe85750e93fca1fb7c7c8587d4130a4f7aba
8905Author: dtucker@openbsd.org <dtucker@openbsd.org>
8906Date: Wed Jun 15 00:40:40 2016 +0000
8907
8908 upstream commit
8909
8910 Remove "POSSIBLE BREAK-IN ATTEMPT!" from log message
8911 about forward and reverse DNS not matching. We haven't supported IP-based
8912 auth methods for a very long time so it's now misleading. part of bz#2585,
8913 ok markus@
8914
8915 Upstream-ID: 5565ef0ee0599b27f0bd1d3bb1f8a323d8274e29
8916
8917commit 57b4ee04cad0d3e0fec1194753b0c4d31e39a1cd
8918Author: Darren Tucker <dtucker@zip.com.au>
8919Date: Wed Jun 15 11:22:38 2016 +1000
8920
8921 Move platform_disable_tracing into its own file.
8922
8923 Prevents link errors resolving the extern "options" when platform.o
8924 gets linked into ssh-agent when building --with-pam.
8925
8926commit 78dc8e3724e30ee3e1983ce013e80277dc6ca070
8927Author: Darren Tucker <dtucker@zip.com.au>
8928Date: Tue Jun 14 13:55:12 2016 +1000
8929
8930 Track skipped upstream commit IDs.
8931
8932 There are a small number of "upstream" commits that do not correspond to
8933 a file in -portable. This file tracks those so that we can reconcile
8934 OpenBSD and Portable to ensure that no commits are accidentally missed.
8935
8936 If you add something to .skipped-commit-ids please also add an upstream
8937 ID line in the following format when you commit it.
8938
8939 Upstream-ID: 321065a95a7ccebdd5fd08482a1e19afbf524e35
8940 Upstream-ID: d4f699a421504df35254cf1c6f1a7c304fb907ca
8941 Upstream-ID: aafe246655b53b52bc32c8a24002bc262f4230f7
8942 Upstream-ID: 8fa9cd1dee3c3339ae329cf20fb591db6d605120
8943 Upstream-ID: f31327a48dd4103333cc53315ec53fe65ed8a17a
8944 Upstream-ID: edbfde98c40007b7752a4ac106095e060c25c1ef
8945 Upstream-ID: 052fd565e3ff2d8cec3bc957d1788f50c827f8e2
8946 Upstream-ID: 7cf73737f357492776223da1c09179fa6ba74660
8947 Upstream-ID: 180d84674be1344e45a63990d60349988187c1ae
8948 Upstream-ID: f6ae971186ba68d066cd102e57d5b0b2c211a5ee
8949
8950commit 9f919d1a3219d476d6a662d18df058e1c4f36a6f
8951Author: Darren Tucker <dtucker@zip.com.au>
8952Date: Tue Jun 14 13:51:01 2016 +1000
8953
8954 Remove now-defunct .cvsignore files. ok djm
8955
8956commit 68777faf271efb2713960605c748f6c8a4b26d55
8957Author: dtucker@openbsd.org <dtucker@openbsd.org>
8958Date: Wed Jun 8 02:13:01 2016 +0000
8959
8960 upstream commit
8961
8962 Back out rev 1.28 "Check min and max sizes sent by the
8963 client" change. It caused "key_verify failed for server_host_key" in clients
8964 that send a DH-GEX min value less that DH_GRP_MIN, eg old OpenSSH and PuTTY.
8965 ok djm@
8966
8967 Upstream-ID: 452979d3ca5c1e9dff063287ea0a5314dd091f65
8968
8969commit a86ec4d0737ac5879223e7cd9d68c448df46e169
8970Author: Darren Tucker <dtucker@zip.com.au>
8971Date: Tue Jun 14 10:48:27 2016 +1000
8972
8973 Use Solaris setpflags(__PROC_PROTECT, ...).
8974
8975 Where possible, use Solaris setpflags to disable process tracing on
8976 ssh-agent and sftp-server. bz#2584, based on a patch from huieying.lee
8977 at oracle.com, ok djm.
8978
8979commit 0f916d39b039fdc0b5baf9b5ab0754c0f11ec573
8980Author: Darren Tucker <dtucker@zip.com.au>
8981Date: Tue Jun 14 10:43:53 2016 +1000
8982
8983 Shorten prctl code a tiny bit.
8984
8985commit 0fb7f5985351fbbcd2613d8485482c538e5123be
8986Author: Darren Tucker <dtucker@zip.com.au>
8987Date: Thu Jun 9 16:23:07 2016 +1000
8988
8989 Move prctl PR_SET_DUMPABLE into platform.c.
8990
8991 This should make it easier to add additional platform support such as
8992 Solaris (bz#2584).
8993
8994commit e6508898c3cd838324ecfe1abd0eb8cf802e7106
8995Author: dtucker@openbsd.org <dtucker@openbsd.org>
8996Date: Fri Jun 3 04:10:41 2016 +0000
8997
8998 upstream commit
8999
9000 Add a test for ssh(1)'s config file parsing.
9001
9002 Upstream-Regress-ID: 558b7f4dc45cc3761cc3d3e889b9f3c5bc91e601
9003
9004commit ab0a536066dfa32def0bd7272c096ebb5eb25b11
9005Author: dtucker@openbsd.org <dtucker@openbsd.org>
9006Date: Fri Jun 3 03:47:59 2016 +0000
9007
9008 upstream commit
9009
9010 Add 'sshd' to the test ID as I'm about to add a similar
9011 set for ssh.
9012
9013 Upstream-Regress-ID: aea7a9c3bac638530165c801ce836875b228ae7a
9014
9015commit a5577c1ed3ecdfe4b7b1107c526cae886fc91afb
9016Author: schwarze@openbsd.org <schwarze@openbsd.org>
9017Date: Mon May 30 12:14:08 2016 +0000
9018
9019 upstream commit
9020
9021 stricter malloc.conf(5) options for utf8 tests
9022
9023 Upstream-Regress-ID: 111efe20a0fb692fa1a987f6e823310f9b25abf6
9024
9025commit 75f0844b4f29d62ec3a5e166d2ee94b02df819fc
9026Author: schwarze@openbsd.org <schwarze@openbsd.org>
9027Date: Mon May 30 12:05:56 2016 +0000
9028
9029 upstream commit
9030
9031 Fix two rare edge cases: 1. If vasprintf() returns < 0,
9032 do not access a NULL pointer in snmprintf(), and do not free() the pointer
9033 returned from vasprintf() because on some systems other than OpenBSD, it
9034 might be a bogus pointer. 2. If vasprintf() returns == 0, return 0 and ""
9035 rather than -1 and NULL.
9036
9037 Besides, free(dst) is pointless after failure (not a bug).
9038
9039 One half OK martijn@, the other half OK deraadt@;
9040 committing quickly before people get hurt.
9041
9042 Upstream-Regress-ID: b164f20923812c9bac69856dbc1385eb1522cba4
9043
9044commit 016881eb33a7948028848c90f4c7ac42e3af0e87
9045Author: schwarze@openbsd.org <schwarze@openbsd.org>
9046Date: Thu May 26 19:14:25 2016 +0000
9047
9048 upstream commit
9049
9050 test the new utf8 module
9051
9052 Upstream-Regress-ID: c923d05a20e84e4ef152cbec947fdc4ce6eabbe3
9053
9054commit d4219028bdef448e089376f3afe81ef6079da264
9055Author: dtucker@openbsd.org <dtucker@openbsd.org>
9056Date: Tue May 3 15:30:46 2016 +0000
9057
9058 upstream commit
9059
9060 Set umask to prevent "Bad owner or permissions" errors.
9061
9062 Upstream-Regress-ID: 8fdf2fc4eb595ccd80c443f474d639f851145417
9063
9064commit 07d5608bb237e9b3fe86a2aeaa429392230faebf
9065Author: djm@openbsd.org <djm@openbsd.org>
9066Date: Tue May 3 14:41:04 2016 +0000
9067
9068 upstream commit
9069
9070 support doas
9071
9072 Upstream-Regress-ID: 8d5572b27ea810394eeda432d8b4e9e1064a7c38
9073
9074commit 01cabf10adc7676cba5f40536a34d3b246edb73f
9075Author: djm@openbsd.org <djm@openbsd.org>
9076Date: Tue May 3 13:48:33 2016 +0000
9077
9078 upstream commit
9079
9080 unit tests for sshbuf_dup_string()
9081
9082 Upstream-Regress-ID: 7521ff150dc7f20511d1c2c48fd3318e5850a96d
9083
9084commit 6915f1698e3d1dd4e22eac20f435e1dfc1d46372
9085Author: jmc@openbsd.org <jmc@openbsd.org>
9086Date: Fri Jun 3 06:44:12 2016 +0000
9087
9088 upstream commit
9089
9090 tweak previous;
9091
9092 Upstream-ID: 92979f1a0b63e041a0e5b08c9ed0ba9b683a3698
9093
9094commit 0cb2f4c2494b115d0f346ed2d8b603ab3ba643f4
9095Author: dtucker@openbsd.org <dtucker@openbsd.org>
9096Date: Fri Jun 3 04:09:38 2016 +0000
9097
9098 upstream commit
9099
9100 Allow ExitOnForwardFailure and ClearAllForwardings to be
9101 overridden when using ssh -W (but still default to yes in that case).
9102 bz#2577, ok djm@.
9103
9104 Upstream-ID: 4b20c419e93ca11a861c81c284090cfabc8c54d4
9105
9106commit 8543ff3f5020fe659839b15f05b8c522bde6cee5
9107Author: dtucker@openbsd.org <dtucker@openbsd.org>
9108Date: Fri Jun 3 03:14:41 2016 +0000
9109
9110 upstream commit
9111
9112 Move the host and port used by ssh -W into the Options
9113 struct. This will make future changes a bit easier. ok djm@
9114
9115 Upstream-ID: 151bce5ecab2fbedf0d836250a27968d30389382
9116
9117commit 6b87311d3acdc460f926b2c40f4c4f3fd345f368
9118Author: dtucker@openbsd.org <dtucker@openbsd.org>
9119Date: Wed Jun 1 04:19:49 2016 +0000
9120
9121 upstream commit
9122
9123 Check min and max sizes sent by the client against what
9124 we support before passing them to the monitor. ok djm@
9125
9126 Upstream-ID: 750627e8117084215412bff00a25b1586ab17ece
9127
9128commit 564cd2a8926ccb1dca43a535073540935b5e0373
9129Author: dtucker@openbsd.org <dtucker@openbsd.org>
9130Date: Tue May 31 23:46:14 2016 +0000
9131
9132 upstream commit
9133
9134 Ensure that the client's proposed DH-GEX max value is at
9135 least as big as the minimum the server will accept. ok djm@
9136
9137 Upstream-ID: b4b84fa04aab2de7e79a6fee4a6e1c189c0fe775
9138
9139commit df820722e40309c9b3f360ea4ed47a584ed74333
9140Author: Darren Tucker <dtucker@zip.com.au>
9141Date: Mon Jun 6 11:36:13 2016 +1000
9142
9143 Add compat bits to utf8.c.
9144
9145commit 05c6574652571becfe9d924226c967a3f4b3f879
9146Author: Darren Tucker <dtucker@zip.com.au>
9147Date: Mon Jun 6 11:33:43 2016 +1000
9148
9149 Fix utf->utf8 typo.
9150
9151commit 6c1717190b4d5ddd729cd9e24e8ed71ed4f087ce
9152Author: schwarze@openbsd.org <schwarze@openbsd.org>
9153Date: Mon May 30 18:34:41 2016 +0000
9154
9155 upstream commit
9156
9157 Backout rev. 1.43 for now.
9158
9159 The function update_progress_meter() calls refresh_progress_meter()
9160 which calls snmprintf() which calls malloc(); but update_progress_meter()
9161 acts as the SIGALRM signal handler.
9162
9163 "malloc(): error: recursive call" reported by sobrado@.
9164
9165 Upstream-ID: aaae57989431e5239c101f8310f74ccc83aeb93e
9166
9167commit cd9e1eabeb4137182200035ab6fa4522f8d24044
9168Author: schwarze@openbsd.org <schwarze@openbsd.org>
9169Date: Mon May 30 12:57:21 2016 +0000
9170
9171 upstream commit
9172
9173 Even when only writing an unescaped character, the dst
9174 buffer may need to grow, or it would be overrun; issue found by tb@ with
9175 malloc.conf(5) 'C'.
9176
9177 While here, reserve an additional byte for the terminating NUL
9178 up front such that we don't have to realloc() later just for that.
9179
9180 OK tb@
9181
9182 Upstream-ID: 30ebcc0c097c4571b16f0a78b44969f170db0cff
9183
9184commit ac284a355f8065eaef2a16f446f3c44cdd17371d
9185Author: schwarze@openbsd.org <schwarze@openbsd.org>
9186Date: Mon May 30 12:05:56 2016 +0000
9187
9188 upstream commit
9189
9190 Fix two rare edge cases: 1. If vasprintf() returns < 0,
9191 do not access a NULL pointer in snmprintf(), and do not free() the pointer
9192 returned from vasprintf() because on some systems other than OpenBSD, it
9193 might be a bogus pointer. 2. If vasprintf() returns == 0, return 0 and ""
9194 rather than -1 and NULL.
9195
9196 Besides, free(dst) is pointless after failure (not a bug).
9197
9198 One half OK martijn@, the other half OK deraadt@;
9199 committing quickly before people get hurt.
9200
9201 Upstream-ID: b7bcd2e82fc168a8eff94e41f5db336ed986fed0
9202
9203commit 0e059cdf5fd86297546c63fa8607c24059118832
9204Author: schwarze@openbsd.org <schwarze@openbsd.org>
9205Date: Wed May 25 23:48:45 2016 +0000
9206
9207 upstream commit
9208
9209 To prevent screwing up terminal settings when printing to
9210 the terminal, for ASCII and UTF-8, escape bytes not forming characters and
9211 bytes forming non-printable characters with vis(3) VIS_OCTAL. For other
9212 character sets, abort printing of the current string in these cases. In
9213 particular, * let scp(1) respect the local user's LC_CTYPE locale(1); *
9214 sanitize data received from the remote host; * sanitize filenames, usernames,
9215 and similar data even locally; * take character display widths into account
9216 for the progressmeter.
9217
9218 This is believed to be sufficient to keep the local terminal safe
9219 on OpenBSD, but bad things can still happen on other systems with
9220 state-dependent locales because many places in the code print
9221 unencoded ASCII characters into the output stream.
9222
9223 Using feedback from djm@ and martijn@,
9224 various aspects discussed with many others.
9225
9226 deraadt@ says it should go in now, i probably already hesitated too long
9227
9228 Upstream-ID: e66afbc94ee396ddcaffd433b9a3b80f387647e0
9229
9230commit 8c02e3639acefe1e447e293dbe23a0917abd3734
9231Author: dtucker@openbsd.org <dtucker@openbsd.org>
9232Date: Tue May 24 04:43:45 2016 +0000
9233
9234 upstream commit
9235
9236 KNF compression proposal and simplify the client side a
9237 little. ok djm@
9238
9239 Upstream-ID: aa814b694efe9e5af8a26e4c80a05526ae6d6605
9240
9241commit 7ec4946fb686813eb5f8c57397e465f5485159f4
9242Author: dtucker@openbsd.org <dtucker@openbsd.org>
9243Date: Tue May 24 02:31:57 2016 +0000
9244
9245 upstream commit
9246
9247 Back out 'plug memleak'.
9248
9249 Upstream-ID: 4faacdde136c24a961e24538de373660f869dbc0
9250
9251commit 82f24c3ddc52053aeb7beb3332fa94c92014b0c5
9252Author: djm@openbsd.org <djm@openbsd.org>
9253Date: Mon May 23 23:30:50 2016 +0000
9254
9255 upstream commit
9256
9257 prefer agent-hosted keys to keys from PKCS#11; ok markus
9258
9259 Upstream-ID: 7417f7653d58d6306d9f8c08d0263d050e2fd8f4
9260
9261commit a0cb7778fbc9b43458f7072eb68dd858766384d1
9262Author: dtucker@openbsd.org <dtucker@openbsd.org>
9263Date: Mon May 23 00:17:27 2016 +0000
9264
9265 upstream commit
9266
9267 Plug mem leak in filter_proposal. ok djm@
9268
9269 Upstream-ID: bf968da7cfcea2a41902832e7d548356a4e2af34
9270
9271commit ae9c0d4d5c581b3040d1f16b5c5f4b1cd1616743
9272Author: Darren Tucker <dtucker@zip.com.au>
9273Date: Fri Jun 3 16:03:44 2016 +1000
9274
9275 Update vis.h and vis.c from OpenBSD.
9276
9277 This will be needed for the upcoming utf8 changes.
9278
9279commit e1d93705f8f48f519433d6ca9fc3d0abe92a1b77
9280Author: Tim Rice <tim@multitalents.net>
9281Date: Tue May 31 11:13:22 2016 -0700
9282
9283 modified: configure.ac
9284 whitspace clean up. No code changes.
9285
9286commit 604a037d84e41e31f0aec9075df0b8740c130200
9287Author: Damien Miller <djm@mindrot.org>
9288Date: Tue May 31 16:45:28 2016 +1000
9289
9290 whitespace at EOL
9291
9292commit 18424200160ff5c923113e0a37ebe21ab7bcd17c
9293Author: Darren Tucker <dtucker@zip.com.au>
9294Date: Mon May 30 19:35:28 2016 +1000
9295
9296 Add missing ssh-host-config --name option
9297
9298 Patch from vinschen@redhat.com.
9299
9300commit 39c0cecaa188a37a2e134795caa68e03f3ced592
9301Author: Darren Tucker <dtucker@zip.com.au>
9302Date: Fri May 20 10:01:58 2016 +1000
9303
9304 Fix comment about sshpam_const and AIX.
9305
9306 From mschwager via github.
9307
9308commit f64062b1f74ad5ee20a8a49aab2732efd0f7ce30
9309Author: Damien Miller <djm@mindrot.org>
9310Date: Fri May 20 09:56:53 2016 +1000
9311
9312 Deny lstat syscalls in seccomp sandbox
9313
9314 Avoids sandbox violations for some krb/gssapi libraries.
9315
9316commit 531c135409b8d8810795b1f3692a4ebfd5c9cae0
9317Author: djm@openbsd.org <djm@openbsd.org>
9318Date: Thu May 19 07:45:32 2016 +0000
9319
9320 upstream commit
9321
9322 fix type of ed25519 values
9323
9324 Upstream-ID: b32d0cb372bbe918ca2de56906901eae225a59b0
9325
9326commit 75e21688f523799c9e0cc6601d76a9c5ca79f787
9327Author: markus@openbsd.org <markus@openbsd.org>
9328Date: Wed May 4 14:32:26 2016 +0000
9329
9330 upstream commit
9331
9332 add IdentityAgent; noticed & ok jmc@
9333
9334 Upstream-ID: 4ba9034b00a4cf1beae627f0728da897802df88a
9335
9336commit 1a75d14daf4b60db903e6103cf50e74e0cd0a76b
9337Author: markus@openbsd.org <markus@openbsd.org>
9338Date: Wed May 4 14:29:58 2016 +0000
9339
9340 upstream commit
9341
9342 allow setting IdentityAgent to SSH_AUTH_SOCK; ok djm@
9343
9344 Upstream-ID: 20c508480d8db3eef18942c0fc39b1fcf25652ac
9345
9346commit 0516454151ae722fc8256c3c56115c6baf24c5b0
9347Author: markus@openbsd.org <markus@openbsd.org>
9348Date: Wed May 4 14:22:33 2016 +0000
9349
9350 upstream commit
9351
9352 move SSH_MSG_NONE, so we don't have to include ssh1.h;
9353 ok deraadt@
9354
9355 Upstream-ID: c2f97502efc761a41b18c17ddf460e138ca7994e
9356
9357commit 332ff3d770631e7513fea38cf0d3689f673f0e3f
9358Author: Damien Miller <djm@mindrot.org>
9359Date: Tue May 10 09:51:06 2016 +1000
9360
9361 initialise salen in binresvport_sa
9362
9363 avoids failures with UsePrivilegedPort=yes
9364
9365 patch from Juan Gallego
9366
9367commit c5c1d5d2f04ce00d2ddd6647e61b32f28be39804
9368Author: markus@openbsd.org <markus@openbsd.org>
9369Date: Wed May 4 14:04:40 2016 +0000
9370
9371 upstream commit
9372
9373 missing const in prototypes (ssh1)
9374
9375 Upstream-ID: 789c6ad4928b5fa557369b88c3a6a34926082c05
9376
9377commit 9faae50e2e82ba42eb0cb2726bf6830fe7948f28
9378Author: dtucker@openbsd.org <dtucker@openbsd.org>
9379Date: Wed May 4 14:00:09 2016 +0000
9380
9381 upstream commit
9382
9383 Fix inverted logic for updating StreamLocalBindMask which
9384 would cause the server to set an invalid mask. ok djm@
9385
9386 Upstream-ID: 8a4404c8307a5ef9e07ee2169fc6d8106b527587
9387
9388commit b02ad1ce9105bfa7394ac7590c0729dd52e26a81
9389Author: markus@openbsd.org <markus@openbsd.org>
9390Date: Wed May 4 12:21:53 2016 +0000
9391
9392 upstream commit
9393
9394 IdentityAgent for specifying specific agent sockets; ok
9395 djm@
9396
9397 Upstream-ID: 3e6a15eb89ea0fd406f108826b7dc7dec4fbfac1
9398
9399commit 910e59bba09ac309d78ce61e356da35292212935
9400Author: djm@openbsd.org <djm@openbsd.org>
9401Date: Wed May 4 12:16:39 2016 +0000
9402
9403 upstream commit
9404
9405 fix junk characters after quotes
9406
9407 Upstream-ID: cc4d0cd32cb6b55a2ef98975d2f7ae857d0dc578
9408
9409commit 9283884e647b8be50ccd2997537af0065672107d
9410Author: jmc@openbsd.org <jmc@openbsd.org>
9411Date: Tue May 3 18:38:12 2016 +0000
9412
9413 upstream commit
9414
9415 correct article;
9416
9417 Upstream-ID: 1fbd5b7ab16d2d9834ec79c3cedd4738fa42a168
9418
9419commit cfefbcea1057c2623e76c579174a4107a0b6e6cd
9420Author: djm@openbsd.org <djm@openbsd.org>
9421Date: Tue May 3 15:57:39 2016 +0000
9422
9423 upstream commit
9424
9425 fix overriding of StreamLocalBindMask and
9426 StreamLocalBindUnlink in Match blocks; found the hard way Rogan Dawes
9427
9428 Upstream-ID: 940bc69ec0249ab428d24ccd0722ce35cb932ee2
9429
9430commit 771c2f51ffc0c9a2877b7892fada0c77bd1f6549
9431Author: djm@openbsd.org <djm@openbsd.org>
9432Date: Tue May 3 15:25:06 2016 +0000
9433
9434 upstream commit
9435
9436 don't forget to include StreamLocalBindUnlink in the
9437 config dump output
9438
9439 Upstream-ID: 14a6d970b3b45c8e94272e3c661e9a0b2a0ee7cb
9440
9441commit cdcd941994dc430f50d0a4e6a712d32b66e6199e
9442Author: djm@openbsd.org <djm@openbsd.org>
9443Date: Tue May 3 14:54:08 2016 +0000
9444
9445 upstream commit
9446
9447 make nethack^wrandomart fingerprint flag more readily
9448 searchable pointed out by Matt Johnston
9449
9450 Upstream-ID: cb40d0235dc153c478c1aad3bc60b195422a54fb
9451
9452commit 05855bf2ce7d5cd0a6db18bc0b4214ed5ef7516d
9453Author: djm@openbsd.org <djm@openbsd.org>
9454Date: Tue May 3 13:10:24 2016 +0000
9455
9456 upstream commit
9457
9458 clarify ordering of subkeys; pointed out by ietf-ssh AT
9459 stbuehler.de
9460
9461 Upstream-ID: 05ebe9f949449a555ebce8e0aad7c8c9acaf8463
9462
9463commit cca3b4395807bfb7aaeb83d2838f5c062ce30566
9464Author: dtucker@openbsd.org <dtucker@openbsd.org>
9465Date: Tue May 3 12:15:49 2016 +0000
9466
9467 upstream commit
9468
9469 Use a subshell for constructing key types to work around
9470 different sed behaviours for -portable.
9471
9472 Upstream-Regress-ID: 0f6eb673162df229eda9a134a0f10da16151552d
9473
9474commit fa58208c6502dcce3e0daac0ca991ee657daf1f5
9475Author: djm@openbsd.org <djm@openbsd.org>
9476Date: Tue May 3 10:27:59 2016 +0000
9477
9478 upstream commit
9479
9480 correct some typos and remove a long-stale XXX note.
9481
9482 add specification for ed25519 certificates
9483
9484 mention no host certificate options/extensions are currently defined
9485
9486 pointed out by Simon Tatham
9487
9488 Upstream-ID: 7b535ab7dba3340b7d8210ede6791fdaefdf839a
9489
9490commit b466f956c32cbaff4200bfcd5db6739fe4bc7d04
9491Author: djm@openbsd.org <djm@openbsd.org>
9492Date: Tue May 3 10:24:27 2016 +0000
9493
9494 upstream commit
9495
9496 add ed25519 keys that are supported but missing from this
9497 documents; from Peter Moody
9498
9499 Upstream-ID: 8caac2d8e8cfd2fca6dc304877346e0a064b014b
9500
9501commit 7f3d76319a69dab2efe3a520a8fef5b97e923636
9502Author: dtucker@openbsd.org <dtucker@openbsd.org>
9503Date: Tue May 3 09:03:49 2016 +0000
9504
9505 upstream commit
9506
9507 Implement IUTF8 as per draft-sgtatham-secsh-iutf8-00. Patch
9508 from Simon Tatham, ok markus@
9509
9510 Upstream-ID: 58268ebdf37d9d467f78216c681705a5e10c58e8
9511
9512commit 31bc01c05d9f51bee3ebe33dc57c4fafb059fb62
9513Author: djm@openbsd.org <djm@openbsd.org>
9514Date: Mon May 2 14:10:58 2016 +0000
9515
9516 upstream commit
9517
9518 unbreak config parsing on reexec from previous commit
9519
9520 Upstream-ID: bc69932638a291770955bd05ca55a32660a613ab
9521
9522commit 67f1459efd2e85bf03d032539283fa8107218936
9523Author: djm@openbsd.org <djm@openbsd.org>
9524Date: Mon May 2 09:52:00 2016 +0000
9525
9526 upstream commit
9527
9528 unit and regress tests for SHA256/512; ok markus
9529
9530 Upstream-Regress-ID: a0cd1a92dc824067076a5fcef83c18df9b0bf2c6
9531
9532commit 0e8eeec8e75f6d0eaf33317376f773160018a9c7
9533Author: djm@openbsd.org <djm@openbsd.org>
9534Date: Mon May 2 10:26:04 2016 +0000
9535
9536 upstream commit
9537
9538 add support for additional fixed DH groups from
9539 draft-ietf-curdle-ssh-kex-sha2-03
9540
9541 diffie-hellman-group14-sha256 (2K group)
9542 diffie-hellman-group16-sha512 (4K group)
9543 diffie-hellman-group18-sha512 (8K group)
9544
9545 based on patch from Mark D. Baushke and Darren Tucker
9546 ok markus@
9547
9548 Upstream-ID: ac00406ada4f0dfec41585ca0839f039545bc46f
9549
9550commit 57464e3934ba53ad8590ee3ccd840f693407fc1e
9551Author: djm@openbsd.org <djm@openbsd.org>
9552Date: Mon May 2 09:36:42 2016 +0000
9553
9554 upstream commit
9555
9556 support SHA256 and SHA512 RSA signatures in certificates;
9557 ok markus@
9558
9559 Upstream-ID: b45be2f2ce8cacd794dc5730edaabc90e5eb434a
9560
9561commit 1a31d02b2411c4718de58ce796dbb7b5e14db93e
9562Author: djm@openbsd.org <djm@openbsd.org>
9563Date: Mon May 2 08:49:03 2016 +0000
9564
9565 upstream commit
9566
9567 fix signed/unsigned errors reported by clang-3.7; add
9568 sshbuf_dup_string() to replace a common idiom of strdup(sshbuf_ptr()) with
9569 better safety checking; feedback and ok markus@
9570
9571 Upstream-ID: 71f926d9bb3f1efed51319a6daf37e93d57c8820
9572
9573commit d2d6bf864e52af8491a60dd507f85b74361f5da3
9574Author: djm@openbsd.org <djm@openbsd.org>
9575Date: Fri Apr 29 08:07:53 2016 +0000
9576
9577 upstream commit
9578
9579 close ControlPersist background process stderr when not
9580 in debug mode or when logging to a file or syslog. bz#1988 ok dtucker
9581
9582 Upstream-ID: 4fb726f0fdcb155ad419913cea10dc4afd409d24
9583
9584commit 9ee692fa1146e887e008a2b9a3d3ea81770c9fc8
9585Author: djm@openbsd.org <djm@openbsd.org>
9586Date: Thu Apr 28 14:30:21 2016 +0000
9587
9588 upstream commit
9589
9590 fix comment
9591
9592 Upstream-ID: 313a385bd7b69a82f8e28ecbaf5789c774457b15
9593
9594commit ee1e0a16ff2ba41a4d203c7670b54644b6c57fa6
9595Author: jmc@openbsd.org <jmc@openbsd.org>
9596Date: Wed Apr 27 13:53:48 2016 +0000
9597
9598 upstream commit
9599
9600 cidr permitted for {allow,deny}users; from lars nooden ok djm
9601
9602 Upstream-ID: 13e7327fe85f6c63f3f7f069e0fdc8c351515d11
9603
9604commit b6e0140a5aa883c27b98415bd8aa9f65fc04ee22
9605Author: djm@openbsd.org <djm@openbsd.org>
9606Date: Thu Apr 21 06:08:02 2016 +0000
9607
9608 upstream commit
9609
9610 make argument == NULL tests more consistent
9611
9612 Upstream-ID: dc4816678704aa5cbda3a702e0fa2033ff04581d
9613
9614commit 6aaabc2b610e44bae473457ad9556ffb43d90ee3
9615Author: jmc@openbsd.org <jmc@openbsd.org>
9616Date: Sun Apr 17 14:34:46 2016 +0000
9617
9618 upstream commit
9619
9620 tweak previous;
9621
9622 Upstream-ID: 46c1bab91c164078edbccd5f7d06b9058edd814f
9623
9624commit 0f839e5969efa3bda615991be8a9d9311554c573
9625Author: djm@openbsd.org <djm@openbsd.org>
9626Date: Fri Apr 15 02:57:10 2016 +0000
9627
9628 upstream commit
9629
9630 missing bit of Include regress
9631
9632 Upstream-Regress-ID: 1063595f7f40f8489a1b7a27230b9e8acccea34f
9633
9634commit 12e4ac46aed681da55c2bba3cd11dfcab23591be
9635Author: djm@openbsd.org <djm@openbsd.org>
9636Date: Fri Apr 15 02:55:53 2016 +0000
9637
9638 upstream commit
9639
9640 remove redundant CLEANFILES section
9641
9642 Upstream-Regress-ID: 29ef1b267fa56daa60a1463396635e7d53afb587
9643
9644commit b1d05aa653ae560c44baf8e8a9756e33f98ea75c
9645Author: djm@openbsd.org <djm@openbsd.org>
9646Date: Fri Apr 15 00:48:01 2016 +0000
9647
9648 upstream commit
9649
9650 sync CLEANFILES with portable, sort
9651
9652 Upstream-Regress-ID: cb782f4f1ab3e079efbc335c6b64942f790766ed
9653
9654commit 35f22dad263cce5c61d933ae439998cb965b8748
9655Author: djm@openbsd.org <djm@openbsd.org>
9656Date: Fri Apr 15 00:31:10 2016 +0000
9657
9658 upstream commit
9659
9660 regression test for ssh_config Include directive
9661
9662 Upstream-Regress-ID: 46a38c8101f635461c506d1aac2d96af80f97f1e
9663
9664commit 6b8a1a87005818d4700ce8b42faef746e82c1f51
9665Author: djm@openbsd.org <djm@openbsd.org>
9666Date: Thu Apr 14 23:57:17 2016 +0000
9667
9668 upstream commit
9669
9670 unbreak test for recent ssh de-duplicated forwarding
9671 change
9672
9673 Upstream-Regress-ID: 6b2b115d99acd7cff13986e6739ea214cf2a3da3
9674
9675commit 076787702418985a2cc6808212dc28ce7afc01f0
9676Author: djm@openbsd.org <djm@openbsd.org>
9677Date: Thu Apr 14 23:21:42 2016 +0000
9678
9679 upstream commit
9680
9681 add test knob and warning for StrictModes
9682
9683 Upstream-Regress-ID: 8cd10952ce7898655ee58945904f2a0a3bdf7682
9684
9685commit dc7990be865450574c7940c9880567f5d2555b37
9686Author: djm@openbsd.org <djm@openbsd.org>
9687Date: Fri Apr 15 00:30:19 2016 +0000
9688
9689 upstream commit
9690
9691 Include directive for ssh_config(5); feedback & ok markus@
9692
9693 Upstream-ID: ae3b76e2e343322b9f74acde6f1e1c5f027d5fff
9694
9695commit 85bdcd7c92fe7ff133bbc4e10a65c91810f88755
9696Author: Damien Miller <djm@mindrot.org>
9697Date: Wed Apr 13 10:39:57 2016 +1000
9698
9699 ignore PAM environment vars when UseLogin=yes
9700
9701 If PAM is configured to read user-specified environment variables
9702 and UseLogin=yes in sshd_config, then a hostile local user may
9703 attack /bin/login via LD_PRELOAD or similar environment variables
9704 set via PAM.
9705
9706 CVE-2015-8325, found by Shayan Sadigh, via Colin Watson
9707
9708commit dce19bf6e4a2a3d0b13a81224de63fc316461ab9
9709Author: djm@openbsd.org <djm@openbsd.org>
9710Date: Sat Apr 9 12:39:30 2016 +0000
9711
9712 upstream commit
9713
9714 make private key loading functions consistently handle NULL
9715 key pointer arguments; ok markus@
9716
9717 Upstream-ID: 92038726ef4a338169c35dacc9c5a07fcc7fa761
9718
9719commit 5f41f030e2feb5295657285aa8c6602c7810bc4b
9720Author: Darren Tucker <dtucker@zip.com.au>
9721Date: Fri Apr 8 21:14:13 2016 +1000
9722
9723 Remove NO_IPPORT_RESERVED_CONCEPT
9724
9725 Replace by defining IPPORT_RESERVED to zero on Cygwin, which should have
9726 the same effect without causing problems syncing patches with OpenBSD.
9727 Resync the two affected functions with OpenBSD. ok djm, sanity checked
9728 by Corinna.
9729
9730commit 34a01b2cf737d946ddb140618e28c3048ab7a229
9731Author: djm@openbsd.org <djm@openbsd.org>
9732Date: Fri Apr 8 08:19:17 2016 +0000
9733
9734 upstream commit
9735
9736 whitespace at EOL
9737
9738 Upstream-ID: 5beffd4e001515da12851b974e2323ae4aa313b6
9739
9740commit 90ee563fa6b54c59896c6c332c5188f866c5e75f
9741Author: djm@openbsd.org <djm@openbsd.org>
9742Date: Fri Apr 8 06:35:54 2016 +0000
9743
9744 upstream commit
9745
9746 We accidentally send an empty string and a zero uint32 with
9747 every direct-streamlocal@openssh.com channel open, in contravention of our
9748 own spec.
9749
9750 Fixing this is too hard wrt existing versions that expect these
9751 fields to be present and fatal() if they aren't, so document them
9752 as "reserved" fields in the PROTOCOL spec as though we always
9753 intended this and let us never speak of it again.
9754
9755 bz#2529, reported by Ron Frederick
9756
9757 Upstream-ID: 34cd326a4d236ca6e39084c4ff796bd97ab833e7
9758
9759commit 0ccbd5eca0f0dd78e71a4b69c66f03a66908d558
9760Author: djm@openbsd.org <djm@openbsd.org>
9761Date: Wed Apr 6 06:42:17 2016 +0000
9762
9763 upstream commit
9764
9765 don't record duplicate LocalForward and RemoteForward
9766 entries; fixes failure with ExitOnForwardFailure+hostname canonicalisation
9767 where the same forwards are added on the second pass through the
9768 configuration file. bz#2562; ok dtucker@
9769
9770 Upstream-ID: 40a51d68b6300f1cc61deecdb7d4847b8b7b0de1
9771
9772commit 574def0eb493cd6efeffd4ff2e9257abcffee0c8
9773Author: krw@openbsd.org <krw@openbsd.org>
9774Date: Sat Apr 2 14:37:42 2016 +0000
9775
9776 upstream commit
9777
9778 Another use for fcntl() and thus of the superfluous 3rd
9779 parameter is when sanitising standard fd's before calling daemon().
9780
9781 Use a tweaked version of the ssh(1) function in all three places
9782 found using fcntl() this way.
9783
9784 ok jca@ beck@
9785
9786 Upstream-ID: f16811ffa19a1c5f4ef383c5f0fecb843c84e218
9787
9788commit b3413534aa9d71a941005df2760d1eec2c2b0854
9789Author: Darren Tucker <dtucker@zip.com.au>
9790Date: Mon Apr 4 11:09:21 2016 +1000
9791
9792 Tidy up openssl header test.
9793
9794commit 815bcac0b94bb448de5acdd6ba925b8725240b4f
9795Author: Darren Tucker <dtucker@zip.com.au>
9796Date: Mon Apr 4 11:07:59 2016 +1000
9797
9798 Fix configure-time warnings for openssl test.
diff --git a/INSTALL b/INSTALL
index 7f552bf76..3fd265dbf 100644
--- a/INSTALL
+++ b/INSTALL
@@ -66,13 +66,6 @@ passphrase requester. This is maintained separately at:
66 66
67http://www.jmknoble.net/software/x11-ssh-askpass/ 67http://www.jmknoble.net/software/x11-ssh-askpass/
68 68
69S/Key Libraries:
70
71If you wish to use --with-skey then you will need the library below
72installed. No other S/Key library is currently known to be supported.
73
74http://www.sparc.spb.su/solaris/skey/
75
76LibEdit: 69LibEdit:
77 70
78sftp supports command-line editing via NetBSD's libedit. If your platform 71sftp supports command-line editing via NetBSD's libedit. If your platform
@@ -184,9 +177,6 @@ it if lastlog is installed in a different place.
184--with-osfsia, --without-osfsia will enable or disable OSF1's Security 177--with-osfsia, --without-osfsia will enable or disable OSF1's Security
185Integration Architecture. The default for OSF1 machines is enable. 178Integration Architecture. The default for OSF1 machines is enable.
186 179
187--with-skey=PATH will enable S/Key one time password support. You will
188need the S/Key libraries and header files installed for this to work.
189
190--with-md5-passwords will enable the use of MD5 passwords. Enable this 180--with-md5-passwords will enable the use of MD5 passwords. Enable this
191if your operating system uses MD5 passwords and the system crypt() does 181if your operating system uses MD5 passwords and the system crypt() does
192not support them directly (see the crypt(3/3c) man page). If enabled, the 182not support them directly (see the crypt(3/3c) man page). If enabled, the
@@ -220,7 +210,7 @@ If you need to pass special options to the compiler or linker, you
220can specify these as environment variables before running ./configure. 210can specify these as environment variables before running ./configure.
221For example: 211For example:
222 212
223CFLAGS="-O -m486" LDFLAGS="-s" LIBS="-lrubbish" LD="/usr/foo/ld" ./configure 213CC="/usr/foo/cc" CFLAGS="-O" LDFLAGS="-s" LIBS="-lrubbish" ./configure
224 214
2253. Configuration 2153. Configuration
226---------------- 216----------------
diff --git a/Makefile.in b/Makefile.in
index 1afb4f798..0ee0285f6 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -1,4 +1,4 @@
1# uncomment if you run a non bourne compatable shell. Ie. csh 1# uncomment if you run a non bourne compatible shell. Ie. csh
2#SHELL = @SH@ 2#SHELL = @SH@
3 3
4AUTORECONF=autoreconf 4AUTORECONF=autoreconf
@@ -84,13 +84,13 @@ LIBOPENSSH_OBJS=\
84 ${XMSS_OBJS} 84 ${XMSS_OBJS}
85 85
86LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ 86LIBSSH_OBJS=${LIBOPENSSH_OBJS} \
87 authfd.o authfile.o bufaux.o bufbn.o bufec.o buffer.o \ 87 authfd.o authfile.o \
88 canohost.o channels.o cipher.o cipher-aes.o cipher-aesctr.o \ 88 canohost.o channels.o cipher.o cipher-aes.o cipher-aesctr.o \
89 cipher-ctr.o cleanup.o \ 89 cipher-ctr.o cleanup.o \
90 compat.o crc32.o fatal.o hostfile.o \ 90 compat.o crc32.o fatal.o hostfile.o \
91 log.o match.o moduli.o nchan.o packet.o opacket.o \ 91 log.o match.o moduli.o nchan.o packet.o opacket.o \
92 readpass.o ttymodes.o xmalloc.o addrmatch.o \ 92 readpass.o ttymodes.o xmalloc.o addrmatch.o \
93 atomicio.o key.o dispatch.o mac.o uidswap.o uuencode.o misc.o utf8.o \ 93 atomicio.o dispatch.o mac.o uuencode.o misc.o utf8.o \
94 monitor_fdpass.o rijndael.o ssh-dss.o ssh-ecdsa.o ssh-rsa.o dh.o \ 94 monitor_fdpass.o rijndael.o ssh-dss.o ssh-ecdsa.o ssh-rsa.o dh.o \
95 msg.o progressmeter.o dns.o entropy.o gss-genr.o umac.o umac128.o \ 95 msg.o progressmeter.o dns.o entropy.o gss-genr.o umac.o umac128.o \
96 ssh-pkcs11.o smult_curve25519_ref.o \ 96 ssh-pkcs11.o smult_curve25519_ref.o \
@@ -111,7 +111,7 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o \
111 sshpty.o sshlogin.o servconf.o serverloop.o \ 111 sshpty.o sshlogin.o servconf.o serverloop.o \
112 auth.o auth2.o auth-options.o session.o \ 112 auth.o auth2.o auth-options.o session.o \
113 auth2-chall.o groupaccess.o \ 113 auth2-chall.o groupaccess.o \
114 auth-skey.o auth-bsdauth.o auth2-hostbased.o auth2-kbdint.o \ 114 auth-bsdauth.o auth2-hostbased.o auth2-kbdint.o \
115 auth2-none.o auth2-passwd.o auth2-pubkey.o \ 115 auth2-none.o auth2-passwd.o auth2-pubkey.o \
116 monitor.o monitor_wrap.o auth-krb5.o \ 116 monitor.o monitor_wrap.o auth-krb5.o \
117 auth2-gss.o gss-serv.o gss-serv-krb5.o kexgsss.o \ 117 auth2-gss.o gss-serv.o gss-serv-krb5.o kexgsss.o \
@@ -119,7 +119,7 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o \
119 sftp-server.o sftp-common.o \ 119 sftp-server.o sftp-common.o \
120 sandbox-null.o sandbox-rlimit.o sandbox-systrace.o sandbox-darwin.o \ 120 sandbox-null.o sandbox-rlimit.o sandbox-systrace.o sandbox-darwin.o \
121 sandbox-seccomp-filter.o sandbox-capsicum.o sandbox-pledge.o \ 121 sandbox-seccomp-filter.o sandbox-capsicum.o sandbox-pledge.o \
122 sandbox-solaris.o 122 sandbox-solaris.o uidswap.o
123 123
124MANPAGES = moduli.5.out scp.1.out ssh-add.1.out ssh-agent.1.out ssh-keygen.1.out ssh-keyscan.1.out ssh.1.out sshd.8.out sftp-server.8.out sftp.1.out ssh-keysign.8.out ssh-pkcs11-helper.8.out sshd_config.5.out ssh_config.5.out 124MANPAGES = moduli.5.out scp.1.out ssh-add.1.out ssh-agent.1.out ssh-keygen.1.out ssh-keyscan.1.out ssh.1.out sshd.8.out sftp-server.8.out sftp.1.out ssh-keysign.8.out ssh-pkcs11-helper.8.out sshd_config.5.out ssh_config.5.out
125MANPAGES_IN = moduli.5 scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh.1 sshd.8 sftp-server.8 sftp.1 ssh-keysign.8 ssh-pkcs11-helper.8 sshd_config.5 ssh_config.5 125MANPAGES_IN = moduli.5 scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh.1 sshd.8 sftp-server.8 sftp.1 ssh-keysign.8 ssh-pkcs11-helper.8 sshd_config.5 ssh_config.5
@@ -176,7 +176,7 @@ sshd$(EXEEXT): libssh.a $(LIBCOMPAT) $(SSHDOBJS)
176 $(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(SSHDLIBS) $(LIBS) $(GSSLIBS) $(K5LIBS) 176 $(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(SSHDLIBS) $(LIBS) $(GSSLIBS) $(K5LIBS)
177 177
178scp$(EXEEXT): $(LIBCOMPAT) libssh.a scp.o progressmeter.o 178scp$(EXEEXT): $(LIBCOMPAT) libssh.a scp.o progressmeter.o
179 $(LD) -o $@ scp.o progressmeter.o bufaux.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) 179 $(LD) -o $@ scp.o progressmeter.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
180 180
181ssh-add$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-add.o 181ssh-add$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-add.o
182 $(LD) -o $@ ssh-add.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) 182 $(LD) -o $@ ssh-add.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
@@ -187,8 +187,8 @@ ssh-agent$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-agent.o ssh-pkcs11-client.o
187ssh-keygen$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keygen.o 187ssh-keygen$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keygen.o
188 $(LD) -o $@ ssh-keygen.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) 188 $(LD) -o $@ ssh-keygen.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
189 189
190ssh-keysign$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keysign.o readconf.o 190ssh-keysign$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keysign.o readconf.o uidswap.o
191 $(LD) -o $@ ssh-keysign.o readconf.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) 191 $(LD) -o $@ ssh-keysign.o readconf.o uidswap.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
192 192
193ssh-pkcs11-helper$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-pkcs11-helper.o ssh-pkcs11.o 193ssh-pkcs11-helper$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-pkcs11-helper.o ssh-pkcs11.o
194 $(LD) -o $@ ssh-pkcs11-helper.o ssh-pkcs11.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS) 194 $(LD) -o $@ ssh-pkcs11-helper.o ssh-pkcs11.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS)
@@ -231,6 +231,7 @@ clean: regressclean
231 rm -f *.o *.a $(TARGETS) logintest config.cache config.log 231 rm -f *.o *.a $(TARGETS) logintest config.cache config.log
232 rm -f *.out core survey 232 rm -f *.out core survey
233 rm -f regress/check-perm$(EXEEXT) 233 rm -f regress/check-perm$(EXEEXT)
234 rm -f regress/mkdtemp$(EXEEXT)
234 rm -f regress/unittests/test_helper/*.a 235 rm -f regress/unittests/test_helper/*.a
235 rm -f regress/unittests/test_helper/*.o 236 rm -f regress/unittests/test_helper/*.o
236 rm -f regress/unittests/sshbuf/*.o 237 rm -f regress/unittests/sshbuf/*.o
@@ -259,6 +260,8 @@ distclean: regressclean
259 rm -f Makefile buildpkg.sh config.h config.status 260 rm -f Makefile buildpkg.sh config.h config.status
260 rm -f survey.sh openbsd-compat/regress/Makefile *~ 261 rm -f survey.sh openbsd-compat/regress/Makefile *~
261 rm -rf autom4te.cache 262 rm -rf autom4te.cache
263 rm -f regress/check-perm
264 rm -f regress/mkdtemp
262 rm -f regress/unittests/test_helper/*.a 265 rm -f regress/unittests/test_helper/*.a
263 rm -f regress/unittests/test_helper/*.o 266 rm -f regress/unittests/test_helper/*.o
264 rm -f regress/unittests/sshbuf/*.o 267 rm -f regress/unittests/sshbuf/*.o
@@ -277,7 +280,8 @@ distclean: regressclean
277 rm -f regress/unittests/match/test_match 280 rm -f regress/unittests/match/test_match
278 rm -f regress/unittests/utf8/*.o 281 rm -f regress/unittests/utf8/*.o
279 rm -f regress/unittests/utf8/test_utf8 282 rm -f regress/unittests/utf8/test_utf8
280 rm -f regress/unittests/misc/kexfuzz 283 rm -f regress/misc/kexfuzz/*.o
284 rm -f regress/misc/kexfuzz
281 (cd openbsd-compat && $(MAKE) distclean) 285 (cd openbsd-compat && $(MAKE) distclean)
282 if test -d pkg ; then \ 286 if test -d pkg ; then \
283 rm -fr pkg ; \ 287 rm -fr pkg ; \
@@ -461,6 +465,10 @@ regress/check-perm$(EXEEXT): $(srcdir)/regress/check-perm.c $(REGRESSLIBS)
461 $(CC) $(CFLAGS) $(CPPFLAGS) -o $@ $(srcdir)/regress/check-perm.c \ 465 $(CC) $(CFLAGS) $(CPPFLAGS) -o $@ $(srcdir)/regress/check-perm.c \
462 $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS) 466 $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS)
463 467
468regress/mkdtemp$(EXEEXT): $(srcdir)/regress/mkdtemp.c $(REGRESSLIBS)
469 $(CC) $(CFLAGS) $(CPPFLAGS) -o $@ $(srcdir)/regress/mkdtemp.c \
470 $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS)
471
464UNITTESTS_TEST_HELPER_OBJS=\ 472UNITTESTS_TEST_HELPER_OBJS=\
465 regress/unittests/test_helper/test_helper.o \ 473 regress/unittests/test_helper/test_helper.o \
466 regress/unittests/test_helper/fuzz.o 474 regress/unittests/test_helper/fuzz.o
@@ -569,6 +577,7 @@ regress-binaries: regress/modpipe$(EXEEXT) \
569 regress/setuid-allowed$(EXEEXT) \ 577 regress/setuid-allowed$(EXEEXT) \
570 regress/netcat$(EXEEXT) \ 578 regress/netcat$(EXEEXT) \
571 regress/check-perm$(EXEEXT) \ 579 regress/check-perm$(EXEEXT) \
580 regress/mkdtemp$(EXEEXT) \
572 regress/unittests/sshbuf/test_sshbuf$(EXEEXT) \ 581 regress/unittests/sshbuf/test_sshbuf$(EXEEXT) \
573 regress/unittests/sshkey/test_sshkey$(EXEEXT) \ 582 regress/unittests/sshkey/test_sshkey$(EXEEXT) \
574 regress/unittests/bitmap/test_bitmap$(EXEEXT) \ 583 regress/unittests/bitmap/test_bitmap$(EXEEXT) \
@@ -579,8 +588,6 @@ regress-binaries: regress/modpipe$(EXEEXT) \
579 regress/unittests/utf8/test_utf8$(EXEEXT) \ 588 regress/unittests/utf8/test_utf8$(EXEEXT) \
580 regress/misc/kexfuzz/kexfuzz$(EXEEXT) 589 regress/misc/kexfuzz/kexfuzz$(EXEEXT)
581 590
582REGRESSTMP = "$(PWD)/regress"
583
584tests interop-tests t-exec unit: regress-prep regress-binaries $(TARGETS) 591tests interop-tests t-exec unit: regress-prep regress-binaries $(TARGETS)
585 BUILDDIR=`pwd`; \ 592 BUILDDIR=`pwd`; \
586 TEST_SSH_SCP="$${BUILDDIR}/scp"; \ 593 TEST_SSH_SCP="$${BUILDDIR}/scp"; \
@@ -604,7 +611,7 @@ tests interop-tests t-exec unit: regress-prep regress-binaries $(TARGETS)
604 .OBJDIR="$${BUILDDIR}/regress" \ 611 .OBJDIR="$${BUILDDIR}/regress" \
605 .CURDIR="`pwd`" \ 612 .CURDIR="`pwd`" \
606 BUILDDIR="$${BUILDDIR}" \ 613 BUILDDIR="$${BUILDDIR}" \
607 OBJ="$(REGRESSTMP)" \ 614 OBJ="$${BUILDDIR}/regress/" \
608 PATH="$${BUILDDIR}:$${PATH}" \ 615 PATH="$${BUILDDIR}:$${PATH}" \
609 TEST_ENV=MALLOC_OPTIONS="@TEST_MALLOC_OPTIONS@" \ 616 TEST_ENV=MALLOC_OPTIONS="@TEST_MALLOC_OPTIONS@" \
610 TEST_MALLOC_OPTIONS="@TEST_MALLOC_OPTIONS@" \ 617 TEST_MALLOC_OPTIONS="@TEST_MALLOC_OPTIONS@" \
diff --git a/OVERVIEW b/OVERVIEW
index fde72c8e0..515567f45 100644
--- a/OVERVIEW
+++ b/OVERVIEW
@@ -23,9 +23,8 @@ these programs.
23 23
24 - These provide an arbitrary size buffer, where data can be appended. 24 - These provide an arbitrary size buffer, where data can be appended.
25 Data can be consumed from either end. The code is used heavily 25 Data can be consumed from either end. The code is used heavily
26 throughout ssh. The basic buffer manipulation functions are in 26 throughout ssh. The buffer manipulation functions are in
27 buffer.c (header buffer.h), and additional code to manipulate specific 27 sshbuf*.c (header sshbuf.h).
28 data types is in bufaux.c.
29 28
30 Compression Library 29 Compression Library
31 30
@@ -62,7 +61,7 @@ these programs.
62 code in packet.c does not concern itself with packet types or their 61 code in packet.c does not concern itself with packet types or their
63 execution; it contains code to build packets, to receive them and 62 execution; it contains code to build packets, to receive them and
64 extract data from them, and the code to compress and/or encrypt 63 extract data from them, and the code to compress and/or encrypt
65 packets. CRC code comes from crc32.c. 64 packets.
66 65
67 - The code in packet.c calls the buffer manipulation routines 66 - The code in packet.c calls the buffer manipulation routines
68 (buffer.c, bufaux.c), compression routines (zlib), and the 67 (buffer.c, bufaux.c), compression routines (zlib), and the
@@ -106,12 +105,6 @@ these programs.
106 calls client_loop in clientloop.c. This does the real work for 105 calls client_loop in clientloop.c. This does the real work for
107 the session. 106 the session.
108 107
109 - The client is suid root. It tries to temporarily give up this
110 rights while reading the configuration data. The root
111 privileges are only used to make the connection (from a
112 privileged socket). Any extra privileges are dropped before
113 calling ssh_login.
114
115 Pseudo-tty manipulation and tty modes 108 Pseudo-tty manipulation and tty modes
116 109
117 - Code to allocate and use a pseudo tty is in pty.c. Code to 110 - Code to allocate and use a pseudo tty is in pty.c. Code to
@@ -165,4 +158,4 @@ these programs.
165 uidswap.c uid-swapping 158 uidswap.c uid-swapping
166 xmalloc.c "safe" malloc routines 159 xmalloc.c "safe" malloc routines
167 160
168$OpenBSD: OVERVIEW,v 1.12 2015/07/08 19:01:15 markus Exp $ 161$OpenBSD: OVERVIEW,v 1.14 2018/07/27 03:55:22 dtucker Exp $
diff --git a/PROTOCOL b/PROTOCOL
index b1fc00691..010bec92f 100644
--- a/PROTOCOL
+++ b/PROTOCOL
@@ -428,7 +428,7 @@ The values of the f_flag bitmask are as follows:
428Both the "statvfs@openssh.com" and "fstatvfs@openssh.com" extensions are 428Both the "statvfs@openssh.com" and "fstatvfs@openssh.com" extensions are
429advertised in the SSH_FXP_VERSION hello with version "2". 429advertised in the SSH_FXP_VERSION hello with version "2".
430 430
43110. sftp: Extension request "hardlink@openssh.com" 4313.5. sftp: Extension request "hardlink@openssh.com"
432 432
433This request is for creating a hard link to a regular file. This 433This request is for creating a hard link to a regular file. This
434request is implemented as a SSH_FXP_EXTENDED request with the 434request is implemented as a SSH_FXP_EXTENDED request with the
@@ -444,7 +444,7 @@ link(oldpath, newpath) and will respond with a SSH_FXP_STATUS message.
444This extension is advertised in the SSH_FXP_VERSION hello with version 444This extension is advertised in the SSH_FXP_VERSION hello with version
445"1". 445"1".
446 446
44710. sftp: Extension request "fsync@openssh.com" 4473.6. sftp: Extension request "fsync@openssh.com"
448 448
449This request asks the server to call fsync(2) on an open file handle. 449This request asks the server to call fsync(2) on an open file handle.
450 450
@@ -458,4 +458,35 @@ respond with a SSH_FXP_STATUS message.
458This extension is advertised in the SSH_FXP_VERSION hello with version 458This extension is advertised in the SSH_FXP_VERSION hello with version
459"1". 459"1".
460 460
461$OpenBSD: PROTOCOL,v 1.32 2018/02/19 00:55:02 djm Exp $ 4614. Miscellaneous changes
462
4634.1 Public key format
464
465OpenSSH public keys, as generated by ssh-keygen(1) and appearing in
466authorized_keys files, are formatted as a single line of text consisting
467of the public key algorithm name followed by a base64-encoded key blob.
468The public key blob (before base64 encoding) is the same format used for
469the encoding of public keys sent on the wire: as described in RFC4253
470section 6.6 for RSA and DSA keys, RFC5656 section 3.1 for ECDSA keys
471and the "New public key formats" section of PROTOCOL.certkeys for the
472OpenSSH certificate formats.
473
4744.2 Private key format
475
476OpenSSH private keys, as generated by ssh-keygen(1) use the format
477described in PROTOCOL.key by default. As a legacy option, PEM format
478(RFC7468) private keys are also supported for RSA, DSA and ECDSA keys
479and were the default format before OpenSSH 7.8.
480
4814.3 KRL format
482
483OpenSSH supports a compact format for Key Revocation Lists (KRLs). This
484format is described in the PROTOCOL.krl file.
485
4864.4 Connection multiplexing
487
488OpenSSH's connection multiplexing uses messages as described in
489PROTOCOL.mux over a Unix domain socket for communications between a
490master instance and later clients.
491
492$OpenBSD: PROTOCOL,v 1.35 2018/08/10 00:44:01 djm Exp $
diff --git a/PROTOCOL.certkeys b/PROTOCOL.certkeys
index 64cb18700..11363fdc3 100644
--- a/PROTOCOL.certkeys
+++ b/PROTOCOL.certkeys
@@ -25,6 +25,10 @@ raw user keys. The ssh client will support automatic verification of
25acceptance of certified host keys, by adding a similar ability to 25acceptance of certified host keys, by adding a similar ability to
26specify CA keys in ~/.ssh/known_hosts. 26specify CA keys in ~/.ssh/known_hosts.
27 27
28All certificate types include certification information along with the
29public key that is used to sign challenges. In OpenSSH, ssh-keygen
30performs the CA signing operation.
31
28Certified keys are represented using new key types: 32Certified keys are represented using new key types:
29 33
30 ssh-rsa-cert-v01@openssh.com 34 ssh-rsa-cert-v01@openssh.com
@@ -33,9 +37,17 @@ Certified keys are represented using new key types:
33 ecdsa-sha2-nistp384-cert-v01@openssh.com 37 ecdsa-sha2-nistp384-cert-v01@openssh.com
34 ecdsa-sha2-nistp521-cert-v01@openssh.com 38 ecdsa-sha2-nistp521-cert-v01@openssh.com
35 39
36These include certification information along with the public key 40Two additional types exist for RSA certificates to force use of
37that is used to sign challenges. ssh-keygen performs the CA signing 41SHA-2 signatures (SHA-256 and SHA-512 respectively):
38operation. 42
43 rsa-sha2-256-cert-v01@openssh.com
44 rsa-sha2-512-cert-v01@openssh.com
45
46These RSA/SHA-2 types should not appear in keys at rest or transmitted
47on their wire, but do appear in a SSH_MSG_KEXINIT's host-key algorithms
48field or in the "public key algorithm name" field of a "publickey"
49SSH_USERAUTH_REQUEST to indicate that the signature will use the
50specified algorithm.
39 51
40Protocol extensions 52Protocol extensions
41------------------- 53-------------------
@@ -174,7 +186,7 @@ certificate. Each represents a time in seconds since 1970-01-01
174 186
175 valid after <= current time < valid before 187 valid after <= current time < valid before
176 188
177criticial options is a set of zero or more key options encoded as 189critical options is a set of zero or more key options encoded as
178below. All such options are "critical" in the sense that an implementation 190below. All such options are "critical" in the sense that an implementation
179must refuse to authorise a key that has an unrecognised option. 191must refuse to authorise a key that has an unrecognised option.
180 192
@@ -291,4 +303,4 @@ permit-user-rc empty Flag indicating that execution of
291 of this script will not be permitted if 303 of this script will not be permitted if
292 this option is not present. 304 this option is not present.
293 305
294$OpenBSD: PROTOCOL.certkeys,v 1.13 2017/11/03 02:32:19 djm Exp $ 306$OpenBSD: PROTOCOL.certkeys,v 1.15 2018/07/03 11:39:54 djm Exp $
diff --git a/PROTOCOL.chacha20poly1305 b/PROTOCOL.chacha20poly1305
index 4857d3853..9ce2a1e3a 100644
--- a/PROTOCOL.chacha20poly1305
+++ b/PROTOCOL.chacha20poly1305
@@ -16,7 +16,7 @@ that computes a 128 bit integrity tag given a message and a single-use
16The chacha20-poly1305@openssh.com combines these two primitives into an 16The chacha20-poly1305@openssh.com combines these two primitives into an
17authenticated encryption mode. The construction used is based on that 17authenticated encryption mode. The construction used is based on that
18proposed for TLS by Adam Langley in [3], but differs in the layout of 18proposed for TLS by Adam Langley in [3], but differs in the layout of
19data passed to the MAC and in the addition of encyption of the packet 19data passed to the MAC and in the addition of encryption of the packet
20lengths. 20lengths.
21 21
22Negotiation 22Negotiation
@@ -103,5 +103,5 @@ References
103[3] "ChaCha20 and Poly1305 based Cipher Suites for TLS", Adam Langley 103[3] "ChaCha20 and Poly1305 based Cipher Suites for TLS", Adam Langley
104 http://tools.ietf.org/html/draft-agl-tls-chacha20poly1305-03 104 http://tools.ietf.org/html/draft-agl-tls-chacha20poly1305-03
105 105
106$OpenBSD: PROTOCOL.chacha20poly1305,v 1.3 2016/05/03 13:10:24 djm Exp $ 106$OpenBSD: PROTOCOL.chacha20poly1305,v 1.4 2018/04/10 00:10:49 djm Exp $
107 107
diff --git a/PROTOCOL.krl b/PROTOCOL.krl
index b9695107b..f319bad21 100644
--- a/PROTOCOL.krl
+++ b/PROTOCOL.krl
@@ -145,7 +145,7 @@ This section may appear multiple times.
1455. KRL signature sections 1455. KRL signature sections
146 146
147The KRL_SECTION_SIGNATURE section serves a different purpose to the 147The KRL_SECTION_SIGNATURE section serves a different purpose to the
148preceeding ones: to provide cryptographic authentication of a KRL that 148preceding ones: to provide cryptographic authentication of a KRL that
149is retrieved over a channel that does not provide integrity protection. 149is retrieved over a channel that does not provide integrity protection.
150Its format is slightly different to the previously-described sections: 150Its format is slightly different to the previously-described sections:
151in order to simplify the signature generation, it includes as a "body" 151in order to simplify the signature generation, it includes as a "body"
@@ -166,4 +166,4 @@ Implementations that retrieve KRLs over untrusted channels must verify
166signatures. Signature sections are optional for KRLs distributed by 166signatures. Signature sections are optional for KRLs distributed by
167trusted means. 167trusted means.
168 168
169$OpenBSD: PROTOCOL.krl,v 1.3 2015/01/30 01:10:33 djm Exp $ 169$OpenBSD: PROTOCOL.krl,v 1.4 2018/04/10 00:10:49 djm Exp $
diff --git a/README b/README
index fb8e21743..97fc2ef99 100644
--- a/README
+++ b/README
@@ -1,4 +1,4 @@
1See https://www.openssh.com/releasenotes.html#7.7p1 for the release notes. 1See https://www.openssh.com/releasenotes.html#7.8p1 for the release notes.
2 2
3Please read https://www.openssh.com/report.html for bug reporting 3Please read https://www.openssh.com/report.html for bug reporting
4instructions and note that we do not use Github for bug reporting or 4instructions and note that we do not use Github for bug reporting or
diff --git a/README.platform b/README.platform
index c7be95fb6..9210e07c8 100644
--- a/README.platform
+++ b/README.platform
@@ -80,7 +80,7 @@ added to /etc/security/audit_event:
80 32800:AUE_openssh:OpenSSH login:lo 80 32800:AUE_openssh:OpenSSH login:lo
81 81
82The BSM audit event range available for third party TCB applications is 82The BSM audit event range available for third party TCB applications is
8332768 - 65535. Event number 32800 has been choosen for AUE_openssh. 8332768 - 65535. Event number 32800 has been chosen for AUE_openssh.
84There is no official registry of 3rd party event numbers, so if this 84There is no official registry of 3rd party event numbers, so if this
85number is already in use on your system, you may change it at build time 85number is already in use on your system, you may change it at build time
86by configure'ing --with-cflags=-DAUE_openssh=32801 then rebuilding. 86by configure'ing --with-cflags=-DAUE_openssh=32801 then rebuilding.
diff --git a/TODO b/TODO
index f22c7e224..b76529c96 100644
--- a/TODO
+++ b/TODO
@@ -35,7 +35,7 @@ Programming:
35 - Use different PAM service name for kbdint vs regular auth (suggest from 35 - Use different PAM service name for kbdint vs regular auth (suggest from
36 Solar Designer) 36 Solar Designer)
37 - Ability to select which ChallengeResponseAuthentications may be used 37 - Ability to select which ChallengeResponseAuthentications may be used
38 and order to try them in e.g. "ChallengeResponseAuthentication skey, pam" 38 and order to try them in e.g. "ChallengeResponseAuthentication pam"
39 39
40- Complete Tru64 SIA support 40- Complete Tru64 SIA support
41 - It looks like we could merge it into the password auth code to cut down 41 - It looks like we could merge it into the password auth code to cut down
@@ -57,10 +57,10 @@ Clean up configure/makefiles:
57- Replace the whole u_intXX_t evilness in acconfig.h with something better??? 57- Replace the whole u_intXX_t evilness in acconfig.h with something better???
58 - Do it in configure.ac 58 - Do it in configure.ac
59 59
60- Consider splitting the u_intXX_t test for sys/bitype.h into seperate test 60- Consider splitting the u_intXX_t test for sys/bitype.h into separate test
61 to allow people to (right/wrongfully) link against Bind directly. 61 to allow people to (right/wrongfully) link against Bind directly.
62 62
63- Consider splitting configure.ac into seperate files which do logically 63- Consider splitting configure.ac into separate files which do logically
64 similar tests. E.g move all the type detection stuff into one file, 64 similar tests. E.g move all the type detection stuff into one file,
65 entropy related stuff into another. 65 entropy related stuff into another.
66 66
diff --git a/aclocal.m4 b/aclocal.m4
index ac6b6684a..25ecc49a2 100644
--- a/aclocal.m4
+++ b/aclocal.m4
@@ -25,7 +25,7 @@ int main(int argc, char **argv) {
25} 25}
26 ]])], 26 ]])],
27 [ 27 [
28if `grep -i "unrecognized option" conftest.err >/dev/null` 28if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null
29then 29then
30 AC_MSG_RESULT([no]) 30 AC_MSG_RESULT([no])
31 CFLAGS="$saved_CFLAGS" 31 CFLAGS="$saved_CFLAGS"
@@ -63,7 +63,7 @@ int main(int argc, char **argv) {
63} 63}
64 ]])], 64 ]])],
65 [ 65 [
66if `grep -i "unrecognized option" conftest.err >/dev/null` 66if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null
67then 67then
68 AC_MSG_RESULT([no]) 68 AC_MSG_RESULT([no])
69 CFLAGS="$saved_CFLAGS" 69 CFLAGS="$saved_CFLAGS"
@@ -100,8 +100,15 @@ int main(int argc, char **argv) {
100 exit(0); 100 exit(0);
101} 101}
102 ]])], 102 ]])],
103 [ AC_MSG_RESULT([yes]) 103 [
104 LDFLAGS="$saved_LDFLAGS $_define_flag"], 104if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null
105then
106 AC_MSG_RESULT([no])
107 LDFLAGS="$saved_LDFLAGS"
108else
109 AC_MSG_RESULT([yes])
110 LDFLAGS="$saved_LDFLAGS $_define_flag"
111fi ],
105 [ AC_MSG_RESULT([no]) 112 [ AC_MSG_RESULT([no])
106 LDFLAGS="$saved_LDFLAGS" ] 113 LDFLAGS="$saved_LDFLAGS" ]
107 ) 114 )
diff --git a/addrmatch.c b/addrmatch.c
index 8658e105a..5a402d065 100644
--- a/addrmatch.c
+++ b/addrmatch.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: addrmatch.c,v 1.13 2016/09/21 16:55:42 djm Exp $ */ 1/* $OpenBSD: addrmatch.c,v 1.14 2018/07/31 03:07:24 djm Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2004-2008 Damien Miller <djm@mindrot.org> 4 * Copyright (c) 2004-2008 Damien Miller <djm@mindrot.org>
@@ -205,25 +205,24 @@ addr_cmp(const struct xaddr *a, const struct xaddr *b)
205static int 205static int
206addr_pton(const char *p, struct xaddr *n) 206addr_pton(const char *p, struct xaddr *n)
207{ 207{
208 struct addrinfo hints, *ai; 208 struct addrinfo hints, *ai = NULL;
209 int ret = -1;
209 210
210 memset(&hints, '\0', sizeof(hints)); 211 memset(&hints, '\0', sizeof(hints));
211 hints.ai_flags = AI_NUMERICHOST; 212 hints.ai_flags = AI_NUMERICHOST;
212 213
213 if (p == NULL || getaddrinfo(p, NULL, &hints, &ai) != 0) 214 if (p == NULL || getaddrinfo(p, NULL, &hints, &ai) != 0)
214 return -1; 215 goto out;
215
216 if (ai == NULL || ai->ai_addr == NULL) 216 if (ai == NULL || ai->ai_addr == NULL)
217 return -1; 217 goto out;
218 218 if (n != NULL && addr_sa_to_xaddr(ai->ai_addr, ai->ai_addrlen, n) == -1)
219 if (n != NULL && 219 goto out;
220 addr_sa_to_xaddr(ai->ai_addr, ai->ai_addrlen, n) == -1) { 220 /* success */
221 ret = 0;
222 out:
223 if (ai != NULL)
221 freeaddrinfo(ai); 224 freeaddrinfo(ai);
222 return -1; 225 return ret;
223 }
224
225 freeaddrinfo(ai);
226 return 0;
227} 226}
228 227
229/* 228/*
diff --git a/audit-bsm.c b/audit-bsm.c
index f8e0bea89..1409f69ae 100644
--- a/audit-bsm.c
+++ b/audit-bsm.c
@@ -49,7 +49,6 @@
49 49
50#include "ssh.h" 50#include "ssh.h"
51#include "log.h" 51#include "log.h"
52#include "key.h"
53#include "hostfile.h" 52#include "hostfile.h"
54#include "auth.h" 53#include "auth.h"
55#include "xmalloc.h" 54#include "xmalloc.h"
diff --git a/audit.c b/audit.c
index 7645c1439..33a04376d 100644
--- a/audit.c
+++ b/audit.c
@@ -26,12 +26,12 @@
26 26
27#include <stdarg.h> 27#include <stdarg.h>
28#include <string.h> 28#include <string.h>
29#include <unistd.h>
29 30
30#ifdef SSH_AUDIT_EVENTS 31#ifdef SSH_AUDIT_EVENTS
31 32
32#include "audit.h" 33#include "audit.h"
33#include "log.h" 34#include "log.h"
34#include "key.h"
35#include "hostfile.h" 35#include "hostfile.h"
36#include "auth.h" 36#include "auth.h"
37 37
diff --git a/auth-bsdauth.c b/auth-bsdauth.c
index e00718f2e..4dc5045c2 100644
--- a/auth-bsdauth.c
+++ b/auth-bsdauth.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: auth-bsdauth.c,v 1.14 2015/10/20 23:24:25 mmcc Exp $ */ 1/* $OpenBSD: auth-bsdauth.c,v 1.15 2018/07/09 21:35:50 markus Exp $ */
2/* 2/*
3 * Copyright (c) 2001 Markus Friedl. All rights reserved. 3 * Copyright (c) 2001 Markus Friedl. All rights reserved.
4 * 4 *
@@ -33,11 +33,11 @@
33 33
34#ifdef BSD_AUTH 34#ifdef BSD_AUTH
35#include "xmalloc.h" 35#include "xmalloc.h"
36#include "key.h" 36#include "sshkey.h"
37#include "sshbuf.h"
37#include "hostfile.h" 38#include "hostfile.h"
38#include "auth.h" 39#include "auth.h"
39#include "log.h" 40#include "log.h"
40#include "buffer.h"
41#ifdef GSSAPI 41#ifdef GSSAPI
42#include "ssh-gss.h" 42#include "ssh-gss.h"
43#endif 43#endif
diff --git a/auth-krb5.c b/auth-krb5.c
index 38e7fee21..204752e1b 100644
--- a/auth-krb5.c
+++ b/auth-krb5.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: auth-krb5.c,v 1.22 2016/05/04 14:22:33 markus Exp $ */ 1/* $OpenBSD: auth-krb5.c,v 1.23 2018/07/09 21:35:50 markus Exp $ */
2/* 2/*
3 * Kerberos v5 authentication and ticket-passing routines. 3 * Kerberos v5 authentication and ticket-passing routines.
4 * 4 *
@@ -38,11 +38,11 @@
38#include "ssh.h" 38#include "ssh.h"
39#include "packet.h" 39#include "packet.h"
40#include "log.h" 40#include "log.h"
41#include "buffer.h" 41#include "sshbuf.h"
42#include "sshkey.h"
42#include "misc.h" 43#include "misc.h"
43#include "servconf.h" 44#include "servconf.h"
44#include "uidswap.h" 45#include "uidswap.h"
45#include "key.h"
46#include "hostfile.h" 46#include "hostfile.h"
47#include "auth.h" 47#include "auth.h"
48 48
diff --git a/auth-options.c b/auth-options.c
index ef57ebf43..27c0eb05e 100644
--- a/auth-options.c
+++ b/auth-options.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: auth-options.c,v 1.79 2018/04/06 04:15:45 djm Exp $ */ 1/* $OpenBSD: auth-options.c,v 1.83 2018/06/19 02:59:41 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2018 Damien Miller <djm@mindrot.org> 3 * Copyright (c) 2018 Damien Miller <djm@mindrot.org>
4 * 4 *
@@ -283,6 +283,10 @@ sshauthopt_free(struct sshauthopt *opts)
283 free(opts->permitopen[i]); 283 free(opts->permitopen[i]);
284 free(opts->permitopen); 284 free(opts->permitopen);
285 285
286 for (i = 0; i < opts->npermitlisten; i++)
287 free(opts->permitlisten[i]);
288 free(opts->permitlisten);
289
286 explicit_bzero(opts, sizeof(*opts)); 290 explicit_bzero(opts, sizeof(*opts));
287 free(opts); 291 free(opts);
288} 292}
@@ -304,10 +308,82 @@ sshauthopt_new_with_keys_defaults(void)
304 return ret; 308 return ret;
305} 309}
306 310
311/*
312 * Parse and record a permitopen/permitlisten directive.
313 * Return 0 on success. Return -1 on failure and sets *errstrp to error reason.
314 */
315static int
316handle_permit(const char **optsp, int allow_bare_port,
317 char ***permitsp, size_t *npermitsp, const char **errstrp)
318{
319 char *opt, *tmp, *cp, *host, **permits = *permitsp;
320 size_t npermits = *npermitsp;
321 const char *errstr = "unknown error";
322
323 if (npermits > INT_MAX) {
324 *errstrp = "too many permission directives";
325 return -1;
326 }
327 if ((opt = opt_dequote(optsp, &errstr)) == NULL) {
328 return -1;
329 }
330 if (allow_bare_port && strchr(opt, ':') == NULL) {
331 /*
332 * Allow a bare port number in permitlisten to indicate a
333 * listen_host wildcard.
334 */
335 if (asprintf(&tmp, "*:%s", opt) < 0) {
336 *errstrp = "memory allocation failed";
337 return -1;
338 }
339 free(opt);
340 opt = tmp;
341 }
342 if ((tmp = strdup(opt)) == NULL) {
343 free(opt);
344 *errstrp = "memory allocation failed";
345 return -1;
346 }
347 cp = tmp;
348 /* validate syntax before recording it. */
349 host = hpdelim(&cp);
350 if (host == NULL || strlen(host) >= NI_MAXHOST) {
351 free(tmp);
352 free(opt);
353 *errstrp = "invalid permission hostname";
354 return -1;
355 }
356 /*
357 * don't want to use permitopen_port to avoid
358 * dependency on channels.[ch] here.
359 */
360 if (cp == NULL ||
361 (strcmp(cp, "*") != 0 && a2port(cp) <= 0)) {
362 free(tmp);
363 free(opt);
364 *errstrp = "invalid permission port";
365 return -1;
366 }
367 /* XXX - add streamlocal support */
368 free(tmp);
369 /* Record it */
370 if ((permits = recallocarray(permits, npermits, npermits + 1,
371 sizeof(*permits))) == NULL) {
372 free(opt);
373 /* NB. don't update *permitsp if alloc fails */
374 *errstrp = "memory allocation failed";
375 return -1;
376 }
377 permits[npermits++] = opt;
378 *permitsp = permits;
379 *npermitsp = npermits;
380 return 0;
381}
382
307struct sshauthopt * 383struct sshauthopt *
308sshauthopt_parse(const char *opts, const char **errstrp) 384sshauthopt_parse(const char *opts, const char **errstrp)
309{ 385{
310 char **oarray, *opt, *cp, *tmp, *host; 386 char **oarray, *opt, *cp, *tmp;
311 int r; 387 int r;
312 struct sshauthopt *ret = NULL; 388 struct sshauthopt *ret = NULL;
313 const char *errstr = "unknown error"; 389 const char *errstr = "unknown error";
@@ -410,48 +486,13 @@ sshauthopt_parse(const char *opts, const char **errstrp)
410 } 486 }
411 ret->env[ret->nenv++] = opt; 487 ret->env[ret->nenv++] = opt;
412 } else if (opt_match(&opts, "permitopen")) { 488 } else if (opt_match(&opts, "permitopen")) {
413 if (ret->npermitopen > INT_MAX) { 489 if (handle_permit(&opts, 0, &ret->permitopen,
414 errstr = "too many permitopens"; 490 &ret->npermitopen, &errstr) != 0)
415 goto fail;
416 }
417 if ((opt = opt_dequote(&opts, &errstr)) == NULL)
418 goto fail;
419 if ((tmp = strdup(opt)) == NULL) {
420 free(opt);
421 goto alloc_fail;
422 }
423 cp = tmp;
424 /* validate syntax of permitopen before recording it. */
425 host = hpdelim(&cp);
426 if (host == NULL || strlen(host) >= NI_MAXHOST) {
427 free(tmp);
428 free(opt);
429 errstr = "invalid permitopen hostname";
430 goto fail; 491 goto fail;
431 } 492 } else if (opt_match(&opts, "permitlisten")) {
432 /* 493 if (handle_permit(&opts, 1, &ret->permitlisten,
433 * don't want to use permitopen_port to avoid 494 &ret->npermitlisten, &errstr) != 0)
434 * dependency on channels.[ch] here.
435 */
436 if (cp == NULL ||
437 (strcmp(cp, "*") != 0 && a2port(cp) <= 0)) {
438 free(tmp);
439 free(opt);
440 errstr = "invalid permitopen port";
441 goto fail; 495 goto fail;
442 }
443 /* XXX - add streamlocal support */
444 free(tmp);
445 /* Record it */
446 oarray = ret->permitopen;
447 if ((ret->permitopen = recallocarray(ret->permitopen,
448 ret->npermitopen, ret->npermitopen + 1,
449 sizeof(*ret->permitopen))) == NULL) {
450 free(opt);
451 ret->permitopen = oarray;
452 goto alloc_fail;
453 }
454 ret->permitopen[ret->npermitopen++] = opt;
455 } else if (opt_match(&opts, "tunnel")) { 496 } else if (opt_match(&opts, "tunnel")) {
456 if ((opt = opt_dequote(&opts, &errstr)) == NULL) 497 if ((opt = opt_dequote(&opts, &errstr)) == NULL)
457 goto fail; 498 goto fail;
@@ -554,7 +595,10 @@ sshauthopt_merge(const struct sshauthopt *primary,
554 if (tmp != NULL && (ret->required_from_host_keys = strdup(tmp)) == NULL) 595 if (tmp != NULL && (ret->required_from_host_keys = strdup(tmp)) == NULL)
555 goto alloc_fail; 596 goto alloc_fail;
556 597
557 /* force_tun_device, permitopen and environment prefer the primary. */ 598 /*
599 * force_tun_device, permitopen/permitlisten and environment all
600 * prefer the primary.
601 */
558 ret->force_tun_device = primary->force_tun_device; 602 ret->force_tun_device = primary->force_tun_device;
559 if (ret->force_tun_device == -1) 603 if (ret->force_tun_device == -1)
560 ret->force_tun_device = additional->force_tun_device; 604 ret->force_tun_device = additional->force_tun_device;
@@ -577,6 +621,16 @@ sshauthopt_merge(const struct sshauthopt *primary,
577 goto alloc_fail; 621 goto alloc_fail;
578 } 622 }
579 623
624 if (primary->npermitlisten > 0) {
625 if (dup_strings(&ret->permitlisten, &ret->npermitlisten,
626 primary->permitlisten, primary->npermitlisten) != 0)
627 goto alloc_fail;
628 } else if (additional->npermitlisten > 0) {
629 if (dup_strings(&ret->permitlisten, &ret->npermitlisten,
630 additional->permitlisten, additional->npermitlisten) != 0)
631 goto alloc_fail;
632 }
633
580 /* Flags are logical-AND (i.e. must be set in both for permission) */ 634 /* Flags are logical-AND (i.e. must be set in both for permission) */
581#define OPTFLAG(x) ret->x = (primary->x == 1) && (additional->x == 1) 635#define OPTFLAG(x) ret->x = (primary->x == 1) && (additional->x == 1)
582 OPTFLAG(permit_port_forwarding_flag); 636 OPTFLAG(permit_port_forwarding_flag);
@@ -669,7 +723,9 @@ sshauthopt_copy(const struct sshauthopt *orig)
669 723
670 if (dup_strings(&ret->env, &ret->nenv, orig->env, orig->nenv) != 0 || 724 if (dup_strings(&ret->env, &ret->nenv, orig->env, orig->nenv) != 0 ||
671 dup_strings(&ret->permitopen, &ret->npermitopen, 725 dup_strings(&ret->permitopen, &ret->npermitopen,
672 orig->permitopen, orig->npermitopen) != 0) { 726 orig->permitopen, orig->npermitopen) != 0 ||
727 dup_strings(&ret->permitlisten, &ret->npermitlisten,
728 orig->permitlisten, orig->npermitlisten) != 0) {
673 sshauthopt_free(ret); 729 sshauthopt_free(ret);
674 return NULL; 730 return NULL;
675 } 731 }
@@ -805,7 +861,9 @@ sshauthopt_serialise(const struct sshauthopt *opts, struct sshbuf *m,
805 if ((r = serialise_array(m, opts->env, 861 if ((r = serialise_array(m, opts->env,
806 untrusted ? 0 : opts->nenv)) != 0 || 862 untrusted ? 0 : opts->nenv)) != 0 ||
807 (r = serialise_array(m, opts->permitopen, 863 (r = serialise_array(m, opts->permitopen,
808 untrusted ? 0 : opts->npermitopen)) != 0) 864 untrusted ? 0 : opts->npermitopen)) != 0 ||
865 (r = serialise_array(m, opts->permitlisten,
866 untrusted ? 0 : opts->npermitlisten)) != 0)
809 return r; 867 return r;
810 868
811 /* success */ 869 /* success */
@@ -859,7 +917,9 @@ sshauthopt_deserialise(struct sshbuf *m, struct sshauthopt **optsp)
859 /* Array options */ 917 /* Array options */
860 if ((r = deserialise_array(m, &opts->env, &opts->nenv)) != 0 || 918 if ((r = deserialise_array(m, &opts->env, &opts->nenv)) != 0 ||
861 (r = deserialise_array(m, 919 (r = deserialise_array(m,
862 &opts->permitopen, &opts->npermitopen)) != 0) 920 &opts->permitopen, &opts->npermitopen)) != 0 ||
921 (r = deserialise_array(m,
922 &opts->permitlisten, &opts->npermitlisten)) != 0)
863 goto out; 923 goto out;
864 924
865 /* success */ 925 /* success */
diff --git a/auth-options.h b/auth-options.h
index bf59b30be..0462983b5 100644
--- a/auth-options.h
+++ b/auth-options.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: auth-options.h,v 1.26 2018/03/12 00:52:01 djm Exp $ */ 1/* $OpenBSD: auth-options.h,v 1.27 2018/06/06 18:23:32 djm Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2018 Damien Miller <djm@mindrot.org> 4 * Copyright (c) 2018 Damien Miller <djm@mindrot.org>
@@ -55,6 +55,10 @@ struct sshauthopt {
55 size_t npermitopen; 55 size_t npermitopen;
56 char **permitopen; 56 char **permitopen;
57 57
58 /* Permitted listens (remote forwarding) */
59 size_t npermitlisten;
60 char **permitlisten;
61
58 /* 62 /*
59 * Permitted host/addresses (comma-separated) 63 * Permitted host/addresses (comma-separated)
60 * Caller must check source address matches both lists (if present). 64 * Caller must check source address matches both lists (if present).
diff --git a/auth-pam.c b/auth-pam.c
index 00ba87775..8c0138362 100644
--- a/auth-pam.c
+++ b/auth-pam.c
@@ -86,8 +86,8 @@ extern char *__progname;
86#endif 86#endif
87 87
88#include "xmalloc.h" 88#include "xmalloc.h"
89#include "buffer.h" 89#include "sshbuf.h"
90#include "key.h" 90#include "ssherr.h"
91#include "hostfile.h" 91#include "hostfile.h"
92#include "auth.h" 92#include "auth.h"
93#include "auth-pam.h" 93#include "auth-pam.h"
@@ -105,7 +105,7 @@ extern char *__progname;
105#include "monitor_wrap.h" 105#include "monitor_wrap.h"
106 106
107extern ServerOptions options; 107extern ServerOptions options;
108extern Buffer loginmsg; 108extern struct sshbuf *loginmsg;
109extern u_int utmp_len; 109extern u_int utmp_len;
110 110
111/* so we don't silently change behaviour */ 111/* so we don't silently change behaviour */
@@ -313,44 +313,54 @@ sshpam_password_change_required(int reqd)
313 313
314/* Import regular and PAM environment from subprocess */ 314/* Import regular and PAM environment from subprocess */
315static void 315static void
316import_environments(Buffer *b) 316import_environments(struct sshbuf *b)
317{ 317{
318 char *env; 318 char *env;
319 u_int i, num_env; 319 u_int n, i, num_env;
320 int err; 320 int r;
321 321
322 debug3("PAM: %s entering", __func__); 322 debug3("PAM: %s entering", __func__);
323 323
324#ifndef UNSUPPORTED_POSIX_THREADS_HACK 324#ifndef UNSUPPORTED_POSIX_THREADS_HACK
325 /* Import variables set by do_pam_account */ 325 /* Import variables set by do_pam_account */
326 sshpam_account_status = buffer_get_int(b); 326 if ((r = sshbuf_get_u32(b, &n)) != 0)
327 sshpam_password_change_required(buffer_get_int(b)); 327 fatal("%s: buffer error: %s", __func__, ssh_err(r));
328 if (n > INT_MAX)
329 fatal("%s: invalid PAM account status %u", __func__, n);
330 sshpam_account_status = (int)n;
331 if ((r = sshbuf_get_u32(b, &n)) != 0)
332 fatal("%s: buffer error: %s", __func__, ssh_err(r));
333 sshpam_password_change_required(n != 0);
328 334
329 /* Import environment from subprocess */ 335 /* Import environment from subprocess */
330 num_env = buffer_get_int(b); 336 if ((r = sshbuf_get_u32(b, &num_env)) != 0)
337 fatal("%s: buffer error: %s", __func__, ssh_err(r));
331 if (num_env > 1024) 338 if (num_env > 1024)
332 fatal("%s: received %u environment variables, expected <= 1024", 339 fatal("%s: received %u environment variables, expected <= 1024",
333 __func__, num_env); 340 __func__, num_env);
334 sshpam_env = xcalloc(num_env + 1, sizeof(*sshpam_env)); 341 sshpam_env = xcalloc(num_env + 1, sizeof(*sshpam_env));
335 debug3("PAM: num env strings %d", num_env); 342 debug3("PAM: num env strings %d", num_env);
336 for(i = 0; i < num_env; i++) 343 for(i = 0; i < num_env; i++) {
337 sshpam_env[i] = buffer_get_string(b, NULL); 344 if ((r = sshbuf_get_cstring(b, &(sshpam_env[i]), NULL)) != 0)
338 345 fatal("%s: buffer error: %s", __func__, ssh_err(r));
346 }
339 sshpam_env[num_env] = NULL; 347 sshpam_env[num_env] = NULL;
340 348
341 /* Import PAM environment from subprocess */ 349 /* Import PAM environment from subprocess */
342 num_env = buffer_get_int(b); 350 if ((r = sshbuf_get_u32(b, &num_env)) != 0)
351 fatal("%s: buffer error: %s", __func__, ssh_err(r));
343 debug("PAM: num PAM env strings %d", num_env); 352 debug("PAM: num PAM env strings %d", num_env);
344 for(i = 0; i < num_env; i++) { 353 for (i = 0; i < num_env; i++) {
345 env = buffer_get_string(b, NULL); 354 if ((r = sshbuf_get_cstring(b, &env, NULL)) != 0)
346 355 fatal("%s: buffer error: %s", __func__, ssh_err(r));
347#ifdef HAVE_PAM_PUTENV 356#ifdef HAVE_PAM_PUTENV
348 /* Errors are not fatal here */ 357 /* Errors are not fatal here */
349 if ((err = pam_putenv(sshpam_handle, env)) != PAM_SUCCESS) { 358 if ((r = pam_putenv(sshpam_handle, env)) != PAM_SUCCESS) {
350 error("PAM: pam_putenv: %s", 359 error("PAM: pam_putenv: %s",
351 pam_strerror(sshpam_handle, sshpam_err)); 360 pam_strerror(sshpam_handle, r));
352 } 361 }
353#endif 362#endif
363 /* XXX leak env? */
354 } 364 }
355#endif 365#endif
356} 366}
@@ -362,10 +372,11 @@ static int
362sshpam_thread_conv(int n, sshpam_const struct pam_message **msg, 372sshpam_thread_conv(int n, sshpam_const struct pam_message **msg,
363 struct pam_response **resp, void *data) 373 struct pam_response **resp, void *data)
364{ 374{
365 Buffer buffer; 375 struct sshbuf *buffer;
366 struct pam_ctxt *ctxt; 376 struct pam_ctxt *ctxt;
367 struct pam_response *reply; 377 struct pam_response *reply;
368 int i; 378 int r, i;
379 u_char status;
369 380
370 debug3("PAM: %s entering, %d messages", __func__, n); 381 debug3("PAM: %s entering, %d messages", __func__, n);
371 *resp = NULL; 382 *resp = NULL;
@@ -379,38 +390,52 @@ sshpam_thread_conv(int n, sshpam_const struct pam_message **msg,
379 return (PAM_CONV_ERR); 390 return (PAM_CONV_ERR);
380 391
381 if ((reply = calloc(n, sizeof(*reply))) == NULL) 392 if ((reply = calloc(n, sizeof(*reply))) == NULL)
382 return (PAM_CONV_ERR); 393 return PAM_CONV_ERR;
394 if ((buffer = sshbuf_new()) == NULL) {
395 free(reply);
396 return PAM_CONV_ERR;
397 }
383 398
384 buffer_init(&buffer);
385 for (i = 0; i < n; ++i) { 399 for (i = 0; i < n; ++i) {
386 switch (PAM_MSG_MEMBER(msg, i, msg_style)) { 400 switch (PAM_MSG_MEMBER(msg, i, msg_style)) {
387 case PAM_PROMPT_ECHO_OFF: 401 case PAM_PROMPT_ECHO_OFF:
388 case PAM_PROMPT_ECHO_ON: 402 case PAM_PROMPT_ECHO_ON:
389 buffer_put_cstring(&buffer, 403 if ((r = sshbuf_put_cstring(buffer,
390 PAM_MSG_MEMBER(msg, i, msg)); 404 PAM_MSG_MEMBER(msg, i, msg))) != 0)
405 fatal("%s: buffer error: %s",
406 __func__, ssh_err(r));
391 if (ssh_msg_send(ctxt->pam_csock, 407 if (ssh_msg_send(ctxt->pam_csock,
392 PAM_MSG_MEMBER(msg, i, msg_style), &buffer) == -1) 408 PAM_MSG_MEMBER(msg, i, msg_style), buffer) == -1)
393 goto fail; 409 goto fail;
394 if (ssh_msg_recv(ctxt->pam_csock, &buffer) == -1) 410
411 if (ssh_msg_recv(ctxt->pam_csock, buffer) == -1)
395 goto fail; 412 goto fail;
396 if (buffer_get_char(&buffer) != PAM_AUTHTOK) 413 if ((r = sshbuf_get_u8(buffer, &status)) != 0)
414 fatal("%s: buffer error: %s",
415 __func__, ssh_err(r));
416 if (status != PAM_AUTHTOK)
397 goto fail; 417 goto fail;
398 reply[i].resp = buffer_get_string(&buffer, NULL); 418 if ((r = sshbuf_get_cstring(buffer,
419 &reply[i].resp, NULL)) != 0)
420 fatal("%s: buffer error: %s",
421 __func__, ssh_err(r));
399 break; 422 break;
400 case PAM_ERROR_MSG: 423 case PAM_ERROR_MSG:
401 case PAM_TEXT_INFO: 424 case PAM_TEXT_INFO:
402 buffer_put_cstring(&buffer, 425 if ((r = sshbuf_put_cstring(buffer,
403 PAM_MSG_MEMBER(msg, i, msg)); 426 PAM_MSG_MEMBER(msg, i, msg))) != 0)
427 fatal("%s: buffer error: %s",
428 __func__, ssh_err(r));
404 if (ssh_msg_send(ctxt->pam_csock, 429 if (ssh_msg_send(ctxt->pam_csock,
405 PAM_MSG_MEMBER(msg, i, msg_style), &buffer) == -1) 430 PAM_MSG_MEMBER(msg, i, msg_style), buffer) == -1)
406 goto fail; 431 goto fail;
407 break; 432 break;
408 default: 433 default:
409 goto fail; 434 goto fail;
410 } 435 }
411 buffer_clear(&buffer); 436 sshbuf_reset(buffer);
412 } 437 }
413 buffer_free(&buffer); 438 sshbuf_free(buffer);
414 *resp = reply; 439 *resp = reply;
415 return (PAM_SUCCESS); 440 return (PAM_SUCCESS);
416 441
@@ -419,7 +444,7 @@ sshpam_thread_conv(int n, sshpam_const struct pam_message **msg,
419 free(reply[i].resp); 444 free(reply[i].resp);
420 } 445 }
421 free(reply); 446 free(reply);
422 buffer_free(&buffer); 447 sshbuf_free(buffer);
423 return (PAM_CONV_ERR); 448 return (PAM_CONV_ERR);
424} 449}
425 450
@@ -430,9 +455,9 @@ static void *
430sshpam_thread(void *ctxtp) 455sshpam_thread(void *ctxtp)
431{ 456{
432 struct pam_ctxt *ctxt = ctxtp; 457 struct pam_ctxt *ctxt = ctxtp;
433 Buffer buffer; 458 struct sshbuf *buffer = NULL;
434 struct pam_conv sshpam_conv; 459 struct pam_conv sshpam_conv;
435 int flags = (options.permit_empty_passwd == 0 ? 460 int r, flags = (options.permit_empty_passwd == 0 ?
436 PAM_DISALLOW_NULL_AUTHTOK : 0); 461 PAM_DISALLOW_NULL_AUTHTOK : 0);
437#ifndef UNSUPPORTED_POSIX_THREADS_HACK 462#ifndef UNSUPPORTED_POSIX_THREADS_HACK
438 extern char **environ; 463 extern char **environ;
@@ -465,7 +490,9 @@ sshpam_thread(void *ctxtp)
465 if (sshpam_authctxt == NULL) 490 if (sshpam_authctxt == NULL)
466 fatal("%s: PAM authctxt not initialized", __func__); 491 fatal("%s: PAM authctxt not initialized", __func__);
467 492
468 buffer_init(&buffer); 493 if ((buffer = sshbuf_new()) == NULL)
494 fatal("%s: sshbuf_new failed", __func__);
495
469 sshpam_err = pam_set_item(sshpam_handle, PAM_CONV, 496 sshpam_err = pam_set_item(sshpam_handle, PAM_CONV,
470 (const void *)&sshpam_conv); 497 (const void *)&sshpam_conv);
471 if (sshpam_err != PAM_SUCCESS) 498 if (sshpam_err != PAM_SUCCESS)
@@ -488,45 +515,59 @@ sshpam_thread(void *ctxtp)
488 sshpam_password_change_required(0); 515 sshpam_password_change_required(0);
489 } 516 }
490 517
491 buffer_put_cstring(&buffer, "OK"); 518 if ((r = sshbuf_put_cstring(buffer, "OK")) != 0)
519 fatal("%s: buffer error: %s", __func__, ssh_err(r));
492 520
493#ifndef UNSUPPORTED_POSIX_THREADS_HACK 521#ifndef UNSUPPORTED_POSIX_THREADS_HACK
494 /* Export variables set by do_pam_account */ 522 /* Export variables set by do_pam_account */
495 buffer_put_int(&buffer, sshpam_account_status); 523 if ((r = sshbuf_put_u32(buffer, sshpam_account_status)) != 0 ||
496 buffer_put_int(&buffer, sshpam_authctxt->force_pwchange); 524 (r = sshbuf_put_u32(buffer, sshpam_authctxt->force_pwchange)) != 0)
525 fatal("%s: buffer error: %s", __func__, ssh_err(r));
497 526
498 /* Export any environment strings set in child */ 527 /* Export any environment strings set in child */
499 for(i = 0; environ[i] != NULL; i++) 528 for (i = 0; environ[i] != NULL; i++) {
500 ; /* Count */ 529 /* Count */
501 buffer_put_int(&buffer, i); 530 if (i > INT_MAX)
502 for(i = 0; environ[i] != NULL; i++) 531 fatal("%s: too many enviornment strings", __func__);
503 buffer_put_cstring(&buffer, environ[i]); 532 }
504 533 if ((r = sshbuf_put_u32(buffer, i)) != 0)
534 fatal("%s: buffer error: %s", __func__, ssh_err(r));
535 for (i = 0; environ[i] != NULL; i++) {
536 if ((r = sshbuf_put_cstring(buffer, environ[i])) != 0)
537 fatal("%s: buffer error: %s", __func__, ssh_err(r));
538 }
505 /* Export any environment strings set by PAM in child */ 539 /* Export any environment strings set by PAM in child */
506 env_from_pam = pam_getenvlist(sshpam_handle); 540 env_from_pam = pam_getenvlist(sshpam_handle);
507 for(i = 0; env_from_pam != NULL && env_from_pam[i] != NULL; i++) 541 for (i = 0; env_from_pam != NULL && env_from_pam[i] != NULL; i++) {
508 ; /* Count */ 542 /* Count */
509 buffer_put_int(&buffer, i); 543 if (i > INT_MAX)
510 for(i = 0; env_from_pam != NULL && env_from_pam[i] != NULL; i++) 544 fatal("%s: too many PAM enviornment strings", __func__);
511 buffer_put_cstring(&buffer, env_from_pam[i]); 545 }
546 if ((r = sshbuf_put_u32(buffer, i)) != 0)
547 fatal("%s: buffer error: %s", __func__, ssh_err(r));
548 for (i = 0; env_from_pam != NULL && env_from_pam[i] != NULL; i++) {
549 if ((r = sshbuf_put_cstring(buffer, env_from_pam[i])) != 0)
550 fatal("%s: buffer error: %s", __func__, ssh_err(r));
551 }
512#endif /* UNSUPPORTED_POSIX_THREADS_HACK */ 552#endif /* UNSUPPORTED_POSIX_THREADS_HACK */
513 553
514 /* XXX - can't do much about an error here */ 554 /* XXX - can't do much about an error here */
515 ssh_msg_send(ctxt->pam_csock, sshpam_err, &buffer); 555 ssh_msg_send(ctxt->pam_csock, sshpam_err, buffer);
516 buffer_free(&buffer); 556 sshbuf_free(buffer);
517 pthread_exit(NULL); 557 pthread_exit(NULL);
518 558
519 auth_fail: 559 auth_fail:
520 buffer_put_cstring(&buffer, 560 if ((r = sshbuf_put_cstring(buffer,
521 pam_strerror(sshpam_handle, sshpam_err)); 561 pam_strerror(sshpam_handle, sshpam_err))) != 0)
562 fatal("%s: buffer error: %s", __func__, ssh_err(r));
522 /* XXX - can't do much about an error here */ 563 /* XXX - can't do much about an error here */
523 if (sshpam_err == PAM_ACCT_EXPIRED) 564 if (sshpam_err == PAM_ACCT_EXPIRED)
524 ssh_msg_send(ctxt->pam_csock, PAM_ACCT_EXPIRED, &buffer); 565 ssh_msg_send(ctxt->pam_csock, PAM_ACCT_EXPIRED, buffer);
525 else if (sshpam_maxtries_reached) 566 else if (sshpam_maxtries_reached)
526 ssh_msg_send(ctxt->pam_csock, PAM_MAXTRIES, &buffer); 567 ssh_msg_send(ctxt->pam_csock, PAM_MAXTRIES, buffer);
527 else 568 else
528 ssh_msg_send(ctxt->pam_csock, PAM_AUTH_ERR, &buffer); 569 ssh_msg_send(ctxt->pam_csock, PAM_AUTH_ERR, buffer);
529 buffer_free(&buffer); 570 sshbuf_free(buffer);
530 pthread_exit(NULL); 571 pthread_exit(NULL);
531 572
532 return (NULL); /* Avoid warning for non-pthread case */ 573 return (NULL); /* Avoid warning for non-pthread case */
@@ -563,8 +604,7 @@ sshpam_store_conv(int n, sshpam_const struct pam_message **msg,
563 struct pam_response **resp, void *data) 604 struct pam_response **resp, void *data)
564{ 605{
565 struct pam_response *reply; 606 struct pam_response *reply;
566 int i; 607 int r, i;
567 size_t len;
568 608
569 debug3("PAM: %s called with %d messages", __func__, n); 609 debug3("PAM: %s called with %d messages", __func__, n);
570 *resp = NULL; 610 *resp = NULL;
@@ -579,9 +619,10 @@ sshpam_store_conv(int n, sshpam_const struct pam_message **msg,
579 switch (PAM_MSG_MEMBER(msg, i, msg_style)) { 619 switch (PAM_MSG_MEMBER(msg, i, msg_style)) {
580 case PAM_ERROR_MSG: 620 case PAM_ERROR_MSG:
581 case PAM_TEXT_INFO: 621 case PAM_TEXT_INFO:
582 len = strlen(PAM_MSG_MEMBER(msg, i, msg)); 622 if ((r = sshbuf_putf(loginmsg, "%s\n",
583 buffer_append(&loginmsg, PAM_MSG_MEMBER(msg, i, msg), len); 623 PAM_MSG_MEMBER(msg, i, msg))) != 0)
584 buffer_append(&loginmsg, "\n", 1 ); 624 fatal("%s: buffer error: %s",
625 __func__, ssh_err(r));
585 reply[i].resp_retcode = PAM_SUCCESS; 626 reply[i].resp_retcode = PAM_SUCCESS;
586 break; 627 break;
587 default: 628 default:
@@ -674,6 +715,27 @@ sshpam_init(Authctxt *authctxt)
674 return (0); 715 return (0);
675} 716}
676 717
718static void
719expose_authinfo(const char *caller)
720{
721 char *auth_info;
722
723 /*
724 * Expose authentication information to PAM.
725 * The environment variable is versioned. Please increment the
726 * version suffix if the format of session_info changes.
727 */
728 if (sshpam_authctxt->session_info == NULL)
729 auth_info = xstrdup("");
730 else if ((auth_info = sshbuf_dup_string(
731 sshpam_authctxt->session_info)) == NULL)
732 fatal("%s: sshbuf_dup_string failed", __func__);
733
734 debug2("%s: auth information in SSH_AUTH_INFO_0", caller);
735 do_pam_putenv("SSH_AUTH_INFO_0", auth_info);
736 free(auth_info);
737}
738
677static void * 739static void *
678sshpam_init_ctx(Authctxt *authctxt) 740sshpam_init_ctx(Authctxt *authctxt)
679{ 741{
@@ -694,6 +756,7 @@ sshpam_init_ctx(Authctxt *authctxt)
694 return (NULL); 756 return (NULL);
695 } 757 }
696 758
759 expose_authinfo(__func__);
697 ctxt = xcalloc(1, sizeof *ctxt); 760 ctxt = xcalloc(1, sizeof *ctxt);
698 761
699 /* Start the authentication thread */ 762 /* Start the authentication thread */
@@ -721,25 +784,27 @@ sshpam_query(void *ctx, char **name, char **info,
721 u_int *num, char ***prompts, u_int **echo_on) 784 u_int *num, char ***prompts, u_int **echo_on)
722{ 785{
723 struct ssh *ssh = active_state; /* XXX */ 786 struct ssh *ssh = active_state; /* XXX */
724 Buffer buffer; 787 struct sshbuf *buffer;
725 struct pam_ctxt *ctxt = ctx; 788 struct pam_ctxt *ctxt = ctx;
726 size_t plen; 789 size_t plen;
727 u_char type; 790 u_char type;
728 char *msg; 791 char *msg;
729 size_t len, mlen; 792 size_t len, mlen;
793 int r;
730 794
731 debug3("PAM: %s entering", __func__); 795 debug3("PAM: %s entering", __func__);
732 buffer_init(&buffer); 796 if ((buffer = sshbuf_new()) == NULL)
797 fatal("%s: sshbuf_new failed", __func__);
733 *name = xstrdup(""); 798 *name = xstrdup("");
734 *info = xstrdup(""); 799 *info = xstrdup("");
735 *prompts = xmalloc(sizeof(char *)); 800 *prompts = xmalloc(sizeof(char *));
736 **prompts = NULL; 801 **prompts = NULL;
737 plen = 0; 802 plen = 0;
738 *echo_on = xmalloc(sizeof(u_int)); 803 *echo_on = xmalloc(sizeof(u_int));
739 while (ssh_msg_recv(ctxt->pam_psock, &buffer) == 0) { 804 while (ssh_msg_recv(ctxt->pam_psock, buffer) == 0) {
740 type = buffer_get_char(&buffer); 805 if ((r = sshbuf_get_u8(buffer, &type)) != 0 ||
741 msg = buffer_get_string(&buffer, NULL); 806 (r = sshbuf_get_cstring(buffer, &msg, &mlen)) != 0)
742 mlen = strlen(msg); 807 fatal("%s: buffer error: %s", __func__, ssh_err(r));
743 switch (type) { 808 switch (type) {
744 case PAM_PROMPT_ECHO_ON: 809 case PAM_PROMPT_ECHO_ON:
745 case PAM_PROMPT_ECHO_OFF: 810 case PAM_PROMPT_ECHO_OFF:
@@ -785,8 +850,10 @@ sshpam_query(void *ctx, char **name, char **info,
785 if (**prompts != NULL) { 850 if (**prompts != NULL) {
786 /* drain any accumulated messages */ 851 /* drain any accumulated messages */
787 debug("PAM: %s", **prompts); 852 debug("PAM: %s", **prompts);
788 buffer_append(&loginmsg, **prompts, 853 if ((r = sshbuf_put(loginmsg, **prompts,
789 strlen(**prompts)); 854 strlen(**prompts))) != 0)
855 fatal("%s: buffer error: %s",
856 __func__, ssh_err(r));
790 free(**prompts); 857 free(**prompts);
791 **prompts = NULL; 858 **prompts = NULL;
792 } 859 }
@@ -797,7 +864,7 @@ sshpam_query(void *ctx, char **name, char **info,
797 fatal("Internal error: PAM auth " 864 fatal("Internal error: PAM auth "
798 "succeeded when it should have " 865 "succeeded when it should have "
799 "failed"); 866 "failed");
800 import_environments(&buffer); 867 import_environments(buffer);
801 *num = 0; 868 *num = 0;
802 **echo_on = 0; 869 **echo_on = 0;
803 ctxt->pam_done = 1; 870 ctxt->pam_done = 1;
@@ -848,9 +915,10 @@ fake_password(const char *wire_password)
848static int 915static int
849sshpam_respond(void *ctx, u_int num, char **resp) 916sshpam_respond(void *ctx, u_int num, char **resp)
850{ 917{
851 Buffer buffer; 918 struct sshbuf *buffer;
852 struct pam_ctxt *ctxt = ctx; 919 struct pam_ctxt *ctxt = ctx;
853 char *fake; 920 char *fake;
921 int r;
854 922
855 debug2("PAM: %s entering, %u responses", __func__, num); 923 debug2("PAM: %s entering, %u responses", __func__, num);
856 switch (ctxt->pam_done) { 924 switch (ctxt->pam_done) {
@@ -866,21 +934,24 @@ sshpam_respond(void *ctx, u_int num, char **resp)
866 error("PAM: expected one response, got %u", num); 934 error("PAM: expected one response, got %u", num);
867 return (-1); 935 return (-1);
868 } 936 }
869 buffer_init(&buffer); 937 if ((buffer = sshbuf_new()) == NULL)
938 fatal("%s: sshbuf_new failed", __func__);
870 if (sshpam_authctxt->valid && 939 if (sshpam_authctxt->valid &&
871 (sshpam_authctxt->pw->pw_uid != 0 || 940 (sshpam_authctxt->pw->pw_uid != 0 ||
872 options.permit_root_login == PERMIT_YES)) 941 options.permit_root_login == PERMIT_YES)) {
873 buffer_put_cstring(&buffer, *resp); 942 if ((r = sshbuf_put_cstring(buffer, *resp)) != 0)
874 else { 943 fatal("%s: buffer error: %s", __func__, ssh_err(r));
944 } else {
875 fake = fake_password(*resp); 945 fake = fake_password(*resp);
876 buffer_put_cstring(&buffer, fake); 946 if ((r = sshbuf_put_cstring(buffer, fake)) != 0)
947 fatal("%s: buffer error: %s", __func__, ssh_err(r));
877 free(fake); 948 free(fake);
878 } 949 }
879 if (ssh_msg_send(ctxt->pam_psock, PAM_AUTHTOK, &buffer) == -1) { 950 if (ssh_msg_send(ctxt->pam_psock, PAM_AUTHTOK, buffer) == -1) {
880 buffer_free(&buffer); 951 sshbuf_free(buffer);
881 return (-1); 952 return (-1);
882 } 953 }
883 buffer_free(&buffer); 954 sshbuf_free(buffer);
884 return (1); 955 return (1);
885} 956}
886 957
@@ -935,26 +1006,6 @@ finish_pam(void)
935 sshpam_cleanup(); 1006 sshpam_cleanup();
936} 1007}
937 1008
938static void
939expose_authinfo(const char *caller)
940{
941 char *auth_info;
942
943 /*
944 * Expose authentication information to PAM.
945 * The enviornment variable is versioned. Please increment the
946 * version suffix if the format of session_info changes.
947 */
948 if (sshpam_authctxt->session_info == NULL)
949 auth_info = xstrdup("");
950 else if ((auth_info = sshbuf_dup_string(
951 sshpam_authctxt->session_info)) == NULL)
952 fatal("%s: sshbuf_dup_string failed", __func__);
953
954 debug2("%s: auth information in SSH_AUTH_INFO_0", caller);
955 do_pam_putenv("SSH_AUTH_INFO_0", auth_info);
956 free(auth_info);
957}
958 1009
959u_int 1010u_int
960do_pam_account(void) 1011do_pam_account(void)
@@ -1174,7 +1225,7 @@ sshpam_passwd_conv(int n, sshpam_const struct pam_message **msg,
1174 struct pam_response **resp, void *data) 1225 struct pam_response **resp, void *data)
1175{ 1226{
1176 struct pam_response *reply; 1227 struct pam_response *reply;
1177 int i; 1228 int r, i;
1178 size_t len; 1229 size_t len;
1179 1230
1180 debug3("PAM: %s called with %d messages", __func__, n); 1231 debug3("PAM: %s called with %d messages", __func__, n);
@@ -1200,9 +1251,10 @@ sshpam_passwd_conv(int n, sshpam_const struct pam_message **msg,
1200 case PAM_TEXT_INFO: 1251 case PAM_TEXT_INFO:
1201 len = strlen(PAM_MSG_MEMBER(msg, i, msg)); 1252 len = strlen(PAM_MSG_MEMBER(msg, i, msg));
1202 if (len > 0) { 1253 if (len > 0) {
1203 buffer_append(&loginmsg, 1254 if ((r = sshbuf_putf(loginmsg, "%s\n",
1204 PAM_MSG_MEMBER(msg, i, msg), len); 1255 PAM_MSG_MEMBER(msg, i, msg))) != 0)
1205 buffer_append(&loginmsg, "\n", 1); 1256 fatal("%s: buffer error: %s",
1257 __func__, ssh_err(r));
1206 } 1258 }
1207 if ((reply[i].resp = strdup("")) == NULL) 1259 if ((reply[i].resp = strdup("")) == NULL)
1208 goto fail; 1260 goto fail;
diff --git a/auth-passwd.c b/auth-passwd.c
index 6097fdd24..65f525184 100644
--- a/auth-passwd.c
+++ b/auth-passwd.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: auth-passwd.c,v 1.46 2018/03/03 03:15:51 djm Exp $ */ 1/* $OpenBSD: auth-passwd.c,v 1.47 2018/07/09 21:26:02 markus Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -46,16 +46,17 @@
46#include <stdarg.h> 46#include <stdarg.h>
47 47
48#include "packet.h" 48#include "packet.h"
49#include "buffer.h" 49#include "sshbuf.h"
50#include "ssherr.h"
50#include "log.h" 51#include "log.h"
51#include "misc.h" 52#include "misc.h"
52#include "servconf.h" 53#include "servconf.h"
53#include "key.h" 54#include "sshkey.h"
54#include "hostfile.h" 55#include "hostfile.h"
55#include "auth.h" 56#include "auth.h"
56#include "auth-options.h" 57#include "auth-options.h"
57 58
58extern Buffer loginmsg; 59extern struct sshbuf *loginmsg;
59extern ServerOptions options; 60extern ServerOptions options;
60 61
61#ifdef HAVE_LOGIN_CAP 62#ifdef HAVE_LOGIN_CAP
@@ -131,7 +132,7 @@ auth_password(struct ssh *ssh, const char *password)
131static void 132static void
132warn_expiry(Authctxt *authctxt, auth_session_t *as) 133warn_expiry(Authctxt *authctxt, auth_session_t *as)
133{ 134{
134 char buf[256]; 135 int r;
135 quad_t pwtimeleft, actimeleft, daysleft, pwwarntime, acwarntime; 136 quad_t pwtimeleft, actimeleft, daysleft, pwwarntime, acwarntime;
136 137
137 pwwarntime = acwarntime = TWO_WEEKS; 138 pwwarntime = acwarntime = TWO_WEEKS;
@@ -148,17 +149,17 @@ warn_expiry(Authctxt *authctxt, auth_session_t *as)
148#endif 149#endif
149 if (pwtimeleft != 0 && pwtimeleft < pwwarntime) { 150 if (pwtimeleft != 0 && pwtimeleft < pwwarntime) {
150 daysleft = pwtimeleft / DAY + 1; 151 daysleft = pwtimeleft / DAY + 1;
151 snprintf(buf, sizeof(buf), 152 if ((r = sshbuf_putf(loginmsg,
152 "Your password will expire in %lld day%s.\n", 153 "Your password will expire in %lld day%s.\n",
153 daysleft, daysleft == 1 ? "" : "s"); 154 daysleft, daysleft == 1 ? "" : "s")) != 0)
154 buffer_append(&loginmsg, buf, strlen(buf)); 155 fatal("%s: buffer error: %s", __func__, ssh_err(r));
155 } 156 }
156 if (actimeleft != 0 && actimeleft < acwarntime) { 157 if (actimeleft != 0 && actimeleft < acwarntime) {
157 daysleft = actimeleft / DAY + 1; 158 daysleft = actimeleft / DAY + 1;
158 snprintf(buf, sizeof(buf), 159 if ((r = sshbuf_putf(loginmsg,
159 "Your account will expire in %lld day%s.\n", 160 "Your account will expire in %lld day%s.\n",
160 daysleft, daysleft == 1 ? "" : "s"); 161 daysleft, daysleft == 1 ? "" : "s")) != 0)
161 buffer_append(&loginmsg, buf, strlen(buf)); 162 fatal("%s: buffer error: %s", __func__, ssh_err(r));
162 } 163 }
163} 164}
164 165
diff --git a/auth-rhosts.c b/auth-rhosts.c
index 4dccd5e6a..546aa0495 100644
--- a/auth-rhosts.c
+++ b/auth-rhosts.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: auth-rhosts.c,v 1.48 2016/08/13 17:47:41 markus Exp $ */ 1/* $OpenBSD: auth-rhosts.c,v 1.49 2018/07/09 21:35:50 markus Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -34,8 +34,8 @@
34#include "pathnames.h" 34#include "pathnames.h"
35#include "log.h" 35#include "log.h"
36#include "misc.h" 36#include "misc.h"
37#include "buffer.h" /* XXX */ 37#include "sshbuf.h"
38#include "key.h" /* XXX */ 38#include "sshkey.h"
39#include "servconf.h" 39#include "servconf.h"
40#include "canohost.h" 40#include "canohost.h"
41#include "sshkey.h" 41#include "sshkey.h"
diff --git a/auth-shadow.c b/auth-shadow.c
index 219091677..c77ee8da9 100644
--- a/auth-shadow.c
+++ b/auth-shadow.c
@@ -30,10 +30,10 @@
30#include <string.h> 30#include <string.h>
31#include <time.h> 31#include <time.h>
32 32
33#include "key.h"
34#include "hostfile.h" 33#include "hostfile.h"
35#include "auth.h" 34#include "auth.h"
36#include "buffer.h" 35#include "sshbuf.h"
36#include "ssherr.h"
37#include "log.h" 37#include "log.h"
38 38
39#ifdef DAY 39#ifdef DAY
@@ -41,7 +41,7 @@
41#endif 41#endif
42#define DAY (24L * 60 * 60) /* 1 day in seconds */ 42#define DAY (24L * 60 * 60) /* 1 day in seconds */
43 43
44extern Buffer loginmsg; 44extern struct sshbuf *loginmsg;
45 45
46/* 46/*
47 * For the account and password expiration functions, we assume the expiry 47 * For the account and password expiration functions, we assume the expiry
@@ -57,7 +57,7 @@ auth_shadow_acctexpired(struct spwd *spw)
57{ 57{
58 time_t today; 58 time_t today;
59 int daysleft; 59 int daysleft;
60 char buf[256]; 60 int r;
61 61
62 today = time(NULL) / DAY; 62 today = time(NULL) / DAY;
63 daysleft = spw->sp_expire - today; 63 daysleft = spw->sp_expire - today;
@@ -71,10 +71,10 @@ auth_shadow_acctexpired(struct spwd *spw)
71 return 1; 71 return 1;
72 } else if (daysleft <= spw->sp_warn) { 72 } else if (daysleft <= spw->sp_warn) {
73 debug3("account will expire in %d days", daysleft); 73 debug3("account will expire in %d days", daysleft);
74 snprintf(buf, sizeof(buf), 74 if ((r = sshbuf_putf(loginmsg,
75 "Your account will expire in %d day%s.\n", daysleft, 75 "Your account will expire in %d day%s.\n", daysleft,
76 daysleft == 1 ? "" : "s"); 76 daysleft == 1 ? "" : "s")) != 0)
77 buffer_append(&loginmsg, buf, strlen(buf)); 77 fatal("%s: buffer error: %s", __func__, ssh_err(r));
78 } 78 }
79 79
80 return 0; 80 return 0;
@@ -89,9 +89,8 @@ auth_shadow_pwexpired(Authctxt *ctxt)
89{ 89{
90 struct spwd *spw = NULL; 90 struct spwd *spw = NULL;
91 const char *user = ctxt->pw->pw_name; 91 const char *user = ctxt->pw->pw_name;
92 char buf[256];
93 time_t today; 92 time_t today;
94 int daysleft, disabled = 0; 93 int r, daysleft, disabled = 0;
95 94
96 if ((spw = getspnam((char *)user)) == NULL) { 95 if ((spw = getspnam((char *)user)) == NULL) {
97 error("Could not get shadow information for %.100s", user); 96 error("Could not get shadow information for %.100s", user);
@@ -131,10 +130,10 @@ auth_shadow_pwexpired(Authctxt *ctxt)
131 return 1; 130 return 1;
132 } else if (daysleft <= spw->sp_warn) { 131 } else if (daysleft <= spw->sp_warn) {
133 debug3("password will expire in %d days", daysleft); 132 debug3("password will expire in %d days", daysleft);
134 snprintf(buf, sizeof(buf), 133 if ((r = sshbuf_putf(loginmsg,
135 "Your password will expire in %d day%s.\n", daysleft, 134 "Your password will expire in %d day%s.\n", daysleft,
136 daysleft == 1 ? "" : "s"); 135 daysleft == 1 ? "" : "s")) != 0)
137 buffer_append(&loginmsg, buf, strlen(buf)); 136 fatal("%s: buffer error: %s", __func__, ssh_err(r));
138 } 137 }
139 138
140 return 0; 139 return 0;
diff --git a/auth-sia.c b/auth-sia.c
index 7c97f03e5..ebe9d8d12 100644
--- a/auth-sia.c
+++ b/auth-sia.c
@@ -37,7 +37,6 @@
37 37
38#include "ssh.h" 38#include "ssh.h"
39#include "ssh_api.h" 39#include "ssh_api.h"
40#include "key.h"
41#include "hostfile.h" 40#include "hostfile.h"
42#include "auth.h" 41#include "auth.h"
43#include "auth-sia.h" 42#include "auth-sia.h"
diff --git a/auth-skey.c b/auth-skey.c
index 3536ec8fa..b347527f6 100644
--- a/auth-skey.c
+++ b/auth-skey.c
@@ -35,7 +35,6 @@
35#include <skey.h> 35#include <skey.h>
36 36
37#include "xmalloc.h" 37#include "xmalloc.h"
38#include "key.h"
39#include "hostfile.h" 38#include "hostfile.h"
40#include "auth.h" 39#include "auth.h"
41#include "ssh-gss.h" 40#include "ssh-gss.h"
diff --git a/auth.c b/auth.c
index 68b9fe795..ad25631a5 100644
--- a/auth.c
+++ b/auth.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: auth.c,v 1.127 2018/03/12 00:52:01 djm Exp $ */ 1/* $OpenBSD: auth.c,v 1.132 2018/07/11 08:19:35 martijn Exp $ */
2/* 2/*
3 * Copyright (c) 2000 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000 Markus Friedl. All rights reserved.
4 * 4 *
@@ -55,10 +55,10 @@
55#include "match.h" 55#include "match.h"
56#include "groupaccess.h" 56#include "groupaccess.h"
57#include "log.h" 57#include "log.h"
58#include "buffer.h" 58#include "sshbuf.h"
59#include "misc.h" 59#include "misc.h"
60#include "servconf.h" 60#include "servconf.h"
61#include "key.h" 61#include "sshkey.h"
62#include "hostfile.h" 62#include "hostfile.h"
63#include "auth.h" 63#include "auth.h"
64#include "auth-options.h" 64#include "auth-options.h"
@@ -79,13 +79,12 @@
79/* import */ 79/* import */
80extern ServerOptions options; 80extern ServerOptions options;
81extern int use_privsep; 81extern int use_privsep;
82extern Buffer loginmsg; 82extern struct sshbuf *loginmsg;
83extern struct passwd *privsep_pw; 83extern struct passwd *privsep_pw;
84extern struct sshauthopt *auth_opts; 84extern struct sshauthopt *auth_opts;
85 85
86/* Debugging messages */ 86/* Debugging messages */
87Buffer auth_debug; 87static struct sshbuf *auth_debug;
88int auth_debug_init;
89 88
90/* 89/*
91 * Check if the user is allowed to log in via ssh. If user is listed 90 * Check if the user is allowed to log in via ssh. If user is listed
@@ -281,7 +280,7 @@ format_method_key(Authctxt *authctxt)
281 if (key == NULL) 280 if (key == NULL)
282 return NULL; 281 return NULL;
283 282
284 if (key_is_cert(key)) { 283 if (sshkey_is_cert(key)) {
285 fp = sshkey_fingerprint(key->cert->signature_key, 284 fp = sshkey_fingerprint(key->cert->signature_key,
286 options.fingerprint_hash, SSH_FP_DEFAULT); 285 options.fingerprint_hash, SSH_FP_DEFAULT);
287 xasprintf(&ret, "%s ID %s (serial %llu) CA %s %s%s%s", 286 xasprintf(&ret, "%s ID %s (serial %llu) CA %s %s%s%s",
@@ -423,11 +422,13 @@ auth_root_allowed(struct ssh *ssh, const char *method)
423char * 422char *
424expand_authorized_keys(const char *filename, struct passwd *pw) 423expand_authorized_keys(const char *filename, struct passwd *pw)
425{ 424{
426 char *file, ret[PATH_MAX]; 425 char *file, uidstr[32], ret[PATH_MAX];
427 int i; 426 int i;
428 427
428 snprintf(uidstr, sizeof(uidstr), "%llu",
429 (unsigned long long)pw->pw_uid);
429 file = percent_expand(filename, "h", pw->pw_dir, 430 file = percent_expand(filename, "h", pw->pw_dir,
430 "u", pw->pw_name, (char *)NULL); 431 "u", pw->pw_name, "U", uidstr, (char *)NULL);
431 432
432 /* 433 /*
433 * Ensure that filename starts anchored. If not, be backward 434 * Ensure that filename starts anchored. If not, be backward
@@ -670,26 +671,32 @@ auth_debug_add(const char *fmt,...)
670{ 671{
671 char buf[1024]; 672 char buf[1024];
672 va_list args; 673 va_list args;
674 int r;
673 675
674 if (!auth_debug_init) 676 if (auth_debug == NULL)
675 return; 677 return;
676 678
677 va_start(args, fmt); 679 va_start(args, fmt);
678 vsnprintf(buf, sizeof(buf), fmt, args); 680 vsnprintf(buf, sizeof(buf), fmt, args);
679 va_end(args); 681 va_end(args);
680 buffer_put_cstring(&auth_debug, buf); 682 if ((r = sshbuf_put_cstring(auth_debug, buf)) != 0)
683 fatal("%s: sshbuf_put_cstring: %s", __func__, ssh_err(r));
681} 684}
682 685
683void 686void
684auth_debug_send(void) 687auth_debug_send(void)
685{ 688{
689 struct ssh *ssh = active_state; /* XXX */
686 char *msg; 690 char *msg;
691 int r;
687 692
688 if (!auth_debug_init) 693 if (auth_debug == NULL)
689 return; 694 return;
690 while (buffer_len(&auth_debug)) { 695 while (sshbuf_len(auth_debug) != 0) {
691 msg = buffer_get_string(&auth_debug, NULL); 696 if ((r = sshbuf_get_cstring(auth_debug, &msg, NULL)) != 0)
692 packet_send_debug("%s", msg); 697 fatal("%s: sshbuf_get_cstring: %s",
698 __func__, ssh_err(r));
699 ssh_packet_send_debug(ssh, "%s", msg);
693 free(msg); 700 free(msg);
694 } 701 }
695} 702}
@@ -697,12 +704,10 @@ auth_debug_send(void)
697void 704void
698auth_debug_reset(void) 705auth_debug_reset(void)
699{ 706{
700 if (auth_debug_init) 707 if (auth_debug != NULL)
701 buffer_clear(&auth_debug); 708 sshbuf_reset(auth_debug);
702 else { 709 else if ((auth_debug = sshbuf_new()) == NULL)
703 buffer_init(&auth_debug); 710 fatal("%s: sshbuf_new failed", __func__);
704 auth_debug_init = 1;
705 }
706} 711}
707 712
708struct passwd * 713struct passwd *
@@ -750,7 +755,7 @@ auth_get_canonical_hostname(struct ssh *ssh, int use_dns)
750} 755}
751 756
752/* 757/*
753 * Runs command in a subprocess wuth a minimal environment. 758 * Runs command in a subprocess with a minimal environment.
754 * Returns pid on success, 0 on failure. 759 * Returns pid on success, 0 on failure.
755 * The child stdout and stderr maybe captured, left attached or sent to 760 * The child stdout and stderr maybe captured, left attached or sent to
756 * /dev/null depending on the contents of flags. 761 * /dev/null depending on the contents of flags.
@@ -910,17 +915,20 @@ auth_log_authopts(const char *loc, const struct sshauthopt *opts, int do_remote)
910 int do_env = options.permit_user_env && opts->nenv > 0; 915 int do_env = options.permit_user_env && opts->nenv > 0;
911 int do_permitopen = opts->npermitopen > 0 && 916 int do_permitopen = opts->npermitopen > 0 &&
912 (options.allow_tcp_forwarding & FORWARD_LOCAL) != 0; 917 (options.allow_tcp_forwarding & FORWARD_LOCAL) != 0;
918 int do_permitlisten = opts->npermitlisten > 0 &&
919 (options.allow_tcp_forwarding & FORWARD_REMOTE) != 0;
913 size_t i; 920 size_t i;
914 char msg[1024], buf[64]; 921 char msg[1024], buf[64];
915 922
916 snprintf(buf, sizeof(buf), "%d", opts->force_tun_device); 923 snprintf(buf, sizeof(buf), "%d", opts->force_tun_device);
917 /* Try to keep this alphabetically sorted */ 924 /* Try to keep this alphabetically sorted */
918 snprintf(msg, sizeof(msg), "key options:%s%s%s%s%s%s%s%s%s%s%s%s", 925 snprintf(msg, sizeof(msg), "key options:%s%s%s%s%s%s%s%s%s%s%s%s%s",
919 opts->permit_agent_forwarding_flag ? " agent-forwarding" : "", 926 opts->permit_agent_forwarding_flag ? " agent-forwarding" : "",
920 opts->force_command == NULL ? "" : " command", 927 opts->force_command == NULL ? "" : " command",
921 do_env ? " environment" : "", 928 do_env ? " environment" : "",
922 opts->valid_before == 0 ? "" : "expires", 929 opts->valid_before == 0 ? "" : "expires",
923 do_permitopen ? " permitopen" : "", 930 do_permitopen ? " permitopen" : "",
931 do_permitlisten ? " permitlisten" : "",
924 opts->permit_port_forwarding_flag ? " port-forwarding" : "", 932 opts->permit_port_forwarding_flag ? " port-forwarding" : "",
925 opts->cert_principals == NULL ? "" : " principals", 933 opts->cert_principals == NULL ? "" : " principals",
926 opts->permit_pty_flag ? " pty" : "", 934 opts->permit_pty_flag ? " pty" : "",
@@ -954,12 +962,18 @@ auth_log_authopts(const char *loc, const struct sshauthopt *opts, int do_remote)
954 } 962 }
955 if (opts->force_command != NULL) 963 if (opts->force_command != NULL)
956 debug("%s: forced command: \"%s\"", loc, opts->force_command); 964 debug("%s: forced command: \"%s\"", loc, opts->force_command);
957 if ((options.allow_tcp_forwarding & FORWARD_LOCAL) != 0) { 965 if (do_permitopen) {
958 for (i = 0; i < opts->npermitopen; i++) { 966 for (i = 0; i < opts->npermitopen; i++) {
959 debug("%s: permitted open: %s", 967 debug("%s: permitted open: %s",
960 loc, opts->permitopen[i]); 968 loc, opts->permitopen[i]);
961 } 969 }
962 } 970 }
971 if (do_permitlisten) {
972 for (i = 0; i < opts->npermitlisten; i++) {
973 debug("%s: permitted listen: %s",
974 loc, opts->permitlisten[i]);
975 }
976 }
963} 977}
964 978
965/* Activate a new set of key/cert options; merging with what is there. */ 979/* Activate a new set of key/cert options; merging with what is there. */
@@ -987,6 +1001,7 @@ auth_restrict_session(struct ssh *ssh)
987 1001
988 /* A blank sshauthopt defaults to permitting nothing */ 1002 /* A blank sshauthopt defaults to permitting nothing */
989 restricted = sshauthopt_new(); 1003 restricted = sshauthopt_new();
1004 restricted->permit_pty_flag = 1;
990 restricted->restricted = 1; 1005 restricted->restricted = 1;
991 1006
992 if (auth_activate_options(ssh, restricted) != 0) 1007 if (auth_activate_options(ssh, restricted) != 0)
diff --git a/auth.h b/auth.h
index 15ba7073e..90802a5eb 100644
--- a/auth.h
+++ b/auth.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: auth.h,v 1.95 2018/03/03 03:15:51 djm Exp $ */ 1/* $OpenBSD: auth.h,v 1.96 2018/04/10 00:10:49 djm Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2000 Markus Friedl. All rights reserved. 4 * Copyright (c) 2000 Markus Friedl. All rights reserved.
@@ -90,7 +90,7 @@ struct Authctxt {
90 struct sshkey **prev_keys; 90 struct sshkey **prev_keys;
91 u_int nprev_keys; 91 u_int nprev_keys;
92 92
93 /* Last used key and ancilliary information from active auth method */ 93 /* Last used key and ancillary information from active auth method */
94 struct sshkey *auth_method_key; 94 struct sshkey *auth_method_key;
95 char *auth_method_info; 95 char *auth_method_info;
96 96
@@ -188,8 +188,6 @@ int auth2_challenge(struct ssh *, char *);
188void auth2_challenge_stop(struct ssh *); 188void auth2_challenge_stop(struct ssh *);
189int bsdauth_query(void *, char **, char **, u_int *, char ***, u_int **); 189int bsdauth_query(void *, char **, char **, u_int *, char ***, u_int **);
190int bsdauth_respond(void *, u_int, char **); 190int bsdauth_respond(void *, u_int, char **);
191int skey_query(void *, char **, char **, u_int *, char ***, u_int **);
192int skey_respond(void *, u_int, char **);
193 191
194int allowed_user(struct passwd *); 192int allowed_user(struct passwd *);
195struct passwd * getpwnamallow(const char *user); 193struct passwd * getpwnamallow(const char *user);
@@ -240,8 +238,6 @@ pid_t subprocess(const char *, struct passwd *,
240 238
241int sys_auth_passwd(struct ssh *, const char *); 239int sys_auth_passwd(struct ssh *, const char *);
242 240
243#define SKEY_PROMPT "\nS/Key Password: "
244
245#if defined(KRB5) && !defined(HEIMDAL) 241#if defined(KRB5) && !defined(HEIMDAL)
246#include <krb5.h> 242#include <krb5.h>
247krb5_error_code ssh_krb5_cc_gen(krb5_context, krb5_ccache *); 243krb5_error_code ssh_krb5_cc_gen(krb5_context, krb5_ccache *);
diff --git a/auth2-chall.c b/auth2-chall.c
index 11c8d31b3..2d5cff448 100644
--- a/auth2-chall.c
+++ b/auth2-chall.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: auth2-chall.c,v 1.48 2017/05/30 14:29:59 markus Exp $ */ 1/* $OpenBSD: auth2-chall.c,v 1.50 2018/07/11 18:55:11 markus Exp $ */
2/* 2/*
3 * Copyright (c) 2001 Markus Friedl. All rights reserved. 3 * Copyright (c) 2001 Markus Friedl. All rights reserved.
4 * Copyright (c) 2001 Per Allansson. All rights reserved. 4 * Copyright (c) 2001 Per Allansson. All rights reserved.
@@ -34,12 +34,13 @@
34 34
35#include "xmalloc.h" 35#include "xmalloc.h"
36#include "ssh2.h" 36#include "ssh2.h"
37#include "key.h" 37#include "sshkey.h"
38#include "hostfile.h" 38#include "hostfile.h"
39#include "auth.h" 39#include "auth.h"
40#include "buffer.h" 40#include "sshbuf.h"
41#include "packet.h" 41#include "packet.h"
42#include "dispatch.h" 42#include "dispatch.h"
43#include "ssherr.h"
43#include "log.h" 44#include "log.h"
44#include "misc.h" 45#include "misc.h"
45#include "servconf.h" 46#include "servconf.h"
@@ -48,7 +49,7 @@
48extern ServerOptions options; 49extern ServerOptions options;
49 50
50static int auth2_challenge_start(struct ssh *); 51static int auth2_challenge_start(struct ssh *);
51static int send_userauth_info_request(Authctxt *); 52static int send_userauth_info_request(struct ssh *);
52static int input_userauth_info_response(int, u_int32_t, struct ssh *); 53static int input_userauth_info_response(int, u_int32_t, struct ssh *);
53 54
54#ifdef BSD_AUTH 55#ifdef BSD_AUTH
@@ -57,9 +58,6 @@ extern KbdintDevice bsdauth_device;
57#ifdef USE_PAM 58#ifdef USE_PAM
58extern KbdintDevice sshpam_device; 59extern KbdintDevice sshpam_device;
59#endif 60#endif
60#ifdef SKEY
61extern KbdintDevice skey_device;
62#endif
63#endif 61#endif
64 62
65KbdintDevice *devices[] = { 63KbdintDevice *devices[] = {
@@ -69,9 +67,6 @@ KbdintDevice *devices[] = {
69#ifdef USE_PAM 67#ifdef USE_PAM
70 &sshpam_device, 68 &sshpam_device,
71#endif 69#endif
72#ifdef SKEY
73 &skey_device,
74#endif
75#endif 70#endif
76 NULL 71 NULL
77}; 72};
@@ -105,8 +100,8 @@ static KbdintAuthctxt *
105kbdint_alloc(const char *devs) 100kbdint_alloc(const char *devs)
106{ 101{
107 KbdintAuthctxt *kbdintctxt; 102 KbdintAuthctxt *kbdintctxt;
108 Buffer b; 103 struct sshbuf *b;
109 int i; 104 int i, r;
110 105
111#ifdef USE_PAM 106#ifdef USE_PAM
112 if (!options.use_pam) 107 if (!options.use_pam)
@@ -115,16 +110,17 @@ kbdint_alloc(const char *devs)
115 110
116 kbdintctxt = xcalloc(1, sizeof(KbdintAuthctxt)); 111 kbdintctxt = xcalloc(1, sizeof(KbdintAuthctxt));
117 if (strcmp(devs, "") == 0) { 112 if (strcmp(devs, "") == 0) {
118 buffer_init(&b); 113 if ((b = sshbuf_new()) == NULL)
114 fatal("%s: sshbuf_new failed", __func__);
119 for (i = 0; devices[i]; i++) { 115 for (i = 0; devices[i]; i++) {
120 if (buffer_len(&b) > 0) 116 if ((r = sshbuf_putf(b, "%s%s",
121 buffer_append(&b, ",", 1); 117 sshbuf_len(b) ? "," : "", devices[i]->name)) != 0)
122 buffer_append(&b, devices[i]->name, 118 fatal("%s: buffer error: %s",
123 strlen(devices[i]->name)); 119 __func__, ssh_err(r));
124 } 120 }
125 if ((kbdintctxt->devices = sshbuf_dup_string(&b)) == NULL) 121 if ((kbdintctxt->devices = sshbuf_dup_string(b)) == NULL)
126 fatal("%s: sshbuf_dup_string failed", __func__); 122 fatal("%s: sshbuf_dup_string failed", __func__);
127 buffer_free(&b); 123 sshbuf_free(b);
128 } else { 124 } else {
129 kbdintctxt->devices = xstrdup(devs); 125 kbdintctxt->devices = xstrdup(devs);
130 } 126 }
@@ -243,7 +239,7 @@ auth2_challenge_start(struct ssh *ssh)
243 auth2_challenge_stop(ssh); 239 auth2_challenge_stop(ssh);
244 return 0; 240 return 0;
245 } 241 }
246 if (send_userauth_info_request(authctxt) == 0) { 242 if (send_userauth_info_request(ssh) == 0) {
247 auth2_challenge_stop(ssh); 243 auth2_challenge_stop(ssh);
248 return 0; 244 return 0;
249 } 245 }
@@ -255,28 +251,32 @@ auth2_challenge_start(struct ssh *ssh)
255} 251}
256 252
257static int 253static int
258send_userauth_info_request(Authctxt *authctxt) 254send_userauth_info_request(struct ssh *ssh)
259{ 255{
256 Authctxt *authctxt = ssh->authctxt;
260 KbdintAuthctxt *kbdintctxt; 257 KbdintAuthctxt *kbdintctxt;
261 char *name, *instr, **prompts; 258 char *name, *instr, **prompts;
262 u_int i, *echo_on; 259 u_int r, i, *echo_on;
263 260
264 kbdintctxt = authctxt->kbdintctxt; 261 kbdintctxt = authctxt->kbdintctxt;
265 if (kbdintctxt->device->query(kbdintctxt->ctxt, 262 if (kbdintctxt->device->query(kbdintctxt->ctxt,
266 &name, &instr, &kbdintctxt->nreq, &prompts, &echo_on)) 263 &name, &instr, &kbdintctxt->nreq, &prompts, &echo_on))
267 return 0; 264 return 0;
268 265
269 packet_start(SSH2_MSG_USERAUTH_INFO_REQUEST); 266 if ((r = sshpkt_start(ssh, SSH2_MSG_USERAUTH_INFO_REQUEST)) != 0 ||
270 packet_put_cstring(name); 267 (r = sshpkt_put_cstring(ssh, name)) != 0 ||
271 packet_put_cstring(instr); 268 (r = sshpkt_put_cstring(ssh, instr)) != 0 ||
272 packet_put_cstring(""); /* language not used */ 269 (r = sshpkt_put_cstring(ssh, "")) != 0 || /* language not used */
273 packet_put_int(kbdintctxt->nreq); 270 (r = sshpkt_put_u32(ssh, kbdintctxt->nreq)) != 0)
271 fatal("%s: %s", __func__, ssh_err(r));
274 for (i = 0; i < kbdintctxt->nreq; i++) { 272 for (i = 0; i < kbdintctxt->nreq; i++) {
275 packet_put_cstring(prompts[i]); 273 if ((r = sshpkt_put_cstring(ssh, prompts[i])) != 0 ||
276 packet_put_char(echo_on[i]); 274 (r = sshpkt_put_u8(ssh, echo_on[i])) != 0)
275 fatal("%s: %s", __func__, ssh_err(r));
277 } 276 }
278 packet_send(); 277 if ((r = sshpkt_send(ssh)) != 0 ||
279 packet_write_wait(); 278 (r = ssh_packet_write_wait(ssh)) != 0)
279 fatal("%s: %s", __func__, ssh_err(r));
280 280
281 for (i = 0; i < kbdintctxt->nreq; i++) 281 for (i = 0; i < kbdintctxt->nreq; i++)
282 free(prompts[i]); 282 free(prompts[i]);
@@ -293,6 +293,7 @@ input_userauth_info_response(int type, u_int32_t seq, struct ssh *ssh)
293 Authctxt *authctxt = ssh->authctxt; 293 Authctxt *authctxt = ssh->authctxt;
294 KbdintAuthctxt *kbdintctxt; 294 KbdintAuthctxt *kbdintctxt;
295 int authenticated = 0, res; 295 int authenticated = 0, res;
296 int r;
296 u_int i, nresp; 297 u_int i, nresp;
297 const char *devicename = NULL; 298 const char *devicename = NULL;
298 char **response = NULL; 299 char **response = NULL;
@@ -306,7 +307,8 @@ input_userauth_info_response(int type, u_int32_t seq, struct ssh *ssh)
306 fatal("input_userauth_info_response: no device"); 307 fatal("input_userauth_info_response: no device");
307 308
308 authctxt->postponed = 0; /* reset */ 309 authctxt->postponed = 0; /* reset */
309 nresp = packet_get_int(); 310 if ((r = sshpkt_get_u32(ssh, &nresp)) != 0)
311 fatal("%s: %s", __func__, ssh_err(r));
310 if (nresp != kbdintctxt->nreq) 312 if (nresp != kbdintctxt->nreq)
311 fatal("input_userauth_info_response: wrong number of replies"); 313 fatal("input_userauth_info_response: wrong number of replies");
312 if (nresp > 100) 314 if (nresp > 100)
@@ -314,9 +316,12 @@ input_userauth_info_response(int type, u_int32_t seq, struct ssh *ssh)
314 if (nresp > 0) { 316 if (nresp > 0) {
315 response = xcalloc(nresp, sizeof(char *)); 317 response = xcalloc(nresp, sizeof(char *));
316 for (i = 0; i < nresp; i++) 318 for (i = 0; i < nresp; i++)
317 response[i] = packet_get_string(NULL); 319 if ((r = sshpkt_get_cstring(ssh, &response[i],
320 NULL)) != 0)
321 fatal("%s: %s", __func__, ssh_err(r));
318 } 322 }
319 packet_check_eom(); 323 if ((r = sshpkt_get_end(ssh)) != 0)
324 fatal("%s: %s", __func__, ssh_err(r));
320 325
321 res = kbdintctxt->device->respond(kbdintctxt->ctxt, nresp, response); 326 res = kbdintctxt->device->respond(kbdintctxt->ctxt, nresp, response);
322 327
@@ -333,7 +338,7 @@ input_userauth_info_response(int type, u_int32_t seq, struct ssh *ssh)
333 break; 338 break;
334 case 1: 339 case 1:
335 /* Authentication needs further interaction */ 340 /* Authentication needs further interaction */
336 if (send_userauth_info_request(authctxt) == 1) 341 if (send_userauth_info_request(ssh) == 1)
337 authctxt->postponed = 1; 342 authctxt->postponed = 1;
338 break; 343 break;
339 default: 344 default:
@@ -358,7 +363,7 @@ input_userauth_info_response(int type, u_int32_t seq, struct ssh *ssh)
358void 363void
359privsep_challenge_enable(void) 364privsep_challenge_enable(void)
360{ 365{
361#if defined(BSD_AUTH) || defined(USE_PAM) || defined(SKEY) 366#if defined(BSD_AUTH) || defined(USE_PAM)
362 int n = 0; 367 int n = 0;
363#endif 368#endif
364#ifdef BSD_AUTH 369#ifdef BSD_AUTH
@@ -367,9 +372,6 @@ privsep_challenge_enable(void)
367#ifdef USE_PAM 372#ifdef USE_PAM
368 extern KbdintDevice mm_sshpam_device; 373 extern KbdintDevice mm_sshpam_device;
369#endif 374#endif
370#ifdef SKEY
371 extern KbdintDevice mm_skey_device;
372#endif
373 375
374#ifdef BSD_AUTH 376#ifdef BSD_AUTH
375 devices[n++] = &mm_bsdauth_device; 377 devices[n++] = &mm_bsdauth_device;
@@ -377,8 +379,5 @@ privsep_challenge_enable(void)
377#ifdef USE_PAM 379#ifdef USE_PAM
378 devices[n++] = &mm_sshpam_device; 380 devices[n++] = &mm_sshpam_device;
379#endif 381#endif
380#ifdef SKEY
381 devices[n++] = &mm_skey_device;
382#endif
383#endif 382#endif
384} 383}
diff --git a/auth2-gss.c b/auth2-gss.c
index 88bc3ae7b..1f12bb113 100644
--- a/auth2-gss.c
+++ b/auth2-gss.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: auth2-gss.c,v 1.26 2017/06/24 06:34:38 djm Exp $ */ 1/* $OpenBSD: auth2-gss.c,v 1.29 2018/07/31 03:10:27 djm Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2001-2007 Simon Wilkinson. All rights reserved. 4 * Copyright (c) 2001-2007 Simon Wilkinson. All rights reserved.
@@ -33,13 +33,14 @@
33#include <stdarg.h> 33#include <stdarg.h>
34 34
35#include "xmalloc.h" 35#include "xmalloc.h"
36#include "key.h" 36#include "sshkey.h"
37#include "hostfile.h" 37#include "hostfile.h"
38#include "auth.h" 38#include "auth.h"
39#include "ssh2.h" 39#include "ssh2.h"
40#include "log.h" 40#include "log.h"
41#include "dispatch.h" 41#include "dispatch.h"
42#include "buffer.h" 42#include "sshbuf.h"
43#include "ssherr.h"
43#include "misc.h" 44#include "misc.h"
44#include "servconf.h" 45#include "servconf.h"
45#include "packet.h" 46#include "packet.h"
@@ -60,21 +61,26 @@ static int
60userauth_gsskeyex(struct ssh *ssh) 61userauth_gsskeyex(struct ssh *ssh)
61{ 62{
62 Authctxt *authctxt = ssh->authctxt; 63 Authctxt *authctxt = ssh->authctxt;
63 int authenticated = 0; 64 int r, authenticated = 0;
64 Buffer b; 65 struct sshbuf *b;
65 gss_buffer_desc mic, gssbuf; 66 gss_buffer_desc mic, gssbuf;
66 u_int len; 67 u_char *p;
67 68 size_t len;
68 mic.value = packet_get_string(&len); 69
70 if ((r = sshpkt_get_string(ssh, &p, &len)) != 0 ||
71 (r = sshpkt_get_end(ssh)) != 0)
72 fatal("%s: %s", __func__, ssh_err(r));
73 if ((b = sshbuf_new()) == NULL)
74 fatal("%s: sshbuf_new failed", __func__);
75 mic.value = p;
69 mic.length = len; 76 mic.length = len;
70 77
71 packet_check_eom(); 78 ssh_gssapi_buildmic(b, authctxt->user, authctxt->service,
72
73 ssh_gssapi_buildmic(&b, authctxt->user, authctxt->service,
74 "gssapi-keyex"); 79 "gssapi-keyex");
75 80
76 gssbuf.value = buffer_ptr(&b); 81 if ((gssbuf.value = sshbuf_mutable_ptr(b)) == NULL)
77 gssbuf.length = buffer_len(&b); 82 fatal("%s: sshbuf_mutable_ptr failed", __func__);
83 gssbuf.length = sshbuf_len(b);
78 84
79 /* gss_kex_context is NULL with privsep, so we can't check it here */ 85 /* gss_kex_context is NULL with privsep, so we can't check it here */
80 if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gss_kex_context, 86 if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gss_kex_context,
@@ -82,7 +88,7 @@ userauth_gsskeyex(struct ssh *ssh)
82 authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user, 88 authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user,
83 authctxt->pw)); 89 authctxt->pw));
84 90
85 buffer_free(&b); 91 sshbuf_free(b);
86 free(mic.value); 92 free(mic.value);
87 93
88 return (authenticated); 94 return (authenticated);
@@ -98,13 +104,15 @@ userauth_gssapi(struct ssh *ssh)
98 Authctxt *authctxt = ssh->authctxt; 104 Authctxt *authctxt = ssh->authctxt;
99 gss_OID_desc goid = {0, NULL}; 105 gss_OID_desc goid = {0, NULL};
100 Gssctxt *ctxt = NULL; 106 Gssctxt *ctxt = NULL;
101 int mechs; 107 int r, present;
102 int present; 108 u_int mechs;
103 OM_uint32 ms; 109 OM_uint32 ms;
104 u_int len; 110 size_t len;
105 u_char *doid = NULL; 111 u_char *doid = NULL;
106 112
107 mechs = packet_get_int(); 113 if ((r = sshpkt_get_u32(ssh, &mechs)) != 0)
114 fatal("%s: %s", __func__, ssh_err(r));
115
108 if (mechs == 0) { 116 if (mechs == 0) {
109 debug("Mechanism negotiation is not supported"); 117 debug("Mechanism negotiation is not supported");
110 return (0); 118 return (0);
@@ -116,7 +124,8 @@ userauth_gssapi(struct ssh *ssh)
116 free(doid); 124 free(doid);
117 125
118 present = 0; 126 present = 0;
119 doid = packet_get_string(&len); 127 if ((r = sshpkt_get_string(ssh, &doid, &len)) != 0)
128 fatal("%s: %s", __func__, ssh_err(r));
120 129
121 if (len > 2 && doid[0] == SSH_GSS_OIDTYPE && 130 if (len > 2 && doid[0] == SSH_GSS_OIDTYPE &&
122 doid[1] == len - 2) { 131 doid[1] == len - 2) {
@@ -150,12 +159,12 @@ userauth_gssapi(struct ssh *ssh)
150 159
151 authctxt->methoddata = (void *)ctxt; 160 authctxt->methoddata = (void *)ctxt;
152 161
153 packet_start(SSH2_MSG_USERAUTH_GSSAPI_RESPONSE);
154
155 /* Return the OID that we received */ 162 /* Return the OID that we received */
156 packet_put_string(doid, len); 163 if ((r = sshpkt_start(ssh, SSH2_MSG_USERAUTH_GSSAPI_RESPONSE)) != 0 ||
164 (r = sshpkt_put_string(ssh, doid, len)) != 0 ||
165 (r = sshpkt_send(ssh)) != 0)
166 fatal("%s: %s", __func__, ssh_err(r));
157 167
158 packet_send();
159 free(doid); 168 free(doid);
160 169
161 ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_TOKEN, &input_gssapi_token); 170 ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_TOKEN, &input_gssapi_token);
@@ -173,36 +182,45 @@ input_gssapi_token(int type, u_int32_t plen, struct ssh *ssh)
173 gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER; 182 gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER;
174 gss_buffer_desc recv_tok; 183 gss_buffer_desc recv_tok;
175 OM_uint32 maj_status, min_status, flags; 184 OM_uint32 maj_status, min_status, flags;
176 u_int len; 185 u_char *p;
186 size_t len;
187 int r;
177 188
178 if (authctxt == NULL || (authctxt->methoddata == NULL && !use_privsep)) 189 if (authctxt == NULL || (authctxt->methoddata == NULL && !use_privsep))
179 fatal("No authentication or GSSAPI context"); 190 fatal("No authentication or GSSAPI context");
180 191
181 gssctxt = authctxt->methoddata; 192 gssctxt = authctxt->methoddata;
182 recv_tok.value = packet_get_string(&len); 193 if ((r = sshpkt_get_string(ssh, &p, &len)) != 0 ||
183 recv_tok.length = len; /* u_int vs. size_t */ 194 (r = sshpkt_get_end(ssh)) != 0)
184 195 fatal("%s: %s", __func__, ssh_err(r));
185 packet_check_eom();
186 196
197 recv_tok.value = p;
198 recv_tok.length = len;
187 maj_status = PRIVSEP(ssh_gssapi_accept_ctx(gssctxt, &recv_tok, 199 maj_status = PRIVSEP(ssh_gssapi_accept_ctx(gssctxt, &recv_tok,
188 &send_tok, &flags)); 200 &send_tok, &flags));
189 201
190 free(recv_tok.value); 202 free(p);
191 203
192 if (GSS_ERROR(maj_status)) { 204 if (GSS_ERROR(maj_status)) {
193 if (send_tok.length != 0) { 205 if (send_tok.length != 0) {
194 packet_start(SSH2_MSG_USERAUTH_GSSAPI_ERRTOK); 206 if ((r = sshpkt_start(ssh,
195 packet_put_string(send_tok.value, send_tok.length); 207 SSH2_MSG_USERAUTH_GSSAPI_ERRTOK)) != 0 ||
196 packet_send(); 208 (r = sshpkt_put_string(ssh, send_tok.value,
209 send_tok.length)) != 0 ||
210 (r = sshpkt_send(ssh)) != 0)
211 fatal("%s: %s", __func__, ssh_err(r));
197 } 212 }
198 authctxt->postponed = 0; 213 authctxt->postponed = 0;
199 ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL); 214 ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL);
200 userauth_finish(ssh, 0, "gssapi-with-mic", NULL); 215 userauth_finish(ssh, 0, "gssapi-with-mic", NULL);
201 } else { 216 } else {
202 if (send_tok.length != 0) { 217 if (send_tok.length != 0) {
203 packet_start(SSH2_MSG_USERAUTH_GSSAPI_TOKEN); 218 if ((r = sshpkt_start(ssh,
204 packet_put_string(send_tok.value, send_tok.length); 219 SSH2_MSG_USERAUTH_GSSAPI_TOKEN)) != 0 ||
205 packet_send(); 220 (r = sshpkt_put_string(ssh, send_tok.value,
221 send_tok.length)) != 0 ||
222 (r = sshpkt_send(ssh)) != 0)
223 fatal("%s: %s", __func__, ssh_err(r));
206 } 224 }
207 if (maj_status == GSS_S_COMPLETE) { 225 if (maj_status == GSS_S_COMPLETE) {
208 ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL); 226 ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL);
@@ -228,17 +246,20 @@ input_gssapi_errtok(int type, u_int32_t plen, struct ssh *ssh)
228 gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER; 246 gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER;
229 gss_buffer_desc recv_tok; 247 gss_buffer_desc recv_tok;
230 OM_uint32 maj_status; 248 OM_uint32 maj_status;
231 u_int len; 249 int r;
250 u_char *p;
251 size_t len;
232 252
233 if (authctxt == NULL || (authctxt->methoddata == NULL && !use_privsep)) 253 if (authctxt == NULL || (authctxt->methoddata == NULL && !use_privsep))
234 fatal("No authentication or GSSAPI context"); 254 fatal("No authentication or GSSAPI context");
235 255
236 gssctxt = authctxt->methoddata; 256 gssctxt = authctxt->methoddata;
237 recv_tok.value = packet_get_string(&len); 257 if ((r = sshpkt_get_string(ssh, &p, &len)) != 0 ||
258 (r = sshpkt_get_end(ssh)) != 0)
259 fatal("%s: %s", __func__, ssh_err(r));
260 recv_tok.value = p;
238 recv_tok.length = len; 261 recv_tok.length = len;
239 262
240 packet_check_eom();
241
242 /* Push the error token into GSSAPI to see what it says */ 263 /* Push the error token into GSSAPI to see what it says */
243 maj_status = PRIVSEP(ssh_gssapi_accept_ctx(gssctxt, &recv_tok, 264 maj_status = PRIVSEP(ssh_gssapi_accept_ctx(gssctxt, &recv_tok,
244 &send_tok, NULL)); 265 &send_tok, NULL));
@@ -265,7 +286,7 @@ static int
265input_gssapi_exchange_complete(int type, u_int32_t plen, struct ssh *ssh) 286input_gssapi_exchange_complete(int type, u_int32_t plen, struct ssh *ssh)
266{ 287{
267 Authctxt *authctxt = ssh->authctxt; 288 Authctxt *authctxt = ssh->authctxt;
268 int authenticated; 289 int r, authenticated;
269 const char *displayname; 290 const char *displayname;
270 291
271 if (authctxt == NULL || (authctxt->methoddata == NULL && !use_privsep)) 292 if (authctxt == NULL || (authctxt->methoddata == NULL && !use_privsep))
@@ -276,7 +297,8 @@ input_gssapi_exchange_complete(int type, u_int32_t plen, struct ssh *ssh)
276 * the dispatcher once the exchange is complete 297 * the dispatcher once the exchange is complete
277 */ 298 */
278 299
279 packet_check_eom(); 300 if ((r = sshpkt_get_end(ssh)) != 0)
301 fatal("%s: %s", __func__, ssh_err(r));
280 302
281 authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user, 303 authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user,
282 authctxt->pw)); 304 authctxt->pw));
@@ -299,25 +321,30 @@ input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh)
299{ 321{
300 Authctxt *authctxt = ssh->authctxt; 322 Authctxt *authctxt = ssh->authctxt;
301 Gssctxt *gssctxt; 323 Gssctxt *gssctxt;
302 int authenticated = 0; 324 int r, authenticated = 0;
303 Buffer b; 325 struct sshbuf *b;
304 gss_buffer_desc mic, gssbuf; 326 gss_buffer_desc mic, gssbuf;
305 u_int len;
306 const char *displayname; 327 const char *displayname;
328 u_char *p;
329 size_t len;
307 330
308 if (authctxt == NULL || (authctxt->methoddata == NULL && !use_privsep)) 331 if (authctxt == NULL || (authctxt->methoddata == NULL && !use_privsep))
309 fatal("No authentication or GSSAPI context"); 332 fatal("No authentication or GSSAPI context");
310 333
311 gssctxt = authctxt->methoddata; 334 gssctxt = authctxt->methoddata;
312 335
313 mic.value = packet_get_string(&len); 336 if ((r = sshpkt_get_string(ssh, &p, &len)) != 0)
337 fatal("%s: %s", __func__, ssh_err(r));
338 if ((b = sshbuf_new()) == NULL)
339 fatal("%s: sshbuf_new failed", __func__);
340 mic.value = p;
314 mic.length = len; 341 mic.length = len;
315 342 ssh_gssapi_buildmic(b, authctxt->user, authctxt->service,
316 ssh_gssapi_buildmic(&b, authctxt->user, authctxt->service,
317 "gssapi-with-mic"); 343 "gssapi-with-mic");
318 344
319 gssbuf.value = buffer_ptr(&b); 345 if ((gssbuf.value = sshbuf_mutable_ptr(b)) == NULL)
320 gssbuf.length = buffer_len(&b); 346 fatal("%s: sshbuf_mutable_ptr failed", __func__);
347 gssbuf.length = sshbuf_len(b);
321 348
322 if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gssctxt, &gssbuf, &mic)))) 349 if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gssctxt, &gssbuf, &mic))))
323 authenticated = 350 authenticated =
@@ -325,7 +352,7 @@ input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh)
325 else 352 else
326 logit("GSSAPI MIC check failed"); 353 logit("GSSAPI MIC check failed");
327 354
328 buffer_free(&b); 355 sshbuf_free(b);
329 free(mic.value); 356 free(mic.value);
330 357
331 if ((!use_privsep || mm_is_monitor()) && 358 if ((!use_privsep || mm_is_monitor()) &&
diff --git a/auth2-hostbased.c b/auth2-hostbased.c
index 82a7dcdae..359393291 100644
--- a/auth2-hostbased.c
+++ b/auth2-hostbased.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: auth2-hostbased.c,v 1.33 2018/01/23 05:27:21 djm Exp $ */ 1/* $OpenBSD: auth2-hostbased.c,v 1.36 2018/07/31 03:10:27 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2000 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000 Markus Friedl. All rights reserved.
4 * 4 *
@@ -34,7 +34,7 @@
34#include "xmalloc.h" 34#include "xmalloc.h"
35#include "ssh2.h" 35#include "ssh2.h"
36#include "packet.h" 36#include "packet.h"
37#include "buffer.h" 37#include "sshbuf.h"
38#include "log.h" 38#include "log.h"
39#include "misc.h" 39#include "misc.h"
40#include "servconf.h" 40#include "servconf.h"
@@ -107,8 +107,7 @@ userauth_hostbased(struct ssh *ssh)
107 "signature format"); 107 "signature format");
108 goto done; 108 goto done;
109 } 109 }
110 if (match_pattern_list(sshkey_ssh_name(key), 110 if (match_pattern_list(pkalg, options.hostbased_key_types, 0) != 1) {
111 options.hostbased_key_types, 0) != 1) {
112 logit("%s: key type %s not in HostbasedAcceptedKeyTypes", 111 logit("%s: key type %s not in HostbasedAcceptedKeyTypes",
113 __func__, sshkey_type(key)); 112 __func__, sshkey_type(key));
114 goto done; 113 goto done;
diff --git a/auth2-kbdint.c b/auth2-kbdint.c
index 86aad8ddc..a813b8f56 100644
--- a/auth2-kbdint.c
+++ b/auth2-kbdint.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: auth2-kbdint.c,v 1.8 2017/05/30 14:29:59 markus Exp $ */ 1/* $OpenBSD: auth2-kbdint.c,v 1.9 2018/07/09 21:35:50 markus Exp $ */
2/* 2/*
3 * Copyright (c) 2000 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000 Markus Friedl. All rights reserved.
4 * 4 *
@@ -31,13 +31,12 @@
31 31
32#include "xmalloc.h" 32#include "xmalloc.h"
33#include "packet.h" 33#include "packet.h"
34#include "key.h"
35#include "hostfile.h" 34#include "hostfile.h"
36#include "auth.h" 35#include "auth.h"
37#include "log.h" 36#include "log.h"
38#include "buffer.h"
39#include "misc.h" 37#include "misc.h"
40#include "servconf.h" 38#include "servconf.h"
39#include "ssherr.h"
41 40
42/* import */ 41/* import */
43extern ServerOptions options; 42extern ServerOptions options;
@@ -45,12 +44,13 @@ extern ServerOptions options;
45static int 44static int
46userauth_kbdint(struct ssh *ssh) 45userauth_kbdint(struct ssh *ssh)
47{ 46{
48 int authenticated = 0; 47 int r, authenticated = 0;
49 char *lang, *devs; 48 char *lang, *devs;
50 49
51 lang = packet_get_string(NULL); 50 if ((r = sshpkt_get_cstring(ssh, &lang, NULL)) != 0 ||
52 devs = packet_get_string(NULL); 51 (r = sshpkt_get_cstring(ssh, &devs, NULL)) != 0 ||
53 packet_check_eom(); 52 (r = sshpkt_get_end(ssh)) != 0)
53 fatal("%s: %s", __func__, ssh_err(r));
54 54
55 debug("keyboard-interactive devs %s", devs); 55 debug("keyboard-interactive devs %s", devs);
56 56
diff --git a/auth2-none.c b/auth2-none.c
index 8d4e9bb8c..dacb5fb83 100644
--- a/auth2-none.c
+++ b/auth2-none.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: auth2-none.c,v 1.21 2018/03/03 03:15:51 djm Exp $ */ 1/* $OpenBSD: auth2-none.c,v 1.22 2018/07/09 21:35:50 markus Exp $ */
2/* 2/*
3 * Copyright (c) 2000 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000 Markus Friedl. All rights reserved.
4 * 4 *
@@ -42,7 +42,6 @@
42#include "auth.h" 42#include "auth.h"
43#include "packet.h" 43#include "packet.h"
44#include "log.h" 44#include "log.h"
45#include "buffer.h"
46#include "misc.h" 45#include "misc.h"
47#include "servconf.h" 46#include "servconf.h"
48#include "compat.h" 47#include "compat.h"
diff --git a/auth2-passwd.c b/auth2-passwd.c
index 445016aec..0395a69f4 100644
--- a/auth2-passwd.c
+++ b/auth2-passwd.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: auth2-passwd.c,v 1.15 2018/03/03 03:15:51 djm Exp $ */ 1/* $OpenBSD: auth2-passwd.c,v 1.16 2018/07/09 21:35:50 markus Exp $ */
2/* 2/*
3 * Copyright (c) 2000 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000 Markus Friedl. All rights reserved.
4 * 4 *
@@ -36,7 +36,6 @@
36#include "sshkey.h" 36#include "sshkey.h"
37#include "hostfile.h" 37#include "hostfile.h"
38#include "auth.h" 38#include "auth.h"
39#include "buffer.h"
40#ifdef GSSAPI 39#ifdef GSSAPI
41#include "ssh-gss.h" 40#include "ssh-gss.h"
42#endif 41#endif
diff --git a/auth2-pubkey.c b/auth2-pubkey.c
index a9272b97f..3d9f9af1f 100644
--- a/auth2-pubkey.c
+++ b/auth2-pubkey.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: auth2-pubkey.c,v 1.77 2018/03/03 03:15:51 djm Exp $ */ 1/* $OpenBSD: auth2-pubkey.c,v 1.84 2018/08/23 03:01:08 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2000 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000 Markus Friedl. All rights reserved.
4 * 4 *
@@ -46,7 +46,7 @@
46#include "ssh.h" 46#include "ssh.h"
47#include "ssh2.h" 47#include "ssh2.h"
48#include "packet.h" 48#include "packet.h"
49#include "buffer.h" 49#include "sshbuf.h"
50#include "log.h" 50#include "log.h"
51#include "misc.h" 51#include "misc.h"
52#include "servconf.h" 52#include "servconf.h"
@@ -105,7 +105,7 @@ userauth_pubkey(struct ssh *ssh)
105 pktype = sshkey_type_from_name(pkalg); 105 pktype = sshkey_type_from_name(pkalg);
106 if (pktype == KEY_UNSPEC) { 106 if (pktype == KEY_UNSPEC) {
107 /* this is perfectly legal */ 107 /* this is perfectly legal */
108 logit("%s: unsupported public key algorithm: %s", 108 verbose("%s: unsupported public key algorithm: %s",
109 __func__, pkalg); 109 __func__, pkalg);
110 goto done; 110 goto done;
111 } 111 }
@@ -132,8 +132,7 @@ userauth_pubkey(struct ssh *ssh)
132 logit("refusing previously-used %s key", sshkey_type(key)); 132 logit("refusing previously-used %s key", sshkey_type(key));
133 goto done; 133 goto done;
134 } 134 }
135 if (match_pattern_list(sshkey_ssh_name(key), 135 if (match_pattern_list(pkalg, options.pubkey_key_types, 0) != 1) {
136 options.pubkey_key_types, 0) != 1) {
137 logit("%s: key type %s not in PubkeyAcceptedKeyTypes", 136 logit("%s: key type %s not in PubkeyAcceptedKeyTypes",
138 __func__, sshkey_ssh_name(key)); 137 __func__, sshkey_ssh_name(key));
139 goto done; 138 goto done;
@@ -188,11 +187,12 @@ userauth_pubkey(struct ssh *ssh)
188 /* test for correct signature */ 187 /* test for correct signature */
189 authenticated = 0; 188 authenticated = 0;
190 if (PRIVSEP(user_key_allowed(ssh, pw, key, 1, &authopts)) && 189 if (PRIVSEP(user_key_allowed(ssh, pw, key, 1, &authopts)) &&
191 PRIVSEP(sshkey_verify(key, sig, slen, sshbuf_ptr(b), 190 PRIVSEP(sshkey_verify(key, sig, slen,
192 sshbuf_len(b), NULL, ssh->compat)) == 0) { 191 sshbuf_ptr(b), sshbuf_len(b),
192 (ssh->compat & SSH_BUG_SIGTYPE) == 0 ? pkalg : NULL,
193 ssh->compat)) == 0) {
193 authenticated = 1; 194 authenticated = 1;
194 } 195 }
195 sshbuf_free(b);
196 auth2_record_key(authctxt, authenticated, key); 196 auth2_record_key(authctxt, authenticated, key);
197 } else { 197 } else {
198 debug("%s: test pkalg %s pkblob %s%s%s", 198 debug("%s: test pkalg %s pkblob %s%s%s",
@@ -221,9 +221,9 @@ userauth_pubkey(struct ssh *ssh)
221 != 0 || 221 != 0 ||
222 (r = sshpkt_put_cstring(ssh, pkalg)) != 0 || 222 (r = sshpkt_put_cstring(ssh, pkalg)) != 0 ||
223 (r = sshpkt_put_string(ssh, pkblob, blen)) != 0 || 223 (r = sshpkt_put_string(ssh, pkblob, blen)) != 0 ||
224 (r = sshpkt_send(ssh)) != 0) 224 (r = sshpkt_send(ssh)) != 0 ||
225 (r = ssh_packet_write_wait(ssh)) != 0)
225 fatal("%s: %s", __func__, ssh_err(r)); 226 fatal("%s: %s", __func__, ssh_err(r));
226 ssh_packet_write_wait(ssh);
227 authctxt->postponed = 1; 227 authctxt->postponed = 1;
228 } 228 }
229 } 229 }
@@ -234,6 +234,7 @@ done:
234 } 234 }
235 debug2("%s: authenticated %d pkalg %s", __func__, authenticated, pkalg); 235 debug2("%s: authenticated %d pkalg %s", __func__, authenticated, pkalg);
236 236
237 sshbuf_free(b);
237 sshauthopt_free(authopts); 238 sshauthopt_free(authopts);
238 sshkey_free(key); 239 sshkey_free(key);
239 free(userstyle); 240 free(userstyle);
@@ -324,14 +325,16 @@ static int
324process_principals(struct ssh *ssh, FILE *f, const char *file, 325process_principals(struct ssh *ssh, FILE *f, const char *file,
325 const struct sshkey_cert *cert, struct sshauthopt **authoptsp) 326 const struct sshkey_cert *cert, struct sshauthopt **authoptsp)
326{ 327{
327 char loc[256], line[SSH_MAX_PUBKEY_BYTES], *cp, *ep; 328 char loc[256], *line = NULL, *cp, *ep;
329 size_t linesize = 0;
328 u_long linenum = 0; 330 u_long linenum = 0;
329 u_int found_principal = 0; 331 u_int found_principal = 0;
330 332
331 if (authoptsp != NULL) 333 if (authoptsp != NULL)
332 *authoptsp = NULL; 334 *authoptsp = NULL;
333 335
334 while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) { 336 while (getline(&line, &linesize, f) != -1) {
337 linenum++;
335 /* Always consume entire input */ 338 /* Always consume entire input */
336 if (found_principal) 339 if (found_principal)
337 continue; 340 continue;
@@ -349,6 +352,7 @@ process_principals(struct ssh *ssh, FILE *f, const char *file,
349 if (check_principals_line(ssh, cp, cert, loc, authoptsp) == 0) 352 if (check_principals_line(ssh, cp, cert, loc, authoptsp) == 0)
350 found_principal = 1; 353 found_principal = 1;
351 } 354 }
355 free(line);
352 return found_principal; 356 return found_principal;
353} 357}
354 358
@@ -392,7 +396,7 @@ match_principals_command(struct ssh *ssh, struct passwd *user_pw,
392 pid_t pid; 396 pid_t pid;
393 char *tmp, *username = NULL, *command = NULL, **av = NULL; 397 char *tmp, *username = NULL, *command = NULL, **av = NULL;
394 char *ca_fp = NULL, *key_fp = NULL, *catext = NULL, *keytext = NULL; 398 char *ca_fp = NULL, *key_fp = NULL, *catext = NULL, *keytext = NULL;
395 char serial_s[16]; 399 char serial_s[16], uidstr[32];
396 void (*osigchld)(int); 400 void (*osigchld)(int);
397 401
398 if (authoptsp != NULL) 402 if (authoptsp != NULL)
@@ -452,8 +456,11 @@ match_principals_command(struct ssh *ssh, struct passwd *user_pw,
452 } 456 }
453 snprintf(serial_s, sizeof(serial_s), "%llu", 457 snprintf(serial_s, sizeof(serial_s), "%llu",
454 (unsigned long long)cert->serial); 458 (unsigned long long)cert->serial);
459 snprintf(uidstr, sizeof(uidstr), "%llu",
460 (unsigned long long)user_pw->pw_uid);
455 for (i = 1; i < ac; i++) { 461 for (i = 1; i < ac; i++) {
456 tmp = percent_expand(av[i], 462 tmp = percent_expand(av[i],
463 "U", uidstr,
457 "u", user_pw->pw_name, 464 "u", user_pw->pw_name,
458 "h", user_pw->pw_dir, 465 "h", user_pw->pw_dir,
459 "t", sshkey_ssh_name(key), 466 "t", sshkey_ssh_name(key),
@@ -689,14 +696,16 @@ static int
689check_authkeys_file(struct ssh *ssh, struct passwd *pw, FILE *f, 696check_authkeys_file(struct ssh *ssh, struct passwd *pw, FILE *f,
690 char *file, struct sshkey *key, struct sshauthopt **authoptsp) 697 char *file, struct sshkey *key, struct sshauthopt **authoptsp)
691{ 698{
692 char *cp, line[SSH_MAX_PUBKEY_BYTES], loc[256]; 699 char *cp, *line = NULL, loc[256];
700 size_t linesize = 0;
693 int found_key = 0; 701 int found_key = 0;
694 u_long linenum = 0; 702 u_long linenum = 0;
695 703
696 if (authoptsp != NULL) 704 if (authoptsp != NULL)
697 *authoptsp = NULL; 705 *authoptsp = NULL;
698 706
699 while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) { 707 while (getline(&line, &linesize, f) != -1) {
708 linenum++;
700 /* Always consume entire file */ 709 /* Always consume entire file */
701 if (found_key) 710 if (found_key)
702 continue; 711 continue;
@@ -710,6 +719,7 @@ check_authkeys_file(struct ssh *ssh, struct passwd *pw, FILE *f,
710 if (check_authkey_line(ssh, pw, key, cp, loc, authoptsp) == 0) 719 if (check_authkey_line(ssh, pw, key, cp, loc, authoptsp) == 0)
711 found_key = 1; 720 found_key = 1;
712 } 721 }
722 free(line);
713 return found_key; 723 return found_key;
714} 724}
715 725
@@ -857,7 +867,7 @@ user_key_command_allowed2(struct ssh *ssh, struct passwd *user_pw,
857 int i, uid_swapped = 0, ac = 0; 867 int i, uid_swapped = 0, ac = 0;
858 pid_t pid; 868 pid_t pid;
859 char *username = NULL, *key_fp = NULL, *keytext = NULL; 869 char *username = NULL, *key_fp = NULL, *keytext = NULL;
860 char *tmp, *command = NULL, **av = NULL; 870 char uidstr[32], *tmp, *command = NULL, **av = NULL;
861 void (*osigchld)(int); 871 void (*osigchld)(int);
862 872
863 if (authoptsp != NULL) 873 if (authoptsp != NULL)
@@ -907,8 +917,11 @@ user_key_command_allowed2(struct ssh *ssh, struct passwd *user_pw,
907 command); 917 command);
908 goto out; 918 goto out;
909 } 919 }
920 snprintf(uidstr, sizeof(uidstr), "%llu",
921 (unsigned long long)user_pw->pw_uid);
910 for (i = 1; i < ac; i++) { 922 for (i = 1; i < ac; i++) {
911 tmp = percent_expand(av[i], 923 tmp = percent_expand(av[i],
924 "U", uidstr,
912 "u", user_pw->pw_name, 925 "u", user_pw->pw_name,
913 "h", user_pw->pw_dir, 926 "h", user_pw->pw_dir,
914 "t", sshkey_ssh_name(key), 927 "t", sshkey_ssh_name(key),
diff --git a/auth2.c b/auth2.c
index be5e9f15f..90a247c1c 100644
--- a/auth2.c
+++ b/auth2.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: auth2.c,v 1.145 2018/03/03 03:15:51 djm Exp $ */ 1/* $OpenBSD: auth2.c,v 1.149 2018/07/11 18:53:29 markus Exp $ */
2/* 2/*
3 * Copyright (c) 2000 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000 Markus Friedl. All rights reserved.
4 * 4 *
@@ -41,28 +41,30 @@
41#include "ssh2.h" 41#include "ssh2.h"
42#include "packet.h" 42#include "packet.h"
43#include "log.h" 43#include "log.h"
44#include "buffer.h" 44#include "sshbuf.h"
45#include "misc.h" 45#include "misc.h"
46#include "servconf.h" 46#include "servconf.h"
47#include "compat.h" 47#include "compat.h"
48#include "key.h" 48#include "sshkey.h"
49#include "hostfile.h" 49#include "hostfile.h"
50#include "auth.h" 50#include "auth.h"
51#include "dispatch.h" 51#include "dispatch.h"
52#include "pathnames.h" 52#include "pathnames.h"
53#include "buffer.h" 53#include "sshbuf.h"
54#include "ssherr.h"
54 55
55#ifdef GSSAPI 56#ifdef GSSAPI
56#include "ssh-gss.h" 57#include "ssh-gss.h"
57#endif 58#endif
58#include "monitor_wrap.h" 59#include "monitor_wrap.h"
59#include "ssherr.h" 60#include "ssherr.h"
61#include "digest.h"
60 62
61/* import */ 63/* import */
62extern ServerOptions options; 64extern ServerOptions options;
63extern u_char *session_id2; 65extern u_char *session_id2;
64extern u_int session_id2_len; 66extern u_int session_id2_len;
65extern Buffer loginmsg; 67extern struct sshbuf *loginmsg;
66 68
67/* methods */ 69/* methods */
68 70
@@ -212,6 +214,43 @@ input_service_request(int type, u_int32_t seq, struct ssh *ssh)
212 return 0; 214 return 0;
213} 215}
214 216
217#define MIN_FAIL_DELAY_SECONDS 0.005
218static double
219user_specific_delay(const char *user)
220{
221 char b[512];
222 size_t len = ssh_digest_bytes(SSH_DIGEST_SHA512);
223 u_char *hash = xmalloc(len);
224 double delay;
225
226 (void)snprintf(b, sizeof b, "%llu%s",
227 (unsigned long long)options.timing_secret, user);
228 if (ssh_digest_memory(SSH_DIGEST_SHA512, b, strlen(b), hash, len) != 0)
229 fatal("%s: ssh_digest_memory", __func__);
230 /* 0-4.2 ms of delay */
231 delay = (double)PEEK_U32(hash) / 1000 / 1000 / 1000 / 1000;
232 freezero(hash, len);
233 debug3("%s: user specific delay %0.3lfms", __func__, delay/1000);
234 return MIN_FAIL_DELAY_SECONDS + delay;
235}
236
237static void
238ensure_minimum_time_since(double start, double seconds)
239{
240 struct timespec ts;
241 double elapsed = monotime_double() - start, req = seconds, remain;
242
243 /* if we've already passed the requested time, scale up */
244 while ((remain = seconds - elapsed) < 0.0)
245 seconds *= 2;
246
247 ts.tv_sec = remain;
248 ts.tv_nsec = (remain - ts.tv_sec) * 1000000000;
249 debug3("%s: elapsed %0.3lfms, delaying %0.3lfms (requested %0.3lfms)",
250 __func__, elapsed*1000, remain*1000, req*1000);
251 nanosleep(&ts, NULL);
252}
253
215/*ARGSUSED*/ 254/*ARGSUSED*/
216static int 255static int
217input_userauth_request(int type, u_int32_t seq, struct ssh *ssh) 256input_userauth_request(int type, u_int32_t seq, struct ssh *ssh)
@@ -220,6 +259,7 @@ input_userauth_request(int type, u_int32_t seq, struct ssh *ssh)
220 Authmethod *m = NULL; 259 Authmethod *m = NULL;
221 char *user, *service, *method, *style = NULL, *role = NULL; 260 char *user, *service, *method, *style = NULL, *role = NULL;
222 int authenticated = 0; 261 int authenticated = 0;
262 double tstart = monotime_double();
223 263
224 if (authctxt == NULL) 264 if (authctxt == NULL)
225 fatal("input_userauth_request: no authctxt"); 265 fatal("input_userauth_request: no authctxt");
@@ -294,6 +334,9 @@ input_userauth_request(int type, u_int32_t seq, struct ssh *ssh)
294 debug2("input_userauth_request: try method %s", method); 334 debug2("input_userauth_request: try method %s", method);
295 authenticated = m->userauth(ssh); 335 authenticated = m->userauth(ssh);
296 } 336 }
337 if (!authctxt->authenticated)
338 ensure_minimum_time_since(tstart,
339 user_specific_delay(authctxt->user));
297 userauth_finish(ssh, authenticated, method, NULL); 340 userauth_finish(ssh, authenticated, method, NULL);
298 341
299 free(service); 342 free(service);
@@ -344,11 +387,15 @@ userauth_finish(struct ssh *ssh, int authenticated, const char *method,
344 387
345#ifdef USE_PAM 388#ifdef USE_PAM
346 if (options.use_pam && authenticated) { 389 if (options.use_pam && authenticated) {
390 int r;
391
347 if (!PRIVSEP(do_pam_account())) { 392 if (!PRIVSEP(do_pam_account())) {
348 /* if PAM returned a message, send it to the user */ 393 /* if PAM returned a message, send it to the user */
349 if (buffer_len(&loginmsg) > 0) { 394 if (sshbuf_len(loginmsg) > 0) {
350 buffer_append(&loginmsg, "\0", 1); 395 if ((r = sshbuf_put(loginmsg, "\0", 1)) != 0)
351 userauth_send_banner(buffer_ptr(&loginmsg)); 396 fatal("%s: buffer error: %s",
397 __func__, ssh_err(r));
398 userauth_send_banner(sshbuf_ptr(loginmsg));
352 packet_write_wait(); 399 packet_write_wait();
353 } 400 }
354 fatal("Access denied for user %s by PAM account " 401 fatal("Access denied for user %s by PAM account "
@@ -417,11 +464,12 @@ auth2_method_allowed(Authctxt *authctxt, const char *method,
417static char * 464static char *
418authmethods_get(Authctxt *authctxt) 465authmethods_get(Authctxt *authctxt)
419{ 466{
420 Buffer b; 467 struct sshbuf *b;
421 char *list; 468 char *list;
422 u_int i; 469 int i, r;
423 470
424 buffer_init(&b); 471 if ((b = sshbuf_new()) == NULL)
472 fatal("%s: sshbuf_new failed", __func__);
425 for (i = 0; authmethods[i] != NULL; i++) { 473 for (i = 0; authmethods[i] != NULL; i++) {
426 if (strcmp(authmethods[i]->name, "none") == 0) 474 if (strcmp(authmethods[i]->name, "none") == 0)
427 continue; 475 continue;
@@ -431,14 +479,13 @@ authmethods_get(Authctxt *authctxt)
431 if (!auth2_method_allowed(authctxt, authmethods[i]->name, 479 if (!auth2_method_allowed(authctxt, authmethods[i]->name,
432 NULL)) 480 NULL))
433 continue; 481 continue;
434 if (buffer_len(&b) > 0) 482 if ((r = sshbuf_putf(b, "%s%s", sshbuf_len(b) ? "," : "",
435 buffer_append(&b, ",", 1); 483 authmethods[i]->name)) != 0)
436 buffer_append(&b, authmethods[i]->name, 484 fatal("%s: buffer error: %s", __func__, ssh_err(r));
437 strlen(authmethods[i]->name));
438 } 485 }
439 if ((list = sshbuf_dup_string(&b)) == NULL) 486 if ((list = sshbuf_dup_string(b)) == NULL)
440 fatal("%s: sshbuf_dup_string failed", __func__); 487 fatal("%s: sshbuf_dup_string failed", __func__);
441 buffer_free(&b); 488 sshbuf_free(b);
442 return list; 489 return list;
443} 490}
444 491
diff --git a/authfd.c b/authfd.c
index 1eff7ba94..ecdd869ab 100644
--- a/authfd.c
+++ b/authfd.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: authfd.c,v 1.108 2018/02/23 15:58:37 markus Exp $ */ 1/* $OpenBSD: authfd.c,v 1.111 2018/07/09 21:59:10 markus Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -133,7 +133,7 @@ ssh_request_reply(int sock, struct sshbuf *request, struct sshbuf *reply)
133 133
134 /* Send the length and then the packet to the agent. */ 134 /* Send the length and then the packet to the agent. */
135 if (atomicio(vwrite, sock, buf, 4) != 4 || 135 if (atomicio(vwrite, sock, buf, 4) != 4 ||
136 atomicio(vwrite, sock, (u_char *)sshbuf_ptr(request), 136 atomicio(vwrite, sock, sshbuf_mutable_ptr(request),
137 sshbuf_len(request)) != sshbuf_len(request)) 137 sshbuf_len(request)) != sshbuf_len(request))
138 return SSH_ERR_AGENT_COMMUNICATION; 138 return SSH_ERR_AGENT_COMMUNICATION;
139 /* 139 /*
@@ -323,7 +323,7 @@ ssh_free_identitylist(struct ssh_identitylist *idl)
323 */ 323 */
324 324
325 325
326/* encode signature algoritm in flag bits, so we can keep the msg format */ 326/* encode signature algorithm in flag bits, so we can keep the msg format */
327static u_int 327static u_int
328agent_encode_alg(const struct sshkey *key, const char *alg) 328agent_encode_alg(const struct sshkey *key, const char *alg)
329{ 329{
@@ -343,8 +343,8 @@ ssh_agent_sign(int sock, const struct sshkey *key,
343 const u_char *data, size_t datalen, const char *alg, u_int compat) 343 const u_char *data, size_t datalen, const char *alg, u_int compat)
344{ 344{
345 struct sshbuf *msg; 345 struct sshbuf *msg;
346 u_char *blob = NULL, type; 346 u_char *sig = NULL, type = 0;
347 size_t blen = 0, len = 0; 347 size_t len = 0;
348 u_int flags = 0; 348 u_int flags = 0;
349 int r = SSH_ERR_INTERNAL_ERROR; 349 int r = SSH_ERR_INTERNAL_ERROR;
350 350
@@ -355,11 +355,9 @@ ssh_agent_sign(int sock, const struct sshkey *key,
355 return SSH_ERR_INVALID_ARGUMENT; 355 return SSH_ERR_INVALID_ARGUMENT;
356 if ((msg = sshbuf_new()) == NULL) 356 if ((msg = sshbuf_new()) == NULL)
357 return SSH_ERR_ALLOC_FAIL; 357 return SSH_ERR_ALLOC_FAIL;
358 if ((r = sshkey_to_blob(key, &blob, &blen)) != 0)
359 goto out;
360 flags |= agent_encode_alg(key, alg); 358 flags |= agent_encode_alg(key, alg);
361 if ((r = sshbuf_put_u8(msg, SSH2_AGENTC_SIGN_REQUEST)) != 0 || 359 if ((r = sshbuf_put_u8(msg, SSH2_AGENTC_SIGN_REQUEST)) != 0 ||
362 (r = sshbuf_put_string(msg, blob, blen)) != 0 || 360 (r = sshkey_puts(key, msg)) != 0 ||
363 (r = sshbuf_put_string(msg, data, datalen)) != 0 || 361 (r = sshbuf_put_string(msg, data, datalen)) != 0 ||
364 (r = sshbuf_put_u32(msg, flags)) != 0) 362 (r = sshbuf_put_u32(msg, flags)) != 0)
365 goto out; 363 goto out;
@@ -374,15 +372,19 @@ ssh_agent_sign(int sock, const struct sshkey *key,
374 r = SSH_ERR_INVALID_FORMAT; 372 r = SSH_ERR_INVALID_FORMAT;
375 goto out; 373 goto out;
376 } 374 }
377 if ((r = sshbuf_get_string(msg, sigp, &len)) != 0) 375 if ((r = sshbuf_get_string(msg, &sig, &len)) != 0)
376 goto out;
377 /* Check what we actually got back from the agent. */
378 if ((r = sshkey_check_sigtype(sig, len, alg)) != 0)
378 goto out; 379 goto out;
380 /* success */
381 *sigp = sig;
379 *lenp = len; 382 *lenp = len;
383 sig = NULL;
384 len = 0;
380 r = 0; 385 r = 0;
381 out: 386 out:
382 if (blob != NULL) { 387 freezero(sig, len);
383 explicit_bzero(blob, blen);
384 free(blob);
385 }
386 sshbuf_free(msg); 388 sshbuf_free(msg);
387 return r; 389 return r;
388} 390}
diff --git a/authfd.h b/authfd.h
index ab954ffc0..a032fd542 100644
--- a/authfd.h
+++ b/authfd.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: authfd.h,v 1.43 2018/02/23 15:58:37 markus Exp $ */ 1/* $OpenBSD: authfd.h,v 1.44 2018/07/12 04:35:25 djm Exp $ */
2 2
3/* 3/*
4 * Author: Tatu Ylonen <ylo@cs.hut.fi> 4 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -36,8 +36,6 @@ int ssh_update_card(int sock, int add, const char *reader_id,
36 const char *pin, u_int life, u_int confirm); 36 const char *pin, u_int life, u_int confirm);
37int ssh_remove_all_identities(int sock, int version); 37int ssh_remove_all_identities(int sock, int version);
38 38
39int ssh_decrypt_challenge(int sock, struct sshkey* key, BIGNUM *challenge,
40 u_char session_id[16], u_char response[16]);
41int ssh_agent_sign(int sock, const struct sshkey *key, 39int ssh_agent_sign(int sock, const struct sshkey *key,
42 u_char **sigp, size_t *lenp, 40 u_char **sigp, size_t *lenp,
43 const u_char *data, size_t datalen, const char *alg, u_int compat); 41 const u_char *data, size_t datalen, const char *alg, u_int compat);
diff --git a/authfile.c b/authfile.c
index 57dcd808c..be4a57736 100644
--- a/authfile.c
+++ b/authfile.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: authfile.c,v 1.128 2018/02/23 15:58:37 markus Exp $ */ 1/* $OpenBSD: authfile.c,v 1.130 2018/07/09 21:59:10 markus Exp $ */
2/* 2/*
3 * Copyright (c) 2000, 2013 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000, 2013 Markus Friedl. All rights reserved.
4 * 4 *
@@ -59,7 +59,7 @@ sshkey_save_private_blob(struct sshbuf *keybuf, const char *filename)
59 59
60 if ((fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600)) < 0) 60 if ((fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600)) < 0)
61 return SSH_ERR_SYSTEM_ERROR; 61 return SSH_ERR_SYSTEM_ERROR;
62 if (atomicio(vwrite, fd, (u_char *)sshbuf_ptr(keybuf), 62 if (atomicio(vwrite, fd, sshbuf_mutable_ptr(keybuf),
63 sshbuf_len(keybuf)) != sshbuf_len(keybuf)) { 63 sshbuf_len(keybuf)) != sshbuf_len(keybuf)) {
64 oerrno = errno; 64 oerrno = errno;
65 close(fd); 65 close(fd);
@@ -265,17 +265,15 @@ static int
265sshkey_try_load_public(struct sshkey *k, const char *filename, char **commentp) 265sshkey_try_load_public(struct sshkey *k, const char *filename, char **commentp)
266{ 266{
267 FILE *f; 267 FILE *f;
268 char line[SSH_MAX_PUBKEY_BYTES]; 268 char *line = NULL, *cp;
269 char *cp; 269 size_t linesize = 0;
270 u_long linenum = 0;
271 int r; 270 int r;
272 271
273 if (commentp != NULL) 272 if (commentp != NULL)
274 *commentp = NULL; 273 *commentp = NULL;
275 if ((f = fopen(filename, "r")) == NULL) 274 if ((f = fopen(filename, "r")) == NULL)
276 return SSH_ERR_SYSTEM_ERROR; 275 return SSH_ERR_SYSTEM_ERROR;
277 while (read_keyfile_line(f, filename, line, sizeof(line), 276 while (getline(&line, &linesize, f) != -1) {
278 &linenum) != -1) {
279 cp = line; 277 cp = line;
280 switch (*cp) { 278 switch (*cp) {
281 case '#': 279 case '#':
@@ -299,11 +297,13 @@ sshkey_try_load_public(struct sshkey *k, const char *filename, char **commentp)
299 if (*commentp == NULL) 297 if (*commentp == NULL)
300 r = SSH_ERR_ALLOC_FAIL; 298 r = SSH_ERR_ALLOC_FAIL;
301 } 299 }
300 free(line);
302 fclose(f); 301 fclose(f);
303 return r; 302 return r;
304 } 303 }
305 } 304 }
306 } 305 }
306 free(line);
307 fclose(f); 307 fclose(f);
308 return SSH_ERR_INVALID_FORMAT; 308 return SSH_ERR_INVALID_FORMAT;
309} 309}
@@ -447,19 +447,18 @@ sshkey_in_file(struct sshkey *key, const char *filename, int strict_type,
447 int check_ca) 447 int check_ca)
448{ 448{
449 FILE *f; 449 FILE *f;
450 char line[SSH_MAX_PUBKEY_BYTES]; 450 char *line = NULL, *cp;
451 char *cp; 451 size_t linesize = 0;
452 u_long linenum = 0;
453 int r = 0; 452 int r = 0;
454 struct sshkey *pub = NULL; 453 struct sshkey *pub = NULL;
454
455 int (*sshkey_compare)(const struct sshkey *, const struct sshkey *) = 455 int (*sshkey_compare)(const struct sshkey *, const struct sshkey *) =
456 strict_type ? sshkey_equal : sshkey_equal_public; 456 strict_type ? sshkey_equal : sshkey_equal_public;
457 457
458 if ((f = fopen(filename, "r")) == NULL) 458 if ((f = fopen(filename, "r")) == NULL)
459 return SSH_ERR_SYSTEM_ERROR; 459 return SSH_ERR_SYSTEM_ERROR;
460 460
461 while (read_keyfile_line(f, filename, line, sizeof(line), 461 while (getline(&line, &linesize, f) != -1) {
462 &linenum) != -1) {
463 cp = line; 462 cp = line;
464 463
465 /* Skip leading whitespace. */ 464 /* Skip leading whitespace. */
@@ -491,6 +490,7 @@ sshkey_in_file(struct sshkey *key, const char *filename, int strict_type,
491 } 490 }
492 r = SSH_ERR_KEY_NOT_FOUND; 491 r = SSH_ERR_KEY_NOT_FOUND;
493 out: 492 out:
493 free(line);
494 sshkey_free(pub); 494 sshkey_free(pub);
495 fclose(f); 495 fclose(f);
496 return r; 496 return r;
diff --git a/bufaux.c b/bufaux.c
deleted file mode 100644
index 3976896a9..000000000
--- a/bufaux.c
+++ /dev/null
@@ -1,259 +0,0 @@
1/* $OpenBSD: bufaux.c,v 1.60 2014/04/30 05:29:56 djm Exp $ */
2/*
3 * Copyright (c) 2012 Damien Miller <djm@mindrot.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18/* Emulation wrappers for legacy OpenSSH buffer API atop sshbuf */
19
20#include "includes.h"
21
22#include <sys/types.h>
23
24#include "buffer.h"
25#include "log.h"
26#include "ssherr.h"
27
28int
29buffer_get_short_ret(u_short *v, Buffer *buffer)
30{
31 int ret;
32
33 if ((ret = sshbuf_get_u16(buffer, v)) != 0) {
34 error("%s: %s", __func__, ssh_err(ret));
35 return -1;
36 }
37 return 0;
38}
39
40u_short
41buffer_get_short(Buffer *buffer)
42{
43 u_short ret;
44
45 if (buffer_get_short_ret(&ret, buffer) == -1)
46 fatal("%s: buffer error", __func__);
47
48 return (ret);
49}
50
51int
52buffer_get_int_ret(u_int *v, Buffer *buffer)
53{
54 int ret;
55
56 if ((ret = sshbuf_get_u32(buffer, v)) != 0) {
57 error("%s: %s", __func__, ssh_err(ret));
58 return -1;
59 }
60 return 0;
61}
62
63u_int
64buffer_get_int(Buffer *buffer)
65{
66 u_int ret;
67
68 if (buffer_get_int_ret(&ret, buffer) == -1)
69 fatal("%s: buffer error", __func__);
70
71 return (ret);
72}
73
74int
75buffer_get_int64_ret(u_int64_t *v, Buffer *buffer)
76{
77 int ret;
78
79 if ((ret = sshbuf_get_u64(buffer, v)) != 0) {
80 error("%s: %s", __func__, ssh_err(ret));
81 return -1;
82 }
83 return 0;
84}
85
86u_int64_t
87buffer_get_int64(Buffer *buffer)
88{
89 u_int64_t ret;
90
91 if (buffer_get_int64_ret(&ret, buffer) == -1)
92 fatal("%s: buffer error", __func__);
93
94 return (ret);
95}
96
97void
98buffer_put_short(Buffer *buffer, u_short value)
99{
100 int ret;
101
102 if ((ret = sshbuf_put_u16(buffer, value)) != 0)
103 fatal("%s: %s", __func__, ssh_err(ret));
104}
105
106void
107buffer_put_int(Buffer *buffer, u_int value)
108{
109 int ret;
110
111 if ((ret = sshbuf_put_u32(buffer, value)) != 0)
112 fatal("%s: %s", __func__, ssh_err(ret));
113}
114
115void
116buffer_put_int64(Buffer *buffer, u_int64_t value)
117{
118 int ret;
119
120 if ((ret = sshbuf_put_u64(buffer, value)) != 0)
121 fatal("%s: %s", __func__, ssh_err(ret));
122}
123
124void *
125buffer_get_string_ret(Buffer *buffer, u_int *length_ptr)
126{
127 size_t len;
128 int ret;
129 u_char *value;
130
131 if ((ret = sshbuf_get_string(buffer, &value, &len)) != 0) {
132 error("%s: %s", __func__, ssh_err(ret));
133 return NULL;
134 }
135 if (length_ptr != NULL)
136 *length_ptr = len; /* Safe: sshbuf never stores len > 2^31 */
137 return value;
138}
139
140void *
141buffer_get_string(Buffer *buffer, u_int *length_ptr)
142{
143 void *ret;
144
145 if ((ret = buffer_get_string_ret(buffer, length_ptr)) == NULL)
146 fatal("%s: buffer error", __func__);
147 return (ret);
148}
149
150char *
151buffer_get_cstring_ret(Buffer *buffer, u_int *length_ptr)
152{
153 size_t len;
154 int ret;
155 char *value;
156
157 if ((ret = sshbuf_get_cstring(buffer, &value, &len)) != 0) {
158 error("%s: %s", __func__, ssh_err(ret));
159 return NULL;
160 }
161 if (length_ptr != NULL)
162 *length_ptr = len; /* Safe: sshbuf never stores len > 2^31 */
163 return value;
164}
165
166char *
167buffer_get_cstring(Buffer *buffer, u_int *length_ptr)
168{
169 char *ret;
170
171 if ((ret = buffer_get_cstring_ret(buffer, length_ptr)) == NULL)
172 fatal("%s: buffer error", __func__);
173 return ret;
174}
175
176const void *
177buffer_get_string_ptr_ret(Buffer *buffer, u_int *length_ptr)
178{
179 size_t len;
180 int ret;
181 const u_char *value;
182
183 if ((ret = sshbuf_get_string_direct(buffer, &value, &len)) != 0) {
184 error("%s: %s", __func__, ssh_err(ret));
185 return NULL;
186 }
187 if (length_ptr != NULL)
188 *length_ptr = len; /* Safe: sshbuf never stores len > 2^31 */
189 return value;
190}
191
192const void *
193buffer_get_string_ptr(Buffer *buffer, u_int *length_ptr)
194{
195 const void *ret;
196
197 if ((ret = buffer_get_string_ptr_ret(buffer, length_ptr)) == NULL)
198 fatal("%s: buffer error", __func__);
199 return (ret);
200}
201
202void
203buffer_put_string(Buffer *buffer, const void *buf, u_int len)
204{
205 int ret;
206
207 if ((ret = sshbuf_put_string(buffer, buf, len)) != 0)
208 fatal("%s: %s", __func__, ssh_err(ret));
209}
210
211void
212buffer_put_cstring(Buffer *buffer, const char *s)
213{
214 int ret;
215
216 if ((ret = sshbuf_put_cstring(buffer, s)) != 0)
217 fatal("%s: %s", __func__, ssh_err(ret));
218}
219
220int
221buffer_get_char_ret(char *v, Buffer *buffer)
222{
223 int ret;
224
225 if ((ret = sshbuf_get_u8(buffer, (u_char *)v)) != 0) {
226 error("%s: %s", __func__, ssh_err(ret));
227 return -1;
228 }
229 return 0;
230}
231
232int
233buffer_get_char(Buffer *buffer)
234{
235 char ch;
236
237 if (buffer_get_char_ret(&ch, buffer) == -1)
238 fatal("%s: buffer error", __func__);
239 return (u_char) ch;
240}
241
242void
243buffer_put_char(Buffer *buffer, int value)
244{
245 int ret;
246
247 if ((ret = sshbuf_put_u8(buffer, value)) != 0)
248 fatal("%s: %s", __func__, ssh_err(ret));
249}
250
251void
252buffer_put_bignum2_from_string(Buffer *buffer, const u_char *s, u_int l)
253{
254 int ret;
255
256 if ((ret = sshbuf_put_bignum2_bytes(buffer, s, l)) != 0)
257 fatal("%s: %s", __func__, ssh_err(ret));
258}
259
diff --git a/bufbn.c b/bufbn.c
deleted file mode 100644
index 98f9466bc..000000000
--- a/bufbn.c
+++ /dev/null
@@ -1,69 +0,0 @@
1/* $OpenBSD: bufbn.c,v 1.13 2017/04/30 23:23:54 djm Exp $ */
2
3/*
4 * Copyright (c) 2012 Damien Miller <djm@mindrot.org>
5 *
6 * Permission to use, copy, modify, and distribute this software for any
7 * purpose with or without fee is hereby granted, provided that the above
8 * copyright notice and this permission notice appear in all copies.
9 *
10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17 */
18
19/* Emulation wrappers for legacy OpenSSH buffer API atop sshbuf */
20
21#include "includes.h"
22
23#ifdef WITH_OPENSSL
24
25#include <sys/types.h>
26
27#include "buffer.h"
28#include "log.h"
29#include "ssherr.h"
30
31int
32buffer_put_bignum2_ret(Buffer *buffer, const BIGNUM *value)
33{
34 int ret;
35
36 if ((ret = sshbuf_put_bignum2(buffer, value)) != 0) {
37 error("%s: %s", __func__, ssh_err(ret));
38 return -1;
39 }
40 return 0;
41}
42
43void
44buffer_put_bignum2(Buffer *buffer, const BIGNUM *value)
45{
46 if (buffer_put_bignum2_ret(buffer, value) == -1)
47 fatal("%s: buffer error", __func__);
48}
49
50int
51buffer_get_bignum2_ret(Buffer *buffer, BIGNUM *value)
52{
53 int ret;
54
55 if ((ret = sshbuf_get_bignum2(buffer, value)) != 0) {
56 error("%s: %s", __func__, ssh_err(ret));
57 return -1;
58 }
59 return 0;
60}
61
62void
63buffer_get_bignum2(Buffer *buffer, BIGNUM *value)
64{
65 if (buffer_get_bignum2_ret(buffer, value) == -1)
66 fatal("%s: buffer error", __func__);
67}
68
69#endif /* WITH_OPENSSL */
diff --git a/bufec.c b/bufec.c
deleted file mode 100644
index 749ce9d4c..000000000
--- a/bufec.c
+++ /dev/null
@@ -1,74 +0,0 @@
1/* $OpenBSD: bufec.c,v 1.4 2014/04/30 05:29:56 djm Exp $ */
2
3/*
4 * Copyright (c) 2012 Damien Miller <djm@mindrot.org>
5 *
6 * Permission to use, copy, modify, and distribute this software for any
7 * purpose with or without fee is hereby granted, provided that the above
8 * copyright notice and this permission notice appear in all copies.
9 *
10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17 */
18
19/* Emulation wrappers for legacy OpenSSH buffer API atop sshbuf */
20
21#include "includes.h"
22
23#include <sys/types.h>
24
25#include "buffer.h"
26#include "log.h"
27#include "ssherr.h"
28
29#ifdef OPENSSL_HAS_ECC
30
31int
32buffer_put_ecpoint_ret(Buffer *buffer, const EC_GROUP *curve,
33 const EC_POINT *point)
34{
35 int ret;
36
37 if ((ret = sshbuf_put_ec(buffer, point, curve)) != 0) {
38 error("%s: %s", __func__, ssh_err(ret));
39 return -1;
40 }
41 return 0;
42}
43
44void
45buffer_put_ecpoint(Buffer *buffer, const EC_GROUP *curve,
46 const EC_POINT *point)
47{
48 if (buffer_put_ecpoint_ret(buffer, curve, point) == -1)
49 fatal("%s: buffer error", __func__);
50}
51
52int
53buffer_get_ecpoint_ret(Buffer *buffer, const EC_GROUP *curve,
54 EC_POINT *point)
55{
56 int ret;
57
58 if ((ret = sshbuf_get_ec(buffer, point, curve)) != 0) {
59 error("%s: %s", __func__, ssh_err(ret));
60 return -1;
61 }
62 return 0;
63}
64
65void
66buffer_get_ecpoint(Buffer *buffer, const EC_GROUP *curve,
67 EC_POINT *point)
68{
69 if (buffer_get_ecpoint_ret(buffer, curve, point) == -1)
70 fatal("%s: buffer error", __func__);
71}
72
73#endif /* OPENSSL_HAS_ECC */
74
diff --git a/buffer.c b/buffer.c
deleted file mode 100644
index c5f708ab2..000000000
--- a/buffer.c
+++ /dev/null
@@ -1,118 +0,0 @@
1/* $OpenBSD: buffer.c,v 1.36 2014/04/30 05:29:56 djm Exp $ */
2
3/*
4 * Copyright (c) 2012 Damien Miller <djm@mindrot.org>
5 *
6 * Permission to use, copy, modify, and distribute this software for any
7 * purpose with or without fee is hereby granted, provided that the above
8 * copyright notice and this permission notice appear in all copies.
9 *
10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17 */
18
19/* Emulation wrappers for legacy OpenSSH buffer API atop sshbuf */
20
21#include "includes.h"
22
23#include <sys/types.h>
24
25#include "buffer.h"
26#include "log.h"
27#include "ssherr.h"
28
29void
30buffer_append(Buffer *buffer, const void *data, u_int len)
31{
32 int ret;
33
34 if ((ret = sshbuf_put(buffer, data, len)) != 0)
35 fatal("%s: %s", __func__, ssh_err(ret));
36}
37
38void *
39buffer_append_space(Buffer *buffer, u_int len)
40{
41 int ret;
42 u_char *p;
43
44 if ((ret = sshbuf_reserve(buffer, len, &p)) != 0)
45 fatal("%s: %s", __func__, ssh_err(ret));
46 return p;
47}
48
49int
50buffer_check_alloc(Buffer *buffer, u_int len)
51{
52 int ret = sshbuf_check_reserve(buffer, len);
53
54 if (ret == 0)
55 return 1;
56 if (ret == SSH_ERR_NO_BUFFER_SPACE)
57 return 0;
58 fatal("%s: %s", __func__, ssh_err(ret));
59}
60
61int
62buffer_get_ret(Buffer *buffer, void *buf, u_int len)
63{
64 int ret;
65
66 if ((ret = sshbuf_get(buffer, buf, len)) != 0) {
67 error("%s: %s", __func__, ssh_err(ret));
68 return -1;
69 }
70 return 0;
71}
72
73void
74buffer_get(Buffer *buffer, void *buf, u_int len)
75{
76 if (buffer_get_ret(buffer, buf, len) == -1)
77 fatal("%s: buffer error", __func__);
78}
79
80int
81buffer_consume_ret(Buffer *buffer, u_int bytes)
82{
83 int ret = sshbuf_consume(buffer, bytes);
84
85 if (ret == 0)
86 return 0;
87 if (ret == SSH_ERR_MESSAGE_INCOMPLETE)
88 return -1;
89 fatal("%s: %s", __func__, ssh_err(ret));
90}
91
92void
93buffer_consume(Buffer *buffer, u_int bytes)
94{
95 if (buffer_consume_ret(buffer, bytes) == -1)
96 fatal("%s: buffer error", __func__);
97}
98
99int
100buffer_consume_end_ret(Buffer *buffer, u_int bytes)
101{
102 int ret = sshbuf_consume_end(buffer, bytes);
103
104 if (ret == 0)
105 return 0;
106 if (ret == SSH_ERR_MESSAGE_INCOMPLETE)
107 return -1;
108 fatal("%s: %s", __func__, ssh_err(ret));
109}
110
111void
112buffer_consume_end(Buffer *buffer, u_int bytes)
113{
114 if (buffer_consume_end_ret(buffer, bytes) == -1)
115 fatal("%s: buffer error", __func__);
116}
117
118
diff --git a/buffer.h b/buffer.h
deleted file mode 100644
index 56174394c..000000000
--- a/buffer.h
+++ /dev/null
@@ -1,95 +0,0 @@
1/* $OpenBSD: buffer.h,v 1.26 2017/04/30 23:23:54 djm Exp $ */
2
3/*
4 * Copyright (c) 2012 Damien Miller <djm@mindrot.org>
5 *
6 * Permission to use, copy, modify, and distribute this software for any
7 * purpose with or without fee is hereby granted, provided that the above
8 * copyright notice and this permission notice appear in all copies.
9 *
10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17 */
18
19/* Emulation wrappers for legacy OpenSSH buffer API atop sshbuf */
20
21#ifndef BUFFER_H
22#define BUFFER_H
23
24#include "sshbuf.h"
25
26typedef struct sshbuf Buffer;
27
28#define buffer_init(b) sshbuf_init(b)
29#define buffer_clear(b) sshbuf_reset(b)
30#define buffer_free(b) sshbuf_free(b)
31#define buffer_dump(b) sshbuf_dump(b, stderr)
32
33/* XXX cast is safe: sshbuf never stores more than len 2^31 */
34#define buffer_len(b) ((u_int) sshbuf_len(b))
35#define buffer_ptr(b) sshbuf_mutable_ptr(b)
36
37void buffer_append(Buffer *, const void *, u_int);
38void *buffer_append_space(Buffer *, u_int);
39int buffer_check_alloc(Buffer *, u_int);
40void buffer_get(Buffer *, void *, u_int);
41
42void buffer_consume(Buffer *, u_int);
43void buffer_consume_end(Buffer *, u_int);
44
45
46int buffer_get_ret(Buffer *, void *, u_int);
47int buffer_consume_ret(Buffer *, u_int);
48int buffer_consume_end_ret(Buffer *, u_int);
49
50#include <openssl/objects.h>
51#include <openssl/bn.h>
52void buffer_put_bignum2(Buffer *, const BIGNUM *);
53void buffer_get_bignum2(Buffer *, BIGNUM *);
54void buffer_put_bignum2_from_string(Buffer *, const u_char *, u_int);
55
56u_short buffer_get_short(Buffer *);
57void buffer_put_short(Buffer *, u_short);
58
59u_int buffer_get_int(Buffer *);
60void buffer_put_int(Buffer *, u_int);
61
62u_int64_t buffer_get_int64(Buffer *);
63void buffer_put_int64(Buffer *, u_int64_t);
64
65int buffer_get_char(Buffer *);
66void buffer_put_char(Buffer *, int);
67
68void *buffer_get_string(Buffer *, u_int *);
69const void *buffer_get_string_ptr(Buffer *, u_int *);
70void buffer_put_string(Buffer *, const void *, u_int);
71char *buffer_get_cstring(Buffer *, u_int *);
72void buffer_put_cstring(Buffer *, const char *);
73
74#define buffer_skip_string(b) (void)buffer_get_string_ptr(b, NULL);
75
76int buffer_put_bignum2_ret(Buffer *, const BIGNUM *);
77int buffer_get_bignum2_ret(Buffer *, BIGNUM *);
78int buffer_get_short_ret(u_short *, Buffer *);
79int buffer_get_int_ret(u_int *, Buffer *);
80int buffer_get_int64_ret(u_int64_t *, Buffer *);
81void *buffer_get_string_ret(Buffer *, u_int *);
82char *buffer_get_cstring_ret(Buffer *, u_int *);
83const void *buffer_get_string_ptr_ret(Buffer *, u_int *);
84int buffer_get_char_ret(char *, Buffer *);
85
86#ifdef OPENSSL_HAS_ECC
87#include <openssl/ec.h>
88int buffer_put_ecpoint_ret(Buffer *, const EC_GROUP *, const EC_POINT *);
89void buffer_put_ecpoint(Buffer *, const EC_GROUP *, const EC_POINT *);
90int buffer_get_ecpoint_ret(Buffer *, const EC_GROUP *, EC_POINT *);
91void buffer_get_ecpoint(Buffer *, const EC_GROUP *, EC_POINT *);
92#endif
93
94#endif /* BUFFER_H */
95
diff --git a/channels.c b/channels.c
index bdee1f386..e90f7fea9 100644
--- a/channels.c
+++ b/channels.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: channels.c,v 1.379 2018/02/05 05:36:49 tb Exp $ */ 1/* $OpenBSD: channels.c,v 1.384 2018/07/27 12:03:17 markus Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -79,9 +79,10 @@
79#include "channels.h" 79#include "channels.h"
80#include "compat.h" 80#include "compat.h"
81#include "canohost.h" 81#include "canohost.h"
82#include "key.h" 82#include "sshkey.h"
83#include "authfd.h" 83#include "authfd.h"
84#include "pathnames.h" 84#include "pathnames.h"
85#include "match.h"
85 86
86/* -- agent forwarding */ 87/* -- agent forwarding */
87#define NUM_SOCKS 10 88#define NUM_SOCKS 10
@@ -97,6 +98,10 @@
97/* Maximum number of fake X11 displays to try. */ 98/* Maximum number of fake X11 displays to try. */
98#define MAX_DISPLAYS 1000 99#define MAX_DISPLAYS 1000
99 100
101/* Per-channel callback for pre/post select() actions */
102typedef void chan_fn(struct ssh *, Channel *c,
103 fd_set *readset, fd_set *writeset);
104
100/* 105/*
101 * Data structure for storing which hosts are permitted for forward requests. 106 * Data structure for storing which hosts are permitted for forward requests.
102 * The local sides of any remote forwards are stored in this array to prevent 107 * The local sides of any remote forwards are stored in this array to prevent
@@ -106,17 +111,40 @@
106/* XXX: streamlocal wants a path instead of host:port */ 111/* XXX: streamlocal wants a path instead of host:port */
107/* Overload host_to_connect; we could just make this match Forward */ 112/* Overload host_to_connect; we could just make this match Forward */
108/* XXX - can we use listen_host instead of listen_path? */ 113/* XXX - can we use listen_host instead of listen_path? */
109typedef struct { 114struct permission {
110 char *host_to_connect; /* Connect to 'host'. */ 115 char *host_to_connect; /* Connect to 'host'. */
111 int port_to_connect; /* Connect to 'port'. */ 116 int port_to_connect; /* Connect to 'port'. */
112 char *listen_host; /* Remote side should listen address. */ 117 char *listen_host; /* Remote side should listen address. */
113 char *listen_path; /* Remote side should listen path. */ 118 char *listen_path; /* Remote side should listen path. */
114 int listen_port; /* Remote side should listen port. */ 119 int listen_port; /* Remote side should listen port. */
115 Channel *downstream; /* Downstream mux*/ 120 Channel *downstream; /* Downstream mux*/
116} ForwardPermission; 121};
117 122
118typedef void chan_fn(struct ssh *, Channel *c, 123/*
119 fd_set *readset, fd_set *writeset); 124 * Stores the forwarding permission state for a single direction (local or
125 * remote).
126 */
127struct permission_set {
128 /*
129 * List of all local permitted host/port pairs to allow for the
130 * user.
131 */
132 u_int num_permitted_user;
133 struct permission *permitted_user;
134
135 /*
136 * List of all permitted host/port pairs to allow for the admin.
137 */
138 u_int num_permitted_admin;
139 struct permission *permitted_admin;
140
141 /*
142 * If this is true, all opens/listens are permitted. This is the
143 * case on the server on which we have to trust the client anyway,
144 * and the user could do anything after logging in.
145 */
146 int all_permitted;
147};
120 148
121/* Master structure for channels state */ 149/* Master structure for channels state */
122struct ssh_channels { 150struct ssh_channels {
@@ -149,31 +177,8 @@ struct ssh_channels {
149 chan_fn **channel_post; 177 chan_fn **channel_post;
150 178
151 /* -- tcp forwarding */ 179 /* -- tcp forwarding */
152 180 struct permission_set local_perms;
153 /* List of all permitted host/port pairs to connect by the user. */ 181 struct permission_set remote_perms;
154 ForwardPermission *permitted_opens;
155
156 /* List of all permitted host/port pairs to connect by the admin. */
157 ForwardPermission *permitted_adm_opens;
158
159 /*
160 * Number of permitted host/port pairs in the array permitted by
161 * the user.
162 */
163 u_int num_permitted_opens;
164
165 /*
166 * Number of permitted host/port pair in the array permitted by
167 * the admin.
168 */
169 u_int num_adm_permitted_opens;
170
171 /*
172 * If this is true, all opens are permitted. This is the case on
173 * the server on which we have to trust the client anyway, and the
174 * user could do anything after logging in anyway.
175 */
176 int all_opens_permitted;
177 182
178 /* -- X11 forwarding */ 183 /* -- X11 forwarding */
179 184
@@ -448,50 +453,95 @@ channel_close_fds(struct ssh *ssh, Channel *c)
448} 453}
449 454
450static void 455static void
451fwd_perm_clear(ForwardPermission *fp) 456fwd_perm_clear(struct permission *perm)
452{ 457{
453 free(fp->host_to_connect); 458 free(perm->host_to_connect);
454 free(fp->listen_host); 459 free(perm->listen_host);
455 free(fp->listen_path); 460 free(perm->listen_path);
456 bzero(fp, sizeof(*fp)); 461 bzero(perm, sizeof(*perm));
457} 462}
458 463
459enum { FWDPERM_USER, FWDPERM_ADMIN }; 464/* Returns an printable name for the specified forwarding permission list */
465static const char *
466fwd_ident(int who, int where)
467{
468 if (who == FORWARD_ADM) {
469 if (where == FORWARD_LOCAL)
470 return "admin local";
471 else if (where == FORWARD_REMOTE)
472 return "admin remote";
473 } else if (who == FORWARD_USER) {
474 if (where == FORWARD_LOCAL)
475 return "user local";
476 else if (where == FORWARD_REMOTE)
477 return "user remote";
478 }
479 fatal("Unknown forward permission list %d/%d", who, where);
480}
460 481
461static int 482/* Returns the forwarding permission list for the specified direction */
462fwd_perm_list_add(struct ssh *ssh, int which, 483static struct permission_set *
463 const char *host_to_connect, int port_to_connect, 484permission_set_get(struct ssh *ssh, int where)
464 const char *listen_host, const char *listen_path, int listen_port,
465 Channel *downstream)
466{ 485{
467 ForwardPermission **fpl; 486 struct ssh_channels *sc = ssh->chanctxt;
468 u_int n, *nfpl;
469 487
470 switch (which) { 488 switch (where) {
471 case FWDPERM_USER: 489 case FORWARD_LOCAL:
472 fpl = &ssh->chanctxt->permitted_opens; 490 return &sc->local_perms;
473 nfpl = &ssh->chanctxt->num_permitted_opens;
474 break; 491 break;
475 case FWDPERM_ADMIN: 492 case FORWARD_REMOTE:
476 fpl = &ssh->chanctxt->permitted_adm_opens; 493 return &sc->remote_perms;
477 nfpl = &ssh->chanctxt->num_adm_permitted_opens;
478 break; 494 break;
479 default: 495 default:
480 fatal("%s: invalid list %d", __func__, which); 496 fatal("%s: invalid forwarding direction %d", __func__, where);
481 } 497 }
498}
482 499
483 if (*nfpl >= INT_MAX) 500/* Reutrns pointers to the specified forwarding list and its element count */
484 fatal("%s: overflow", __func__); 501static void
502permission_set_get_array(struct ssh *ssh, int who, int where,
503 struct permission ***permpp, u_int **npermpp)
504{
505 struct permission_set *pset = permission_set_get(ssh, where);
485 506
486 *fpl = xrecallocarray(*fpl, *nfpl, *nfpl + 1, sizeof(**fpl)); 507 switch (who) {
487 n = (*nfpl)++; 508 case FORWARD_USER:
509 *permpp = &pset->permitted_user;
510 *npermpp = &pset->num_permitted_user;
511 break;
512 case FORWARD_ADM:
513 *permpp = &pset->permitted_admin;
514 *npermpp = &pset->num_permitted_admin;
515 break;
516 default:
517 fatal("%s: invalid forwarding client %d", __func__, who);
518 }
519}
520
521/* Adds an entry to the spcified forwarding list */
522static int
523permission_set_add(struct ssh *ssh, int who, int where,
524 const char *host_to_connect, int port_to_connect,
525 const char *listen_host, const char *listen_path, int listen_port,
526 Channel *downstream)
527{
528 struct permission **permp;
529 u_int n, *npermp;
530
531 permission_set_get_array(ssh, who, where, &permp, &npermp);
532
533 if (*npermp >= INT_MAX)
534 fatal("%s: %s overflow", __func__, fwd_ident(who, where));
535
536 *permp = xrecallocarray(*permp, *npermp, *npermp + 1, sizeof(**permp));
537 n = (*npermp)++;
488#define MAYBE_DUP(s) ((s == NULL) ? NULL : xstrdup(s)) 538#define MAYBE_DUP(s) ((s == NULL) ? NULL : xstrdup(s))
489 (*fpl)[n].host_to_connect = MAYBE_DUP(host_to_connect); 539 (*permp)[n].host_to_connect = MAYBE_DUP(host_to_connect);
490 (*fpl)[n].port_to_connect = port_to_connect; 540 (*permp)[n].port_to_connect = port_to_connect;
491 (*fpl)[n].listen_host = MAYBE_DUP(listen_host); 541 (*permp)[n].listen_host = MAYBE_DUP(listen_host);
492 (*fpl)[n].listen_path = MAYBE_DUP(listen_path); 542 (*permp)[n].listen_path = MAYBE_DUP(listen_path);
493 (*fpl)[n].listen_port = listen_port; 543 (*permp)[n].listen_port = listen_port;
494 (*fpl)[n].downstream = downstream; 544 (*permp)[n].downstream = downstream;
495#undef MAYBE_DUP 545#undef MAYBE_DUP
496 return (int)n; 546 return (int)n;
497} 547}
@@ -500,30 +550,31 @@ static void
500mux_remove_remote_forwardings(struct ssh *ssh, Channel *c) 550mux_remove_remote_forwardings(struct ssh *ssh, Channel *c)
501{ 551{
502 struct ssh_channels *sc = ssh->chanctxt; 552 struct ssh_channels *sc = ssh->chanctxt;
503 ForwardPermission *fp; 553 struct permission_set *pset = &sc->local_perms;
554 struct permission *perm;
504 int r; 555 int r;
505 u_int i; 556 u_int i;
506 557
507 for (i = 0; i < sc->num_permitted_opens; i++) { 558 for (i = 0; i < pset->num_permitted_user; i++) {
508 fp = &sc->permitted_opens[i]; 559 perm = &pset->permitted_user[i];
509 if (fp->downstream != c) 560 if (perm->downstream != c)
510 continue; 561 continue;
511 562
512 /* cancel on the server, since mux client is gone */ 563 /* cancel on the server, since mux client is gone */
513 debug("channel %d: cleanup remote forward for %s:%u", 564 debug("channel %d: cleanup remote forward for %s:%u",
514 c->self, fp->listen_host, fp->listen_port); 565 c->self, perm->listen_host, perm->listen_port);
515 if ((r = sshpkt_start(ssh, SSH2_MSG_GLOBAL_REQUEST)) != 0 || 566 if ((r = sshpkt_start(ssh, SSH2_MSG_GLOBAL_REQUEST)) != 0 ||
516 (r = sshpkt_put_cstring(ssh, 567 (r = sshpkt_put_cstring(ssh,
517 "cancel-tcpip-forward")) != 0 || 568 "cancel-tcpip-forward")) != 0 ||
518 (r = sshpkt_put_u8(ssh, 0)) != 0 || 569 (r = sshpkt_put_u8(ssh, 0)) != 0 ||
519 (r = sshpkt_put_cstring(ssh, 570 (r = sshpkt_put_cstring(ssh,
520 channel_rfwd_bind_host(fp->listen_host))) != 0 || 571 channel_rfwd_bind_host(perm->listen_host))) != 0 ||
521 (r = sshpkt_put_u32(ssh, fp->listen_port)) != 0 || 572 (r = sshpkt_put_u32(ssh, perm->listen_port)) != 0 ||
522 (r = sshpkt_send(ssh)) != 0) { 573 (r = sshpkt_send(ssh)) != 0) {
523 fatal("%s: channel %i: %s", __func__, 574 fatal("%s: channel %i: %s", __func__,
524 c->self, ssh_err(r)); 575 c->self, ssh_err(r));
525 } 576 }
526 fwd_perm_clear(fp); /* unregister */ 577 fwd_perm_clear(perm); /* unregister */
527 } 578 }
528} 579}
529 580
@@ -557,9 +608,11 @@ channel_free(struct ssh *ssh, Channel *c)
557 if (c->type == SSH_CHANNEL_MUX_CLIENT) 608 if (c->type == SSH_CHANNEL_MUX_CLIENT)
558 mux_remove_remote_forwardings(ssh, c); 609 mux_remove_remote_forwardings(ssh, c);
559 610
560 s = channel_open_message(ssh); 611 if (log_level_get() >= SYSLOG_LEVEL_DEBUG3) {
561 debug3("channel %d: status: %s", c->self, s); 612 s = channel_open_message(ssh);
562 free(s); 613 debug3("channel %d: status: %s", c->self, s);
614 free(s);
615 }
563 616
564 channel_close_fds(ssh, c); 617 channel_close_fds(ssh, c);
565 sshbuf_free(c->input); 618 sshbuf_free(c->input);
@@ -2599,7 +2652,7 @@ channel_output_poll(struct ssh *ssh)
2599 * SSH_CHANNEL_MUX_PROXY channel and replace the mux clients ID 2652 * SSH_CHANNEL_MUX_PROXY channel and replace the mux clients ID
2600 * with the newly allocated channel ID. 2653 * with the newly allocated channel ID.
2601 * 2) Upstream messages are received by matching SSH_CHANNEL_MUX_PROXY 2654 * 2) Upstream messages are received by matching SSH_CHANNEL_MUX_PROXY
2602 * channels and procesed by channel_proxy_upstream(). The local channel ID 2655 * channels and processed by channel_proxy_upstream(). The local channel ID
2603 * is then translated back to the original mux client ID. 2656 * is then translated back to the original mux client ID.
2604 * 3) In both cases we need to keep track of matching SSH2_MSG_CHANNEL_CLOSE 2657 * 3) In both cases we need to keep track of matching SSH2_MSG_CHANNEL_CLOSE
2605 * messages so we can clean up SSH_CHANNEL_MUX_PROXY channels. 2658 * messages so we can clean up SSH_CHANNEL_MUX_PROXY channels.
@@ -2610,7 +2663,7 @@ channel_output_poll(struct ssh *ssh)
2610 * channel. E.g. client_request_forwarded_tcpip() needs to figure 2663 * channel. E.g. client_request_forwarded_tcpip() needs to figure
2611 * out whether the request is addressed to the local client or a 2664 * out whether the request is addressed to the local client or a
2612 * specific downstream client based on the listen-address/port. 2665 * specific downstream client based on the listen-address/port.
2613 * 6) Agent and X11-Forwarding have a similar problem and are currenly 2666 * 6) Agent and X11-Forwarding have a similar problem and are currently
2614 * not supported as the matching session/channel cannot be identified 2667 * not supported as the matching session/channel cannot be identified
2615 * easily. 2668 * easily.
2616 */ 2669 */
@@ -2729,7 +2782,7 @@ channel_proxy_downstream(struct ssh *ssh, Channel *downstream)
2729 goto out; 2782 goto out;
2730 } 2783 }
2731 /* Record that connection to this host/port is permitted. */ 2784 /* Record that connection to this host/port is permitted. */
2732 fwd_perm_list_add(ssh, FWDPERM_USER, "<mux>", -1, 2785 permission_set_add(ssh, FORWARD_USER, FORWARD_LOCAL, "<mux>", -1,
2733 listen_host, NULL, (int)listen_port, downstream); 2786 listen_host, NULL, (int)listen_port, downstream);
2734 listen_host = NULL; 2787 listen_host = NULL;
2735 break; 2788 break;
@@ -2787,7 +2840,7 @@ channel_proxy_upstream(Channel *c, int type, u_int32_t seq, struct ssh *ssh)
2787 /* 2840 /*
2788 * When receiving packets from the peer we need to check whether we 2841 * When receiving packets from the peer we need to check whether we
2789 * need to forward the packets to the mux client. In this case we 2842 * need to forward the packets to the mux client. In this case we
2790 * restore the orignal channel id and keep track of CLOSE messages, 2843 * restore the original channel id and keep track of CLOSE messages,
2791 * so we can cleanup the channel. 2844 * so we can cleanup the channel.
2792 */ 2845 */
2793 if (c == NULL || c->type != SSH_CHANNEL_MUX_PROXY) 2846 if (c == NULL || c->type != SSH_CHANNEL_MUX_PROXY)
@@ -3637,11 +3690,78 @@ channel_setup_local_fwd_listener(struct ssh *ssh,
3637 } 3690 }
3638} 3691}
3639 3692
3693/* Matches a remote forwarding permission against a requested forwarding */
3694static int
3695remote_open_match(struct permission *allowed_open, struct Forward *fwd)
3696{
3697 int ret;
3698 char *lhost;
3699
3700 /* XXX add ACLs for streamlocal */
3701 if (fwd->listen_path != NULL)
3702 return 1;
3703
3704 if (fwd->listen_host == NULL || allowed_open->listen_host == NULL)
3705 return 0;
3706
3707 if (allowed_open->listen_port != FWD_PERMIT_ANY_PORT &&
3708 allowed_open->listen_port != fwd->listen_port)
3709 return 0;
3710
3711 /* Match hostnames case-insensitively */
3712 lhost = xstrdup(fwd->listen_host);
3713 lowercase(lhost);
3714 ret = match_pattern(lhost, allowed_open->listen_host);
3715 free(lhost);
3716
3717 return ret;
3718}
3719
3720/* Checks whether a requested remote forwarding is permitted */
3721static int
3722check_rfwd_permission(struct ssh *ssh, struct Forward *fwd)
3723{
3724 struct ssh_channels *sc = ssh->chanctxt;
3725 struct permission_set *pset = &sc->remote_perms;
3726 u_int i, permit, permit_adm = 1;
3727 struct permission *perm;
3728
3729 /* XXX apply GatewayPorts override before checking? */
3730
3731 permit = pset->all_permitted;
3732 if (!permit) {
3733 for (i = 0; i < pset->num_permitted_user; i++) {
3734 perm = &pset->permitted_user[i];
3735 if (remote_open_match(perm, fwd)) {
3736 permit = 1;
3737 break;
3738 }
3739 }
3740 }
3741
3742 if (pset->num_permitted_admin > 0) {
3743 permit_adm = 0;
3744 for (i = 0; i < pset->num_permitted_admin; i++) {
3745 perm = &pset->permitted_admin[i];
3746 if (remote_open_match(perm, fwd)) {
3747 permit_adm = 1;
3748 break;
3749 }
3750 }
3751 }
3752
3753 return permit && permit_adm;
3754}
3755
3640/* protocol v2 remote port fwd, used by sshd */ 3756/* protocol v2 remote port fwd, used by sshd */
3641int 3757int
3642channel_setup_remote_fwd_listener(struct ssh *ssh, struct Forward *fwd, 3758channel_setup_remote_fwd_listener(struct ssh *ssh, struct Forward *fwd,
3643 int *allocated_listen_port, struct ForwardOptions *fwd_opts) 3759 int *allocated_listen_port, struct ForwardOptions *fwd_opts)
3644{ 3760{
3761 if (!check_rfwd_permission(ssh, fwd)) {
3762 packet_send_debug("port forwarding refused");
3763 return 0;
3764 }
3645 if (fwd->listen_path != NULL) { 3765 if (fwd->listen_path != NULL) {
3646 return channel_setup_fwd_listener_streamlocal(ssh, 3766 return channel_setup_fwd_listener_streamlocal(ssh,
3647 SSH_CHANNEL_RUNIX_LISTENER, fwd, fwd_opts); 3767 SSH_CHANNEL_RUNIX_LISTENER, fwd, fwd_opts);
@@ -3671,7 +3791,7 @@ channel_rfwd_bind_host(const char *listen_host)
3671 * Initiate forwarding of connections to port "port" on remote host through 3791 * Initiate forwarding of connections to port "port" on remote host through
3672 * the secure channel to host:port from local side. 3792 * the secure channel to host:port from local side.
3673 * Returns handle (index) for updating the dynamic listen port with 3793 * Returns handle (index) for updating the dynamic listen port with
3674 * channel_update_permitted_opens(). 3794 * channel_update_permission().
3675 */ 3795 */
3676int 3796int
3677channel_request_remote_forwarding(struct ssh *ssh, struct Forward *fwd) 3797channel_request_remote_forwarding(struct ssh *ssh, struct Forward *fwd)
@@ -3724,7 +3844,7 @@ channel_request_remote_forwarding(struct ssh *ssh, struct Forward *fwd)
3724 listen_host = xstrdup(fwd->listen_host); 3844 listen_host = xstrdup(fwd->listen_host);
3725 listen_port = fwd->listen_port; 3845 listen_port = fwd->listen_port;
3726 } 3846 }
3727 idx = fwd_perm_list_add(ssh, FWDPERM_USER, 3847 idx = permission_set_add(ssh, FORWARD_USER, FORWARD_LOCAL,
3728 host_to_connect, port_to_connect, 3848 host_to_connect, port_to_connect,
3729 listen_host, listen_path, listen_port, NULL); 3849 listen_host, listen_path, listen_port, NULL);
3730 } 3850 }
@@ -3732,7 +3852,7 @@ channel_request_remote_forwarding(struct ssh *ssh, struct Forward *fwd)
3732} 3852}
3733 3853
3734static int 3854static int
3735open_match(ForwardPermission *allowed_open, const char *requestedhost, 3855open_match(struct permission *allowed_open, const char *requestedhost,
3736 int requestedport) 3856 int requestedport)
3737{ 3857{
3738 if (allowed_open->host_to_connect == NULL) 3858 if (allowed_open->host_to_connect == NULL)
@@ -3753,7 +3873,7 @@ open_match(ForwardPermission *allowed_open, const char *requestedhost,
3753 * and what we've sent to the remote server (channel_rfwd_bind_host) 3873 * and what we've sent to the remote server (channel_rfwd_bind_host)
3754 */ 3874 */
3755static int 3875static int
3756open_listen_match_tcpip(ForwardPermission *allowed_open, 3876open_listen_match_tcpip(struct permission *allowed_open,
3757 const char *requestedhost, u_short requestedport, int translate) 3877 const char *requestedhost, u_short requestedport, int translate)
3758{ 3878{
3759 const char *allowed_host; 3879 const char *allowed_host;
@@ -3768,14 +3888,14 @@ open_listen_match_tcpip(ForwardPermission *allowed_open,
3768 allowed_host = translate ? 3888 allowed_host = translate ?
3769 channel_rfwd_bind_host(allowed_open->listen_host) : 3889 channel_rfwd_bind_host(allowed_open->listen_host) :
3770 allowed_open->listen_host; 3890 allowed_open->listen_host;
3771 if (allowed_host == NULL || 3891 if (allowed_host == NULL || requestedhost == NULL ||
3772 strcmp(allowed_host, requestedhost) != 0) 3892 strcmp(allowed_host, requestedhost) != 0)
3773 return 0; 3893 return 0;
3774 return 1; 3894 return 1;
3775} 3895}
3776 3896
3777static int 3897static int
3778open_listen_match_streamlocal(ForwardPermission *allowed_open, 3898open_listen_match_streamlocal(struct permission *allowed_open,
3779 const char *requestedpath) 3899 const char *requestedpath)
3780{ 3900{
3781 if (allowed_open->host_to_connect == NULL) 3901 if (allowed_open->host_to_connect == NULL)
@@ -3797,17 +3917,18 @@ channel_request_rforward_cancel_tcpip(struct ssh *ssh,
3797 const char *host, u_short port) 3917 const char *host, u_short port)
3798{ 3918{
3799 struct ssh_channels *sc = ssh->chanctxt; 3919 struct ssh_channels *sc = ssh->chanctxt;
3920 struct permission_set *pset = &sc->local_perms;
3800 int r; 3921 int r;
3801 u_int i; 3922 u_int i;
3802 ForwardPermission *fp; 3923 struct permission *perm;
3803 3924
3804 for (i = 0; i < sc->num_permitted_opens; i++) { 3925 for (i = 0; i < pset->num_permitted_user; i++) {
3805 fp = &sc->permitted_opens[i]; 3926 perm = &pset->permitted_user[i];
3806 if (open_listen_match_tcpip(fp, host, port, 0)) 3927 if (open_listen_match_tcpip(perm, host, port, 0))
3807 break; 3928 break;
3808 fp = NULL; 3929 perm = NULL;
3809 } 3930 }
3810 if (fp == NULL) { 3931 if (perm == NULL) {
3811 debug("%s: requested forward not found", __func__); 3932 debug("%s: requested forward not found", __func__);
3812 return -1; 3933 return -1;
3813 } 3934 }
@@ -3819,7 +3940,7 @@ channel_request_rforward_cancel_tcpip(struct ssh *ssh,
3819 (r = sshpkt_send(ssh)) != 0) 3940 (r = sshpkt_send(ssh)) != 0)
3820 fatal("%s: send cancel: %s", __func__, ssh_err(r)); 3941 fatal("%s: send cancel: %s", __func__, ssh_err(r));
3821 3942
3822 fwd_perm_clear(fp); /* unregister */ 3943 fwd_perm_clear(perm); /* unregister */
3823 3944
3824 return 0; 3945 return 0;
3825} 3946}
@@ -3832,17 +3953,18 @@ static int
3832channel_request_rforward_cancel_streamlocal(struct ssh *ssh, const char *path) 3953channel_request_rforward_cancel_streamlocal(struct ssh *ssh, const char *path)
3833{ 3954{
3834 struct ssh_channels *sc = ssh->chanctxt; 3955 struct ssh_channels *sc = ssh->chanctxt;
3956 struct permission_set *pset = &sc->local_perms;
3835 int r; 3957 int r;
3836 u_int i; 3958 u_int i;
3837 ForwardPermission *fp; 3959 struct permission *perm;
3838 3960
3839 for (i = 0; i < sc->num_permitted_opens; i++) { 3961 for (i = 0; i < pset->num_permitted_user; i++) {
3840 fp = &sc->permitted_opens[i]; 3962 perm = &pset->permitted_user[i];
3841 if (open_listen_match_streamlocal(fp, path)) 3963 if (open_listen_match_streamlocal(perm, path))
3842 break; 3964 break;
3843 fp = NULL; 3965 perm = NULL;
3844 } 3966 }
3845 if (fp == NULL) { 3967 if (perm == NULL) {
3846 debug("%s: requested forward not found", __func__); 3968 debug("%s: requested forward not found", __func__);
3847 return -1; 3969 return -1;
3848 } 3970 }
@@ -3854,7 +3976,7 @@ channel_request_rforward_cancel_streamlocal(struct ssh *ssh, const char *path)
3854 (r = sshpkt_send(ssh)) != 0) 3976 (r = sshpkt_send(ssh)) != 0)
3855 fatal("%s: send cancel: %s", __func__, ssh_err(r)); 3977 fatal("%s: send cancel: %s", __func__, ssh_err(r));
3856 3978
3857 fwd_perm_clear(fp); /* unregister */ 3979 fwd_perm_clear(perm); /* unregister */
3858 3980
3859 return 0; 3981 return 0;
3860} 3982}
@@ -3876,25 +3998,64 @@ channel_request_rforward_cancel(struct ssh *ssh, struct Forward *fwd)
3876} 3998}
3877 3999
3878/* 4000/*
3879 * Permits opening to any host/port if permitted_opens[] is empty. This is 4001 * Permits opening to any host/port if permitted_user[] is empty. This is
3880 * usually called by the server, because the user could connect to any port 4002 * usually called by the server, because the user could connect to any port
3881 * anyway, and the server has no way to know but to trust the client anyway. 4003 * anyway, and the server has no way to know but to trust the client anyway.
3882 */ 4004 */
3883void 4005void
3884channel_permit_all_opens(struct ssh *ssh) 4006channel_permit_all(struct ssh *ssh, int where)
3885{ 4007{
3886 if (ssh->chanctxt->num_permitted_opens == 0) 4008 struct permission_set *pset = permission_set_get(ssh, where);
3887 ssh->chanctxt->all_opens_permitted = 1; 4009
4010 if (pset->num_permitted_user == 0)
4011 pset->all_permitted = 1;
3888} 4012}
3889 4013
4014/*
4015 * Permit the specified host/port for forwarding.
4016 */
3890void 4017void
3891channel_add_permitted_opens(struct ssh *ssh, char *host, int port) 4018channel_add_permission(struct ssh *ssh, int who, int where,
4019 char *host, int port)
3892{ 4020{
3893 struct ssh_channels *sc = ssh->chanctxt; 4021 int local = where == FORWARD_LOCAL;
4022 struct permission_set *pset = permission_set_get(ssh, where);
4023
4024 debug("allow %s forwarding to host %s port %d",
4025 fwd_ident(who, where), host, port);
4026 /*
4027 * Remote forwards set listen_host/port, local forwards set
4028 * host/port_to_connect.
4029 */
4030 permission_set_add(ssh, who, where,
4031 local ? host : 0, local ? port : 0,
4032 local ? NULL : host, NULL, local ? 0 : port, NULL);
4033 pset->all_permitted = 0;
4034}
3894 4035
3895 debug("allow port forwarding to host %s port %d", host, port); 4036/*
3896 fwd_perm_list_add(ssh, FWDPERM_USER, host, port, NULL, NULL, 0, NULL); 4037 * Administratively disable forwarding.
3897 sc->all_opens_permitted = 0; 4038 */
4039void
4040channel_disable_admin(struct ssh *ssh, int where)
4041{
4042 channel_clear_permission(ssh, FORWARD_ADM, where);
4043 permission_set_add(ssh, FORWARD_ADM, where,
4044 NULL, 0, NULL, NULL, 0, NULL);
4045}
4046
4047/*
4048 * Clear a list of permitted opens.
4049 */
4050void
4051channel_clear_permission(struct ssh *ssh, int who, int where)
4052{
4053 struct permission **permp;
4054 u_int *npermp;
4055
4056 permission_set_get_array(ssh, who, where, &permp, &npermp);
4057 *permp = xrecallocarray(*permp, *npermp, 0, sizeof(**permp));
4058 *npermp = 0;
3898} 4059}
3899 4060
3900/* 4061/*
@@ -3903,63 +4064,28 @@ channel_add_permitted_opens(struct ssh *ssh, char *host, int port)
3903 * passed then they entry will be invalidated. 4064 * passed then they entry will be invalidated.
3904 */ 4065 */
3905void 4066void
3906channel_update_permitted_opens(struct ssh *ssh, int idx, int newport) 4067channel_update_permission(struct ssh *ssh, int idx, int newport)
3907{ 4068{
3908 struct ssh_channels *sc = ssh->chanctxt; 4069 struct permission_set *pset = &ssh->chanctxt->local_perms;
3909 4070
3910 if (idx < 0 || (u_int)idx >= sc->num_permitted_opens) { 4071 if (idx < 0 || (u_int)idx >= pset->num_permitted_user) {
3911 debug("%s: index out of range: %d num_permitted_opens %d", 4072 debug("%s: index out of range: %d num_permitted_user %d",
3912 __func__, idx, sc->num_permitted_opens); 4073 __func__, idx, pset->num_permitted_user);
3913 return; 4074 return;
3914 } 4075 }
3915 debug("%s allowed port %d for forwarding to host %s port %d", 4076 debug("%s allowed port %d for forwarding to host %s port %d",
3916 newport > 0 ? "Updating" : "Removing", 4077 newport > 0 ? "Updating" : "Removing",
3917 newport, 4078 newport,
3918 sc->permitted_opens[idx].host_to_connect, 4079 pset->permitted_user[idx].host_to_connect,
3919 sc->permitted_opens[idx].port_to_connect); 4080 pset->permitted_user[idx].port_to_connect);
3920 if (newport <= 0) 4081 if (newport <= 0)
3921 fwd_perm_clear(&sc->permitted_opens[idx]); 4082 fwd_perm_clear(&pset->permitted_user[idx]);
3922 else { 4083 else {
3923 sc->permitted_opens[idx].listen_port = 4084 pset->permitted_user[idx].listen_port =
3924 (datafellows & SSH_BUG_DYNAMIC_RPORT) ? 0 : newport; 4085 (datafellows & SSH_BUG_DYNAMIC_RPORT) ? 0 : newport;
3925 } 4086 }
3926} 4087}
3927 4088
3928int
3929channel_add_adm_permitted_opens(struct ssh *ssh, char *host, int port)
3930{
3931 debug("config allows port forwarding to host %s port %d", host, port);
3932 return fwd_perm_list_add(ssh, FWDPERM_ADMIN, host, port,
3933 NULL, NULL, 0, NULL);
3934}
3935
3936void
3937channel_disable_adm_local_opens(struct ssh *ssh)
3938{
3939 channel_clear_adm_permitted_opens(ssh);
3940 fwd_perm_list_add(ssh, FWDPERM_ADMIN, NULL, 0, NULL, NULL, 0, NULL);
3941}
3942
3943void
3944channel_clear_permitted_opens(struct ssh *ssh)
3945{
3946 struct ssh_channels *sc = ssh->chanctxt;
3947
3948 sc->permitted_opens = xrecallocarray(sc->permitted_opens,
3949 sc->num_permitted_opens, 0, sizeof(*sc->permitted_opens));
3950 sc->num_permitted_opens = 0;
3951}
3952
3953void
3954channel_clear_adm_permitted_opens(struct ssh *ssh)
3955{
3956 struct ssh_channels *sc = ssh->chanctxt;
3957
3958 sc->permitted_adm_opens = xrecallocarray(sc->permitted_adm_opens,
3959 sc->num_adm_permitted_opens, 0, sizeof(*sc->permitted_adm_opens));
3960 sc->num_adm_permitted_opens = 0;
3961}
3962
3963/* returns port number, FWD_PERMIT_ANY_PORT or -1 on error */ 4089/* returns port number, FWD_PERMIT_ANY_PORT or -1 on error */
3964int 4090int
3965permitopen_port(const char *p) 4091permitopen_port(const char *p)
@@ -4148,19 +4274,21 @@ channel_connect_by_listen_address(struct ssh *ssh, const char *listen_host,
4148 u_short listen_port, char *ctype, char *rname) 4274 u_short listen_port, char *ctype, char *rname)
4149{ 4275{
4150 struct ssh_channels *sc = ssh->chanctxt; 4276 struct ssh_channels *sc = ssh->chanctxt;
4277 struct permission_set *pset = &sc->local_perms;
4151 u_int i; 4278 u_int i;
4152 ForwardPermission *fp; 4279 struct permission *perm;
4153 4280
4154 for (i = 0; i < sc->num_permitted_opens; i++) { 4281 for (i = 0; i < pset->num_permitted_user; i++) {
4155 fp = &sc->permitted_opens[i]; 4282 perm = &pset->permitted_user[i];
4156 if (open_listen_match_tcpip(fp, listen_host, listen_port, 1)) { 4283 if (open_listen_match_tcpip(perm,
4157 if (fp->downstream) 4284 listen_host, listen_port, 1)) {
4158 return fp->downstream; 4285 if (perm->downstream)
4159 if (fp->port_to_connect == 0) 4286 return perm->downstream;
4287 if (perm->port_to_connect == 0)
4160 return rdynamic_connect_prepare(ssh, 4288 return rdynamic_connect_prepare(ssh,
4161 ctype, rname); 4289 ctype, rname);
4162 return connect_to(ssh, 4290 return connect_to(ssh,
4163 fp->host_to_connect, fp->port_to_connect, 4291 perm->host_to_connect, perm->port_to_connect,
4164 ctype, rname); 4292 ctype, rname);
4165 } 4293 }
4166 } 4294 }
@@ -4174,14 +4302,15 @@ channel_connect_by_listen_path(struct ssh *ssh, const char *path,
4174 char *ctype, char *rname) 4302 char *ctype, char *rname)
4175{ 4303{
4176 struct ssh_channels *sc = ssh->chanctxt; 4304 struct ssh_channels *sc = ssh->chanctxt;
4305 struct permission_set *pset = &sc->local_perms;
4177 u_int i; 4306 u_int i;
4178 ForwardPermission *fp; 4307 struct permission *perm;
4179 4308
4180 for (i = 0; i < sc->num_permitted_opens; i++) { 4309 for (i = 0; i < pset->num_permitted_user; i++) {
4181 fp = &sc->permitted_opens[i]; 4310 perm = &pset->permitted_user[i];
4182 if (open_listen_match_streamlocal(fp, path)) { 4311 if (open_listen_match_streamlocal(perm, path)) {
4183 return connect_to(ssh, 4312 return connect_to(ssh,
4184 fp->host_to_connect, fp->port_to_connect, 4313 perm->host_to_connect, perm->port_to_connect,
4185 ctype, rname); 4314 ctype, rname);
4186 } 4315 }
4187 } 4316 }
@@ -4196,28 +4325,29 @@ channel_connect_to_port(struct ssh *ssh, const char *host, u_short port,
4196 char *ctype, char *rname, int *reason, const char **errmsg) 4325 char *ctype, char *rname, int *reason, const char **errmsg)
4197{ 4326{
4198 struct ssh_channels *sc = ssh->chanctxt; 4327 struct ssh_channels *sc = ssh->chanctxt;
4328 struct permission_set *pset = &sc->local_perms;
4199 struct channel_connect cctx; 4329 struct channel_connect cctx;
4200 Channel *c; 4330 Channel *c;
4201 u_int i, permit, permit_adm = 1; 4331 u_int i, permit, permit_adm = 1;
4202 int sock; 4332 int sock;
4203 ForwardPermission *fp; 4333 struct permission *perm;
4204 4334
4205 permit = sc->all_opens_permitted; 4335 permit = pset->all_permitted;
4206 if (!permit) { 4336 if (!permit) {
4207 for (i = 0; i < sc->num_permitted_opens; i++) { 4337 for (i = 0; i < pset->num_permitted_user; i++) {
4208 fp = &sc->permitted_opens[i]; 4338 perm = &pset->permitted_user[i];
4209 if (open_match(fp, host, port)) { 4339 if (open_match(perm, host, port)) {
4210 permit = 1; 4340 permit = 1;
4211 break; 4341 break;
4212 } 4342 }
4213 } 4343 }
4214 } 4344 }
4215 4345
4216 if (sc->num_adm_permitted_opens > 0) { 4346 if (pset->num_permitted_admin > 0) {
4217 permit_adm = 0; 4347 permit_adm = 0;
4218 for (i = 0; i < sc->num_adm_permitted_opens; i++) { 4348 for (i = 0; i < pset->num_permitted_admin; i++) {
4219 fp = &sc->permitted_adm_opens[i]; 4349 perm = &pset->permitted_admin[i];
4220 if (open_match(fp, host, port)) { 4350 if (open_match(perm, host, port)) {
4221 permit_adm = 1; 4351 permit_adm = 1;
4222 break; 4352 break;
4223 } 4353 }
@@ -4255,25 +4385,26 @@ channel_connect_to_path(struct ssh *ssh, const char *path,
4255 char *ctype, char *rname) 4385 char *ctype, char *rname)
4256{ 4386{
4257 struct ssh_channels *sc = ssh->chanctxt; 4387 struct ssh_channels *sc = ssh->chanctxt;
4388 struct permission_set *pset = &sc->local_perms;
4258 u_int i, permit, permit_adm = 1; 4389 u_int i, permit, permit_adm = 1;
4259 ForwardPermission *fp; 4390 struct permission *perm;
4260 4391
4261 permit = sc->all_opens_permitted; 4392 permit = pset->all_permitted;
4262 if (!permit) { 4393 if (!permit) {
4263 for (i = 0; i < sc->num_permitted_opens; i++) { 4394 for (i = 0; i < pset->num_permitted_user; i++) {
4264 fp = &sc->permitted_opens[i]; 4395 perm = &pset->permitted_user[i];
4265 if (open_match(fp, path, PORT_STREAMLOCAL)) { 4396 if (open_match(perm, path, PORT_STREAMLOCAL)) {
4266 permit = 1; 4397 permit = 1;
4267 break; 4398 break;
4268 } 4399 }
4269 } 4400 }
4270 } 4401 }
4271 4402
4272 if (sc->num_adm_permitted_opens > 0) { 4403 if (pset->num_permitted_admin > 0) {
4273 permit_adm = 0; 4404 permit_adm = 0;
4274 for (i = 0; i < sc->num_adm_permitted_opens; i++) { 4405 for (i = 0; i < pset->num_permitted_admin; i++) {
4275 fp = &sc->permitted_adm_opens[i]; 4406 perm = &pset->permitted_admin[i];
4276 if (open_match(fp, path, PORT_STREAMLOCAL)) { 4407 if (open_match(perm, path, PORT_STREAMLOCAL)) {
4277 permit_adm = 1; 4408 permit_adm = 1;
4278 break; 4409 break;
4279 } 4410 }
diff --git a/channels.h b/channels.h
index 126b04345..1aeafe94e 100644
--- a/channels.h
+++ b/channels.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: channels.h,v 1.130 2017/09/21 19:16:53 markus Exp $ */ 1/* $OpenBSD: channels.h,v 1.131 2018/06/06 18:22:41 djm Exp $ */
2 2
3/* 3/*
4 * Author: Tatu Ylonen <ylo@cs.hut.fi> 4 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -63,6 +63,15 @@
63 63
64#define CHANNEL_CANCEL_PORT_STATIC -1 64#define CHANNEL_CANCEL_PORT_STATIC -1
65 65
66/* TCP forwarding */
67#define FORWARD_DENY 0
68#define FORWARD_REMOTE (1)
69#define FORWARD_LOCAL (1<<1)
70#define FORWARD_ALLOW (FORWARD_REMOTE|FORWARD_LOCAL)
71
72#define FORWARD_ADM 0x100
73#define FORWARD_USER 0x101
74
66struct ssh; 75struct ssh;
67struct Channel; 76struct Channel;
68typedef struct Channel Channel; 77typedef struct Channel Channel;
@@ -283,16 +292,11 @@ int channel_find_open(struct ssh *);
283struct Forward; 292struct Forward;
284struct ForwardOptions; 293struct ForwardOptions;
285void channel_set_af(struct ssh *, int af); 294void channel_set_af(struct ssh *, int af);
286void channel_permit_all_opens(struct ssh *); 295void channel_permit_all(struct ssh *, int);
287void channel_add_permitted_opens(struct ssh *, char *, int); 296void channel_add_permission(struct ssh *, int, int, char *, int);
288int channel_add_adm_permitted_opens(struct ssh *, char *, int); 297void channel_clear_permission(struct ssh *, int, int);
289void channel_copy_adm_permitted_opens(struct ssh *, 298void channel_disable_admin(struct ssh *, int);
290 const struct fwd_perm_list *); 299void channel_update_permission(struct ssh *, int, int);
291void channel_disable_adm_local_opens(struct ssh *);
292void channel_update_permitted_opens(struct ssh *, int, int);
293void channel_clear_permitted_opens(struct ssh *);
294void channel_clear_adm_permitted_opens(struct ssh *);
295void channel_print_adm_permitted_opens(struct ssh *);
296Channel *channel_connect_to_port(struct ssh *, const char *, u_short, 300Channel *channel_connect_to_port(struct ssh *, const char *, u_short,
297 char *, char *, int *, const char **); 301 char *, char *, int *, const char **);
298Channel *channel_connect_to_path(struct ssh *, const char *, char *, char *); 302Channel *channel_connect_to_path(struct ssh *, const char *, char *, char *);
diff --git a/cipher.c b/cipher.c
index 578763616..a72682a82 100644
--- a/cipher.c
+++ b/cipher.c
@@ -82,7 +82,9 @@ struct sshcipher {
82 82
83static const struct sshcipher ciphers[] = { 83static const struct sshcipher ciphers[] = {
84#ifdef WITH_OPENSSL 84#ifdef WITH_OPENSSL
85#ifndef OPENSSL_NO_DES
85 { "3des-cbc", 8, 24, 0, 0, CFLAG_CBC, EVP_des_ede3_cbc }, 86 { "3des-cbc", 8, 24, 0, 0, CFLAG_CBC, EVP_des_ede3_cbc },
87#endif
86 { "aes128-cbc", 16, 16, 0, 0, CFLAG_CBC, EVP_aes_128_cbc }, 88 { "aes128-cbc", 16, 16, 0, 0, CFLAG_CBC, EVP_aes_128_cbc },
87 { "aes192-cbc", 16, 24, 0, 0, CFLAG_CBC, EVP_aes_192_cbc }, 89 { "aes192-cbc", 16, 24, 0, 0, CFLAG_CBC, EVP_aes_192_cbc },
88 { "aes256-cbc", 16, 32, 0, 0, CFLAG_CBC, EVP_aes_256_cbc }, 90 { "aes256-cbc", 16, 32, 0, 0, CFLAG_CBC, EVP_aes_256_cbc },
diff --git a/clientloop.c b/clientloop.c
index ef803e985..e69c5141f 100644
--- a/clientloop.c
+++ b/clientloop.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: clientloop.c,v 1.311 2018/02/11 21:16:56 dtucker Exp $ */ 1/* $OpenBSD: clientloop.c,v 1.317 2018/07/11 18:53:29 markus Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -91,11 +91,11 @@
91#include "ssh.h" 91#include "ssh.h"
92#include "ssh2.h" 92#include "ssh2.h"
93#include "packet.h" 93#include "packet.h"
94#include "buffer.h" 94#include "sshbuf.h"
95#include "compat.h" 95#include "compat.h"
96#include "channels.h" 96#include "channels.h"
97#include "dispatch.h" 97#include "dispatch.h"
98#include "key.h" 98#include "sshkey.h"
99#include "cipher.h" 99#include "cipher.h"
100#include "kex.h" 100#include "kex.h"
101#include "myproposal.h" 101#include "myproposal.h"
@@ -157,7 +157,7 @@ static time_t control_persist_exit_time = 0;
157volatile sig_atomic_t quit_pending; /* Set non-zero to quit the loop. */ 157volatile sig_atomic_t quit_pending; /* Set non-zero to quit the loop. */
158static int last_was_cr; /* Last character was a newline. */ 158static int last_was_cr; /* Last character was a newline. */
159static int exit_status; /* Used to store the command exit status. */ 159static int exit_status; /* Used to store the command exit status. */
160static Buffer stderr_buffer; /* Used for final exit message. */ 160static struct sshbuf *stderr_buffer; /* Used for final exit message. */
161static int connection_in; /* Connection to server (input). */ 161static int connection_in; /* Connection to server (input). */
162static int connection_out; /* Connection to server (output). */ 162static int connection_out; /* Connection to server (output). */
163static int need_rekeying; /* Set to non-zero if rekeying is requested. */ 163static int need_rekeying; /* Set to non-zero if rekeying is requested. */
@@ -192,7 +192,7 @@ TAILQ_HEAD(global_confirms, global_confirm);
192static struct global_confirms global_confirms = 192static struct global_confirms global_confirms =
193 TAILQ_HEAD_INITIALIZER(global_confirms); 193 TAILQ_HEAD_INITIALIZER(global_confirms);
194 194
195void ssh_process_session2_setup(int, int, int, Buffer *); 195void ssh_process_session2_setup(int, int, int, struct sshbuf *);
196 196
197/* Restores stdin to blocking mode. */ 197/* Restores stdin to blocking mode. */
198 198
@@ -497,7 +497,7 @@ client_wait_until_can_do_something(struct ssh *ssh,
497 struct timeval tv, *tvp; 497 struct timeval tv, *tvp;
498 int timeout_secs; 498 int timeout_secs;
499 time_t minwait_secs = 0, server_alive_time = 0, now = monotime(); 499 time_t minwait_secs = 0, server_alive_time = 0, now = monotime();
500 int ret; 500 int r, ret;
501 501
502 /* Add any selections by the channel mechanism. */ 502 /* Add any selections by the channel mechanism. */
503 channel_prepare_select(active_state, readsetp, writesetp, maxfdp, 503 channel_prepare_select(active_state, readsetp, writesetp, maxfdp,
@@ -550,8 +550,6 @@ client_wait_until_can_do_something(struct ssh *ssh,
550 550
551 ret = select((*maxfdp)+1, *readsetp, *writesetp, NULL, tvp); 551 ret = select((*maxfdp)+1, *readsetp, *writesetp, NULL, tvp);
552 if (ret < 0) { 552 if (ret < 0) {
553 char buf[100];
554
555 /* 553 /*
556 * We have to clear the select masks, because we return. 554 * We have to clear the select masks, because we return.
557 * We have to return, because the mainloop checks for the flags 555 * We have to return, because the mainloop checks for the flags
@@ -563,8 +561,9 @@ client_wait_until_can_do_something(struct ssh *ssh,
563 if (errno == EINTR) 561 if (errno == EINTR)
564 return; 562 return;
565 /* Note: we might still have data in the buffers. */ 563 /* Note: we might still have data in the buffers. */
566 snprintf(buf, sizeof buf, "select: %s\r\n", strerror(errno)); 564 if ((r = sshbuf_putf(stderr_buffer,
567 buffer_append(&stderr_buffer, buf, strlen(buf)); 565 "select: %s\r\n", strerror(errno))) != 0)
566 fatal("%s: buffer error: %s", __func__, ssh_err(r));
568 quit_pending = 1; 567 quit_pending = 1;
569 } else if (ret == 0) { 568 } else if (ret == 0) {
570 /* 569 /*
@@ -578,15 +577,15 @@ client_wait_until_can_do_something(struct ssh *ssh,
578} 577}
579 578
580static void 579static void
581client_suspend_self(Buffer *bin, Buffer *bout, Buffer *berr) 580client_suspend_self(struct sshbuf *bin, struct sshbuf *bout, struct sshbuf *berr)
582{ 581{
583 /* Flush stdout and stderr buffers. */ 582 /* Flush stdout and stderr buffers. */
584 if (buffer_len(bout) > 0) 583 if (sshbuf_len(bout) > 0)
585 atomicio(vwrite, fileno(stdout), buffer_ptr(bout), 584 atomicio(vwrite, fileno(stdout), sshbuf_mutable_ptr(bout),
586 buffer_len(bout)); 585 sshbuf_len(bout));
587 if (buffer_len(berr) > 0) 586 if (sshbuf_len(berr) > 0)
588 atomicio(vwrite, fileno(stderr), buffer_ptr(berr), 587 atomicio(vwrite, fileno(stderr), sshbuf_mutable_ptr(berr),
589 buffer_len(berr)); 588 sshbuf_len(berr));
590 589
591 leave_raw_mode(options.request_tty == REQUEST_TTY_FORCE); 590 leave_raw_mode(options.request_tty == REQUEST_TTY_FORCE);
592 591
@@ -606,8 +605,8 @@ client_suspend_self(Buffer *bin, Buffer *bout, Buffer *berr)
606static void 605static void
607client_process_net_input(fd_set *readset) 606client_process_net_input(fd_set *readset)
608{ 607{
609 int len;
610 char buf[SSH_IOBUFSZ]; 608 char buf[SSH_IOBUFSZ];
609 int r, len;
611 610
612 /* 611 /*
613 * Read input from the server, and add any such data to the buffer of 612 * Read input from the server, and add any such data to the buffer of
@@ -621,10 +620,11 @@ client_process_net_input(fd_set *readset)
621 * Received EOF. The remote host has closed the 620 * Received EOF. The remote host has closed the
622 * connection. 621 * connection.
623 */ 622 */
624 snprintf(buf, sizeof buf, 623 if ((r = sshbuf_putf(stderr_buffer,
625 "Connection to %.300s closed by remote host.\r\n", 624 "Connection to %.300s closed by remote host.\r\n",
626 host); 625 host)) != 0)
627 buffer_append(&stderr_buffer, buf, strlen(buf)); 626 fatal("%s: buffer error: %s",
627 __func__, ssh_err(r));
628 quit_pending = 1; 628 quit_pending = 1;
629 return; 629 return;
630 } 630 }
@@ -641,10 +641,11 @@ client_process_net_input(fd_set *readset)
641 * An error has encountered. Perhaps there is a 641 * An error has encountered. Perhaps there is a
642 * network problem. 642 * network problem.
643 */ 643 */
644 snprintf(buf, sizeof buf, 644 if ((r = sshbuf_putf(stderr_buffer,
645 "Read from remote host %.300s: %.100s\r\n", 645 "Read from remote host %.300s: %.100s\r\n",
646 host, strerror(errno)); 646 host, strerror(errno))) != 0)
647 buffer_append(&stderr_buffer, buf, strlen(buf)); 647 fatal("%s: buffer error: %s",
648 __func__, ssh_err(r));
648 quit_pending = 1; 649 quit_pending = 1;
649 return; 650 return;
650 } 651 }
@@ -657,7 +658,7 @@ client_status_confirm(struct ssh *ssh, int type, Channel *c, void *ctx)
657{ 658{
658 struct channel_reply_ctx *cr = (struct channel_reply_ctx *)ctx; 659 struct channel_reply_ctx *cr = (struct channel_reply_ctx *)ctx;
659 char errmsg[256]; 660 char errmsg[256];
660 int tochan; 661 int r, tochan;
661 662
662 /* 663 /*
663 * If a TTY was explicitly requested, then a failure to allocate 664 * If a TTY was explicitly requested, then a failure to allocate
@@ -668,7 +669,7 @@ client_status_confirm(struct ssh *ssh, int type, Channel *c, void *ctx)
668 options.request_tty == REQUEST_TTY_YES)) 669 options.request_tty == REQUEST_TTY_YES))
669 cr->action = CONFIRM_CLOSE; 670 cr->action = CONFIRM_CLOSE;
670 671
671 /* XXX supress on mux _client_ quietmode */ 672 /* XXX suppress on mux _client_ quietmode */
672 tochan = options.log_level >= SYSLOG_LEVEL_ERROR && 673 tochan = options.log_level >= SYSLOG_LEVEL_ERROR &&
673 c->ctl_chan != -1 && c->extended_usage == CHAN_EXTENDED_WRITE; 674 c->ctl_chan != -1 && c->extended_usage == CHAN_EXTENDED_WRITE;
674 675
@@ -692,7 +693,10 @@ client_status_confirm(struct ssh *ssh, int type, Channel *c, void *ctx)
692 * their stderr. 693 * their stderr.
693 */ 694 */
694 if (tochan) { 695 if (tochan) {
695 buffer_append(c->extended, errmsg, strlen(errmsg)); 696 if ((r = sshbuf_put(c->extended, errmsg,
697 strlen(errmsg))) != 0)
698 fatal("%s: buffer error %s", __func__,
699 ssh_err(r));
696 } else 700 } else
697 error("%s", errmsg); 701 error("%s", errmsg);
698 if (cr->action == CONFIRM_TTY) { 702 if (cr->action == CONFIRM_TTY) {
@@ -896,14 +900,15 @@ static struct escape_help_text esc_txt[] = {
896}; 900};
897 901
898static void 902static void
899print_escape_help(Buffer *b, int escape_char, int mux_client, int using_stderr) 903print_escape_help(struct sshbuf *b, int escape_char, int mux_client,
904 int using_stderr)
900{ 905{
901 unsigned int i, suppress_flags; 906 unsigned int i, suppress_flags;
902 char string[1024]; 907 int r;
903 908
904 snprintf(string, sizeof string, "%c?\r\n" 909 if ((r = sshbuf_putf(b,
905 "Supported escape sequences:\r\n", escape_char); 910 "%c?\r\nSupported escape sequences:\r\n", escape_char)) != 0)
906 buffer_append(b, string, strlen(string)); 911 fatal("%s: buffer error: %s", __func__, ssh_err(r));
907 912
908 suppress_flags = 913 suppress_flags =
909 (mux_client ? SUPPRESS_MUXCLIENT : 0) | 914 (mux_client ? SUPPRESS_MUXCLIENT : 0) |
@@ -913,29 +918,28 @@ print_escape_help(Buffer *b, int escape_char, int mux_client, int using_stderr)
913 for (i = 0; i < sizeof(esc_txt)/sizeof(esc_txt[0]); i++) { 918 for (i = 0; i < sizeof(esc_txt)/sizeof(esc_txt[0]); i++) {
914 if (esc_txt[i].flags & suppress_flags) 919 if (esc_txt[i].flags & suppress_flags)
915 continue; 920 continue;
916 snprintf(string, sizeof string, " %c%-3s - %s\r\n", 921 if ((r = sshbuf_putf(b, " %c%-3s - %s\r\n",
917 escape_char, esc_txt[i].cmd, esc_txt[i].text); 922 escape_char, esc_txt[i].cmd, esc_txt[i].text)) != 0)
918 buffer_append(b, string, strlen(string)); 923 fatal("%s: buffer error: %s", __func__, ssh_err(r));
919 } 924 }
920 925
921 snprintf(string, sizeof string, 926 if ((r = sshbuf_putf(b,
922 " %c%c - send the escape character by typing it twice\r\n" 927 " %c%c - send the escape character by typing it twice\r\n"
923 "(Note that escapes are only recognized immediately after " 928 "(Note that escapes are only recognized immediately after "
924 "newline.)\r\n", escape_char, escape_char); 929 "newline.)\r\n", escape_char, escape_char)) != 0)
925 buffer_append(b, string, strlen(string)); 930 fatal("%s: buffer error: %s", __func__, ssh_err(r));
926} 931}
927 932
928/* 933/*
929 * Process the characters one by one. 934 * Process the characters one by one.
930 */ 935 */
931static int 936static int
932process_escapes(struct ssh *ssh, Channel *c, 937process_escapes(struct ssh *ssh, Channel *c,
933 Buffer *bin, Buffer *bout, Buffer *berr, 938 struct sshbuf *bin, struct sshbuf *bout, struct sshbuf *berr,
934 char *buf, int len) 939 char *buf, int len)
935{ 940{
936 char string[1024];
937 pid_t pid; 941 pid_t pid;
938 int bytes = 0; 942 int r, bytes = 0;
939 u_int i; 943 u_int i;
940 u_char ch; 944 u_char ch;
941 char *s; 945 char *s;
@@ -944,7 +948,7 @@ process_escapes(struct ssh *ssh, Channel *c,
944 948
945 if (c->filter_ctx == NULL) 949 if (c->filter_ctx == NULL)
946 return 0; 950 return 0;
947 951
948 if (len <= 0) 952 if (len <= 0)
949 return (0); 953 return (0);
950 954
@@ -961,10 +965,10 @@ process_escapes(struct ssh *ssh, Channel *c,
961 switch (ch) { 965 switch (ch) {
962 case '.': 966 case '.':
963 /* Terminate the connection. */ 967 /* Terminate the connection. */
964 snprintf(string, sizeof string, "%c.\r\n", 968 if ((r = sshbuf_putf(berr, "%c.\r\n",
965 efc->escape_char); 969 efc->escape_char)) != 0)
966 buffer_append(berr, string, strlen(string)); 970 fatal("%s: buffer error: %s",
967 971 __func__, ssh_err(r));
968 if (c && c->ctl_chan != -1) { 972 if (c && c->ctl_chan != -1) {
969 chan_read_failed(ssh, c); 973 chan_read_failed(ssh, c);
970 chan_write_failed(ssh, c); 974 chan_write_failed(ssh, c);
@@ -973,7 +977,7 @@ process_escapes(struct ssh *ssh, Channel *c,
973 c->self, NULL); 977 c->self, NULL);
974 } 978 }
975 c->type = SSH_CHANNEL_ABANDONED; 979 c->type = SSH_CHANNEL_ABANDONED;
976 buffer_clear(c->input); 980 sshbuf_reset(c->input);
977 chan_ibuf_empty(ssh, c); 981 chan_ibuf_empty(ssh, c);
978 return 0; 982 return 0;
979 } else 983 } else
@@ -989,18 +993,20 @@ process_escapes(struct ssh *ssh, Channel *c,
989 snprintf(b, sizeof b, "^Z"); 993 snprintf(b, sizeof b, "^Z");
990 else 994 else
991 snprintf(b, sizeof b, "%c", ch); 995 snprintf(b, sizeof b, "%c", ch);
992 snprintf(string, sizeof string, 996 if ((r = sshbuf_putf(berr,
993 "%c%s escape not available to " 997 "%c%s escape not available to "
994 "multiplexed sessions\r\n", 998 "multiplexed sessions\r\n",
995 efc->escape_char, b); 999 efc->escape_char, b)) != 0)
996 buffer_append(berr, string, 1000 fatal("%s: buffer error: %s",
997 strlen(string)); 1001 __func__, ssh_err(r));
998 continue; 1002 continue;
999 } 1003 }
1000 /* Suspend the program. Inform the user */ 1004 /* Suspend the program. Inform the user */
1001 snprintf(string, sizeof string, 1005 if ((r = sshbuf_putf(berr,
1002 "%c^Z [suspend ssh]\r\n", efc->escape_char); 1006 "%c^Z [suspend ssh]\r\n",
1003 buffer_append(berr, string, strlen(string)); 1007 efc->escape_char)) != 0)
1008 fatal("%s: buffer error: %s",
1009 __func__, ssh_err(r));
1004 1010
1005 /* Restore terminal modes and suspend. */ 1011 /* Restore terminal modes and suspend. */
1006 client_suspend_self(bin, bout, berr); 1012 client_suspend_self(bin, bout, berr);
@@ -1009,12 +1015,15 @@ process_escapes(struct ssh *ssh, Channel *c,
1009 continue; 1015 continue;
1010 1016
1011 case 'B': 1017 case 'B':
1012 snprintf(string, sizeof string, 1018 if ((r = sshbuf_putf(berr,
1013 "%cB\r\n", efc->escape_char); 1019 "%cB\r\n", efc->escape_char)) != 0)
1014 buffer_append(berr, string, strlen(string)); 1020 fatal("%s: buffer error: %s",
1021 __func__, ssh_err(r));
1015 channel_request_start(ssh, c->self, "break", 0); 1022 channel_request_start(ssh, c->self, "break", 0);
1016 packet_put_int(1000); 1023 if ((r = sshpkt_put_u32(ssh, 1000)) != 0 ||
1017 packet_send(); 1024 (r = sshpkt_send(ssh)) != 0)
1025 fatal("%s: %s", __func__,
1026 ssh_err(r));
1018 continue; 1027 continue;
1019 1028
1020 case 'R': 1029 case 'R':
@@ -1031,11 +1040,11 @@ process_escapes(struct ssh *ssh, Channel *c,
1031 if (c && c->ctl_chan != -1) 1040 if (c && c->ctl_chan != -1)
1032 goto noescape; 1041 goto noescape;
1033 if (!log_is_on_stderr()) { 1042 if (!log_is_on_stderr()) {
1034 snprintf(string, sizeof string, 1043 if ((r = sshbuf_putf(berr,
1035 "%c%c [Logging to syslog]\r\n", 1044 "%c%c [Logging to syslog]\r\n",
1036 efc->escape_char, ch); 1045 efc->escape_char, ch)) != 0)
1037 buffer_append(berr, string, 1046 fatal("%s: buffer error: %s",
1038 strlen(string)); 1047 __func__, ssh_err(r));
1039 continue; 1048 continue;
1040 } 1049 }
1041 if (ch == 'V' && options.log_level > 1050 if (ch == 'V' && options.log_level >
@@ -1044,11 +1053,12 @@ process_escapes(struct ssh *ssh, Channel *c,
1044 if (ch == 'v' && options.log_level < 1053 if (ch == 'v' && options.log_level <
1045 SYSLOG_LEVEL_DEBUG3) 1054 SYSLOG_LEVEL_DEBUG3)
1046 log_change_level(++options.log_level); 1055 log_change_level(++options.log_level);
1047 snprintf(string, sizeof string, 1056 if ((r = sshbuf_putf(berr,
1048 "%c%c [LogLevel %s]\r\n", 1057 "%c%c [LogLevel %s]\r\n",
1049 efc->escape_char, ch, 1058 efc->escape_char, ch,
1050 log_level_name(options.log_level)); 1059 log_level_name(options.log_level))) != 0)
1051 buffer_append(berr, string, strlen(string)); 1060 fatal("%s: buffer error: %s",
1061 __func__, ssh_err(r));
1052 continue; 1062 continue;
1053 1063
1054 case '&': 1064 case '&':
@@ -1066,9 +1076,11 @@ process_escapes(struct ssh *ssh, Channel *c,
1066 /* Stop listening for new connections. */ 1076 /* Stop listening for new connections. */
1067 channel_stop_listening(ssh); 1077 channel_stop_listening(ssh);
1068 1078
1069 snprintf(string, sizeof string, 1079 if ((r = sshbuf_putf(berr,
1070 "%c& [backgrounded]\n", efc->escape_char); 1080 "%c& [backgrounded]\n", efc->escape_char))
1071 buffer_append(berr, string, strlen(string)); 1081 != 0)
1082 fatal("%s: buffer error: %s",
1083 __func__, ssh_err(r));
1072 1084
1073 /* Fork into background. */ 1085 /* Fork into background. */
1074 pid = fork(); 1086 pid = fork();
@@ -1081,8 +1093,10 @@ process_escapes(struct ssh *ssh, Channel *c,
1081 exit(0); 1093 exit(0);
1082 } 1094 }
1083 /* The child continues serving connections. */ 1095 /* The child continues serving connections. */
1084 buffer_append(bin, "\004", 1);
1085 /* fake EOF on stdin */ 1096 /* fake EOF on stdin */
1097 if ((r = sshbuf_put_u8(bin, 4)) != 0)
1098 fatal("%s: buffer error: %s",
1099 __func__, ssh_err(r));
1086 return -1; 1100 return -1;
1087 case '?': 1101 case '?':
1088 print_escape_help(berr, efc->escape_char, 1102 print_escape_help(berr, efc->escape_char,
@@ -1091,11 +1105,14 @@ process_escapes(struct ssh *ssh, Channel *c,
1091 continue; 1105 continue;
1092 1106
1093 case '#': 1107 case '#':
1094 snprintf(string, sizeof string, "%c#\r\n", 1108 if ((r = sshbuf_putf(berr, "%c#\r\n",
1095 efc->escape_char); 1109 efc->escape_char)) != 0)
1096 buffer_append(berr, string, strlen(string)); 1110 fatal("%s: buffer error: %s",
1111 __func__, ssh_err(r));
1097 s = channel_open_message(ssh); 1112 s = channel_open_message(ssh);
1098 buffer_append(berr, s, strlen(s)); 1113 if ((r = sshbuf_put(berr, s, strlen(s))) != 0)
1114 fatal("%s: buffer error: %s",
1115 __func__, ssh_err(r));
1099 free(s); 1116 free(s);
1100 continue; 1117 continue;
1101 1118
@@ -1107,7 +1124,10 @@ process_escapes(struct ssh *ssh, Channel *c,
1107 1124
1108 default: 1125 default:
1109 if (ch != efc->escape_char) { 1126 if (ch != efc->escape_char) {
1110 buffer_put_char(bin, efc->escape_char); 1127 if ((r = sshbuf_put_u8(bin,
1128 efc->escape_char)) != 0)
1129 fatal("%s: buffer error: %s",
1130 __func__, ssh_err(r));
1111 bytes++; 1131 bytes++;
1112 } 1132 }
1113 /* Escaped characters fall through here */ 1133 /* Escaped characters fall through here */
@@ -1133,7 +1153,8 @@ process_escapes(struct ssh *ssh, Channel *c,
1133 * and append it to the buffer. 1153 * and append it to the buffer.
1134 */ 1154 */
1135 last_was_cr = (ch == '\r' || ch == '\n'); 1155 last_was_cr = (ch == '\r' || ch == '\n');
1136 buffer_put_char(bin, ch); 1156 if ((r = sshbuf_put_u8(bin, ch)) != 0)
1157 fatal("%s: buffer error: %s", __func__, ssh_err(r));
1137 bytes++; 1158 bytes++;
1138 } 1159 }
1139 return bytes; 1160 return bytes;
@@ -1257,8 +1278,9 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg,
1257 1278
1258 quit_pending = 0; 1279 quit_pending = 0;
1259 1280
1260 /* Initialize buffers. */ 1281 /* Initialize buffer. */
1261 buffer_init(&stderr_buffer); 1282 if ((stderr_buffer = sshbuf_new()) == NULL)
1283 fatal("%s: sshbuf_new failed", __func__);
1262 1284
1263 client_init_dispatch(); 1285 client_init_dispatch();
1264 1286
@@ -1424,24 +1446,25 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg,
1424 * that the connection has been closed. 1446 * that the connection has been closed.
1425 */ 1447 */
1426 if (have_pty && options.log_level != SYSLOG_LEVEL_QUIET) { 1448 if (have_pty && options.log_level != SYSLOG_LEVEL_QUIET) {
1427 snprintf(buf, sizeof buf, 1449 if ((r = sshbuf_putf(stderr_buffer,
1428 "Connection to %.64s closed.\r\n", host); 1450 "Connection to %.64s closed.\r\n", host)) != 0)
1429 buffer_append(&stderr_buffer, buf, strlen(buf)); 1451 fatal("%s: buffer error: %s", __func__, ssh_err(r));
1430 } 1452 }
1431 1453
1432 /* Output any buffered data for stderr. */ 1454 /* Output any buffered data for stderr. */
1433 if (buffer_len(&stderr_buffer) > 0) { 1455 if (sshbuf_len(stderr_buffer) > 0) {
1434 len = atomicio(vwrite, fileno(stderr), 1456 len = atomicio(vwrite, fileno(stderr),
1435 buffer_ptr(&stderr_buffer), buffer_len(&stderr_buffer)); 1457 (u_char *)sshbuf_ptr(stderr_buffer),
1436 if (len < 0 || (u_int)len != buffer_len(&stderr_buffer)) 1458 sshbuf_len(stderr_buffer));
1459 if (len < 0 || (u_int)len != sshbuf_len(stderr_buffer))
1437 error("Write failed flushing stderr buffer."); 1460 error("Write failed flushing stderr buffer.");
1438 else 1461 else if ((r = sshbuf_consume(stderr_buffer, len)) != 0)
1439 buffer_consume(&stderr_buffer, len); 1462 fatal("%s: buffer error: %s", __func__, ssh_err(r));
1440 } 1463 }
1441 1464
1442 /* Clear and free any buffers. */ 1465 /* Clear and free any buffers. */
1443 explicit_bzero(buf, sizeof(buf)); 1466 explicit_bzero(buf, sizeof(buf));
1444 buffer_free(&stderr_buffer); 1467 sshbuf_free(stderr_buffer);
1445 1468
1446 /* Report bytes transferred, and transfer rates. */ 1469 /* Report bytes transferred, and transfer rates. */
1447 total_time = monotime_double() - start_time; 1470 total_time = monotime_double() - start_time;
@@ -1759,7 +1782,7 @@ struct hostkeys_update_ctx {
1759 */ 1782 */
1760 struct sshkey **keys; 1783 struct sshkey **keys;
1761 int *keys_seen; 1784 int *keys_seen;
1762 size_t nkeys, nnew; 1785 size_t nkeys, nnew;
1763 1786
1764 /* 1787 /*
1765 * Keys that are in known_hosts, but were not present in the update 1788 * Keys that are in known_hosts, but were not present in the update
@@ -2169,9 +2192,11 @@ client_input_global_request(int type, u_int32_t seq, struct ssh *ssh)
2169 2192
2170void 2193void
2171client_session2_setup(struct ssh *ssh, int id, int want_tty, int want_subsystem, 2194client_session2_setup(struct ssh *ssh, int id, int want_tty, int want_subsystem,
2172 const char *term, struct termios *tiop, int in_fd, Buffer *cmd, char **env) 2195 const char *term, struct termios *tiop, int in_fd, struct sshbuf *cmd,
2196 char **env)
2173{ 2197{
2174 int len; 2198 int i, j, matched, len;
2199 char *name, *val;
2175 Channel *c = NULL; 2200 Channel *c = NULL;
2176 2201
2177 debug2("%s: id %d", __func__, id); 2202 debug2("%s: id %d", __func__, id);
@@ -2198,7 +2223,7 @@ client_session2_setup(struct ssh *ssh, int id, int want_tty, int want_subsystem,
2198 packet_put_int((u_int)ws.ws_ypixel); 2223 packet_put_int((u_int)ws.ws_ypixel);
2199 if (tiop == NULL) 2224 if (tiop == NULL)
2200 tiop = get_saved_tio(); 2225 tiop = get_saved_tio();
2201 tty_make_modes(-1, tiop); 2226 ssh_tty_make_modes(ssh, -1, tiop);
2202 packet_send(); 2227 packet_send();
2203 /* XXX wait for reply */ 2228 /* XXX wait for reply */
2204 c->client_tty = 1; 2229 c->client_tty = 1;
@@ -2206,9 +2231,6 @@ client_session2_setup(struct ssh *ssh, int id, int want_tty, int want_subsystem,
2206 2231
2207 /* Transfer any environment variables from client to server */ 2232 /* Transfer any environment variables from client to server */
2208 if (options.num_send_env != 0 && env != NULL) { 2233 if (options.num_send_env != 0 && env != NULL) {
2209 int i, j, matched;
2210 char *name, *val;
2211
2212 debug("Sending environment."); 2234 debug("Sending environment.");
2213 for (i = 0; env[i] != NULL; i++) { 2235 for (i = 0; env[i] != NULL; i++) {
2214 /* Split */ 2236 /* Split */
@@ -2240,24 +2262,40 @@ client_session2_setup(struct ssh *ssh, int id, int want_tty, int want_subsystem,
2240 free(name); 2262 free(name);
2241 } 2263 }
2242 } 2264 }
2265 for (i = 0; i < options.num_setenv; i++) {
2266 /* Split */
2267 name = xstrdup(options.setenv[i]);
2268 if ((val = strchr(name, '=')) == NULL) {
2269 free(name);
2270 continue;
2271 }
2272 *val++ = '\0';
2273
2274 debug("Setting env %s = %s", name, val);
2275 channel_request_start(ssh, id, "env", 0);
2276 packet_put_cstring(name);
2277 packet_put_cstring(val);
2278 packet_send();
2279 free(name);
2280 }
2243 2281
2244 len = buffer_len(cmd); 2282 len = sshbuf_len(cmd);
2245 if (len > 0) { 2283 if (len > 0) {
2246 if (len > 900) 2284 if (len > 900)
2247 len = 900; 2285 len = 900;
2248 if (want_subsystem) { 2286 if (want_subsystem) {
2249 debug("Sending subsystem: %.*s", 2287 debug("Sending subsystem: %.*s",
2250 len, (u_char*)buffer_ptr(cmd)); 2288 len, (const u_char*)sshbuf_ptr(cmd));
2251 channel_request_start(ssh, id, "subsystem", 1); 2289 channel_request_start(ssh, id, "subsystem", 1);
2252 client_expect_confirm(ssh, id, "subsystem", 2290 client_expect_confirm(ssh, id, "subsystem",
2253 CONFIRM_CLOSE); 2291 CONFIRM_CLOSE);
2254 } else { 2292 } else {
2255 debug("Sending command: %.*s", 2293 debug("Sending command: %.*s",
2256 len, (u_char*)buffer_ptr(cmd)); 2294 len, (const u_char*)sshbuf_ptr(cmd));
2257 channel_request_start(ssh, id, "exec", 1); 2295 channel_request_start(ssh, id, "exec", 1);
2258 client_expect_confirm(ssh, id, "exec", CONFIRM_CLOSE); 2296 client_expect_confirm(ssh, id, "exec", CONFIRM_CLOSE);
2259 } 2297 }
2260 packet_put_string(buffer_ptr(cmd), buffer_len(cmd)); 2298 packet_put_string(sshbuf_ptr(cmd), sshbuf_len(cmd));
2261 packet_send(); 2299 packet_send();
2262 } else { 2300 } else {
2263 channel_request_start(ssh, id, "shell", 1); 2301 channel_request_start(ssh, id, "shell", 1);
diff --git a/clientloop.h b/clientloop.h
index 8d1f0bff6..bf79c87bf 100644
--- a/clientloop.h
+++ b/clientloop.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: clientloop.h,v 1.35 2017/10/23 05:08:00 djm Exp $ */ 1/* $OpenBSD: clientloop.h,v 1.36 2018/07/09 21:03:30 markus Exp $ */
2 2
3/* 3/*
4 * Author: Tatu Ylonen <ylo@cs.hut.fi> 4 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -45,7 +45,7 @@ int client_x11_get_proto(struct ssh *, const char *, const char *,
45 u_int, u_int, char **, char **); 45 u_int, u_int, char **, char **);
46void client_global_request_reply_fwd(int, u_int32_t, void *); 46void client_global_request_reply_fwd(int, u_int32_t, void *);
47void client_session2_setup(struct ssh *, int, int, int, 47void client_session2_setup(struct ssh *, int, int, int,
48 const char *, struct termios *, int, Buffer *, char **); 48 const char *, struct termios *, int, struct sshbuf *, char **);
49char *client_request_tun_fwd(struct ssh *, int, int, int); 49char *client_request_tun_fwd(struct ssh *, int, int, int);
50void client_stop_mux(void); 50void client_stop_mux(void);
51 51
diff --git a/compat.c b/compat.c
index 861e9e21f..0624dc6de 100644
--- a/compat.c
+++ b/compat.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: compat.c,v 1.106 2018/02/16 04:43:11 dtucker Exp $ */ 1/* $OpenBSD: compat.c,v 1.113 2018/08/13 02:41:05 djm Exp $ */
2/* 2/*
3 * Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl. All rights reserved. 3 * Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl. All rights reserved.
4 * 4 *
@@ -32,7 +32,6 @@
32#include <stdarg.h> 32#include <stdarg.h>
33 33
34#include "xmalloc.h" 34#include "xmalloc.h"
35#include "buffer.h"
36#include "packet.h" 35#include "packet.h"
37#include "compat.h" 36#include "compat.h"
38#include "log.h" 37#include "log.h"
@@ -52,16 +51,28 @@ compat_datafellows(const char *version)
52 } check[] = { 51 } check[] = {
53 { "OpenSSH_2.*," 52 { "OpenSSH_2.*,"
54 "OpenSSH_3.0*," 53 "OpenSSH_3.0*,"
55 "OpenSSH_3.1*", SSH_BUG_EXTEOF|SSH_OLD_FORWARD_ADDR}, 54 "OpenSSH_3.1*", SSH_BUG_EXTEOF|SSH_OLD_FORWARD_ADDR|
56 { "OpenSSH_3.*", SSH_OLD_FORWARD_ADDR }, 55 SSH_BUG_SIGTYPE},
57 { "Sun_SSH_1.0*", SSH_BUG_NOREKEY|SSH_BUG_EXTEOF}, 56 { "OpenSSH_3.*", SSH_OLD_FORWARD_ADDR|SSH_BUG_SIGTYPE },
57 { "Sun_SSH_1.0*", SSH_BUG_NOREKEY|SSH_BUG_EXTEOF|
58 SSH_BUG_SIGTYPE},
58 { "OpenSSH_2*," 59 { "OpenSSH_2*,"
59 "OpenSSH_3*," 60 "OpenSSH_3*,"
60 "OpenSSH_4*", 0 }, 61 "OpenSSH_4*", SSH_BUG_SIGTYPE },
61 { "OpenSSH_5*", SSH_NEW_OPENSSH|SSH_BUG_DYNAMIC_RPORT}, 62 { "OpenSSH_5*", SSH_NEW_OPENSSH|SSH_BUG_DYNAMIC_RPORT|
62 { "OpenSSH_6.6.1*", SSH_NEW_OPENSSH}, 63 SSH_BUG_SIGTYPE},
64 { "OpenSSH_6.6.1*", SSH_NEW_OPENSSH|SSH_BUG_SIGTYPE},
63 { "OpenSSH_6.5*," 65 { "OpenSSH_6.5*,"
64 "OpenSSH_6.6*", SSH_NEW_OPENSSH|SSH_BUG_CURVE25519PAD}, 66 "OpenSSH_6.6*", SSH_NEW_OPENSSH|SSH_BUG_CURVE25519PAD|
67 SSH_BUG_SIGTYPE},
68 { "OpenSSH_7.0*,"
69 "OpenSSH_7.1*,"
70 "OpenSSH_7.2*,"
71 "OpenSSH_7.3*,"
72 "OpenSSH_7.4*,"
73 "OpenSSH_7.5*,"
74 "OpenSSH_7.6*,"
75 "OpenSSH_7.7*", SSH_NEW_OPENSSH|SSH_BUG_SIGTYPE},
65 { "OpenSSH*", SSH_NEW_OPENSSH }, 76 { "OpenSSH*", SSH_NEW_OPENSSH },
66 { "*MindTerm*", 0 }, 77 { "*MindTerm*", 0 },
67 { "3.0.*", SSH_BUG_DEBUG }, 78 { "3.0.*", SSH_BUG_DEBUG },
@@ -128,6 +139,8 @@ compat_datafellows(const char *version)
128 SSH_OLD_DHGEX }, 139 SSH_OLD_DHGEX },
129 { "ConfD-*", 140 { "ConfD-*",
130 SSH_BUG_UTF8TTYMODE }, 141 SSH_BUG_UTF8TTYMODE },
142 { "Twisted_*", 0 },
143 { "Twisted*", SSH_BUG_DEBUG },
131 { NULL, 0 } 144 { NULL, 0 }
132 }; 145 };
133 146
@@ -176,8 +189,8 @@ compat_cipher_proposal(char *cipher_prop)
176 if (!(datafellows & SSH_BUG_BIGENDIANAES)) 189 if (!(datafellows & SSH_BUG_BIGENDIANAES))
177 return cipher_prop; 190 return cipher_prop;
178 debug2("%s: original cipher proposal: %s", __func__, cipher_prop); 191 debug2("%s: original cipher proposal: %s", __func__, cipher_prop);
179 if ((cipher_prop = match_filter_list(cipher_prop, "aes*")) == NULL) 192 if ((cipher_prop = match_filter_blacklist(cipher_prop, "aes*")) == NULL)
180 fatal("match_filter_list failed"); 193 fatal("match_filter_blacklist failed");
181 debug2("%s: compat cipher proposal: %s", __func__, cipher_prop); 194 debug2("%s: compat cipher proposal: %s", __func__, cipher_prop);
182 if (*cipher_prop == '\0') 195 if (*cipher_prop == '\0')
183 fatal("No supported ciphers found"); 196 fatal("No supported ciphers found");
@@ -190,8 +203,8 @@ compat_pkalg_proposal(char *pkalg_prop)
190 if (!(datafellows & SSH_BUG_RSASIGMD5)) 203 if (!(datafellows & SSH_BUG_RSASIGMD5))
191 return pkalg_prop; 204 return pkalg_prop;
192 debug2("%s: original public key proposal: %s", __func__, pkalg_prop); 205 debug2("%s: original public key proposal: %s", __func__, pkalg_prop);
193 if ((pkalg_prop = match_filter_list(pkalg_prop, "ssh-rsa")) == NULL) 206 if ((pkalg_prop = match_filter_blacklist(pkalg_prop, "ssh-rsa")) == NULL)
194 fatal("match_filter_list failed"); 207 fatal("match_filter_blacklist failed");
195 debug2("%s: compat public key proposal: %s", __func__, pkalg_prop); 208 debug2("%s: compat public key proposal: %s", __func__, pkalg_prop);
196 if (*pkalg_prop == '\0') 209 if (*pkalg_prop == '\0')
197 fatal("No supported PK algorithms found"); 210 fatal("No supported PK algorithms found");
@@ -205,14 +218,14 @@ compat_kex_proposal(char *p)
205 return p; 218 return p;
206 debug2("%s: original KEX proposal: %s", __func__, p); 219 debug2("%s: original KEX proposal: %s", __func__, p);
207 if ((datafellows & SSH_BUG_CURVE25519PAD) != 0) 220 if ((datafellows & SSH_BUG_CURVE25519PAD) != 0)
208 if ((p = match_filter_list(p, 221 if ((p = match_filter_blacklist(p,
209 "curve25519-sha256@libssh.org")) == NULL) 222 "curve25519-sha256@libssh.org")) == NULL)
210 fatal("match_filter_list failed"); 223 fatal("match_filter_blacklist failed");
211 if ((datafellows & SSH_OLD_DHGEX) != 0) { 224 if ((datafellows & SSH_OLD_DHGEX) != 0) {
212 if ((p = match_filter_list(p, 225 if ((p = match_filter_blacklist(p,
213 "diffie-hellman-group-exchange-sha256," 226 "diffie-hellman-group-exchange-sha256,"
214 "diffie-hellman-group-exchange-sha1")) == NULL) 227 "diffie-hellman-group-exchange-sha1")) == NULL)
215 fatal("match_filter_list failed"); 228 fatal("match_filter_blacklist failed");
216 } 229 }
217 debug2("%s: compat KEX proposal: %s", __func__, p); 230 debug2("%s: compat KEX proposal: %s", __func__, p);
218 if (*p == '\0') 231 if (*p == '\0')
diff --git a/compat.h b/compat.h
index 4fee3495a..d611d33e7 100644
--- a/compat.h
+++ b/compat.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: compat.h,v 1.51 2018/02/16 04:43:11 dtucker Exp $ */ 1/* $OpenBSD: compat.h,v 1.54 2018/08/13 02:41:05 djm Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 1999, 2000, 2001 Markus Friedl. All rights reserved. 4 * Copyright (c) 1999, 2000, 2001 Markus Friedl. All rights reserved.
@@ -33,7 +33,7 @@
33#define SSH_PROTO_2 0x04 33#define SSH_PROTO_2 0x04
34 34
35#define SSH_BUG_UTF8TTYMODE 0x00000001 35#define SSH_BUG_UTF8TTYMODE 0x00000001
36/* #define unused 0x00000002 */ 36#define SSH_BUG_SIGTYPE 0x00000002
37/* #define unused 0x00000004 */ 37/* #define unused 0x00000004 */
38/* #define unused 0x00000008 */ 38/* #define unused 0x00000008 */
39#define SSH_OLD_SESSIONID 0x00000010 39#define SSH_OLD_SESSIONID 0x00000010
diff --git a/config.h.in b/config.h.in
index 4c9545c78..93295da07 100644
--- a/config.h.in
+++ b/config.h.in
@@ -534,6 +534,9 @@
534/* Define to 1 if you have the `getlastlogxbyname' function. */ 534/* Define to 1 if you have the `getlastlogxbyname' function. */
535#undef HAVE_GETLASTLOGXBYNAME 535#undef HAVE_GETLASTLOGXBYNAME
536 536
537/* Define to 1 if you have the `getline' function. */
538#undef HAVE_GETLINE
539
537/* Define to 1 if you have the `getluid' function. */ 540/* Define to 1 if you have the `getluid' function. */
538#undef HAVE_GETLUID 541#undef HAVE_GETLUID
539 542
@@ -567,6 +570,9 @@
567/* Define to 1 if you have the `getpwanam' function. */ 570/* Define to 1 if you have the `getpwanam' function. */
568#undef HAVE_GETPWANAM 571#undef HAVE_GETPWANAM
569 572
573/* Define to 1 if you have the `getrandom' function. */
574#undef HAVE_GETRANDOM
575
570/* Define to 1 if you have the `getrlimit' function. */ 576/* Define to 1 if you have the `getrlimit' function. */
571#undef HAVE_GETRLIMIT 577#undef HAVE_GETRLIMIT
572 578
@@ -1287,6 +1293,9 @@
1287/* Define to 1 if you have the <sys/ptrace.h> header file. */ 1293/* Define to 1 if you have the <sys/ptrace.h> header file. */
1288#undef HAVE_SYS_PTRACE_H 1294#undef HAVE_SYS_PTRACE_H
1289 1295
1296/* Define to 1 if you have the <sys/random.h> header file. */
1297#undef HAVE_SYS_RANDOM_H
1298
1290/* Define to 1 if you have the <sys/select.h> header file. */ 1299/* Define to 1 if you have the <sys/select.h> header file. */
1291#undef HAVE_SYS_SELECT_H 1300#undef HAVE_SYS_SELECT_H
1292 1301
@@ -1543,7 +1552,7 @@
1543/* Need setpgrp to acquire controlling tty */ 1552/* Need setpgrp to acquire controlling tty */
1544#undef NEED_SETPGRP 1553#undef NEED_SETPGRP
1545 1554
1546/* compiler does not accept __attribute__ on protoype args */ 1555/* compiler does not accept __attribute__ on prototype args */
1547#undef NO_ATTRIBUTE_ON_PROTOTYPE_ARGS 1556#undef NO_ATTRIBUTE_ON_PROTOTYPE_ARGS
1548 1557
1549/* compiler does not accept __attribute__ on return types */ 1558/* compiler does not accept __attribute__ on return types */
@@ -1670,12 +1679,6 @@
1670/* The size of `short int', as computed by sizeof. */ 1679/* The size of `short int', as computed by sizeof. */
1671#undef SIZEOF_SHORT_INT 1680#undef SIZEOF_SHORT_INT
1672 1681
1673/* Define if you want S/Key support */
1674#undef SKEY
1675
1676/* Define if your skeychallenge() function takes 4 arguments (NetBSD) */
1677#undef SKEYCHALLENGE_4ARG
1678
1679/* Define as const if snprintf() can declare const char *fmt */ 1682/* Define as const if snprintf() can declare const char *fmt */
1680#undef SNPRINTF_CONST 1683#undef SNPRINTF_CONST
1681 1684
@@ -1782,7 +1785,7 @@
1782/* Define if you want to enable AIX4's authenticate function */ 1785/* Define if you want to enable AIX4's authenticate function */
1783#undef WITH_AIXAUTHENTICATE 1786#undef WITH_AIXAUTHENTICATE
1784 1787
1785/* Define if you have/want arrays (cluster-wide session managment, not C 1788/* Define if you have/want arrays (cluster-wide session management, not C
1786 arrays) */ 1789 arrays) */
1787#undef WITH_IRIX_ARRAY 1790#undef WITH_IRIX_ARRAY
1788 1791
diff --git a/configure b/configure
index 5f5536fa4..330fb9b1d 100755
--- a/configure
+++ b/configure
@@ -751,7 +751,6 @@ with_solaris_privs
751with_osfsia 751with_osfsia
752with_zlib 752with_zlib
753with_zlib_version_check 753with_zlib_version_check
754with_skey
755with_ldns 754with_ldns
756with_libedit 755with_libedit
757with_audit 756with_audit
@@ -1447,7 +1446,6 @@ Optional Packages:
1447 --with-osfsia Enable Digital Unix SIA 1446 --with-osfsia Enable Digital Unix SIA
1448 --with-zlib=PATH Use zlib in PATH 1447 --with-zlib=PATH Use zlib in PATH
1449 --without-zlib-version-check Disable zlib version check 1448 --without-zlib-version-check Disable zlib version check
1450 --with-skey[=PATH] Enable S/Key support (optionally in PATH)
1451 --with-ldns[=PATH] Use ldns for DNSSEC support (optionally in PATH) 1449 --with-ldns[=PATH] Use ldns for DNSSEC support (optionally in PATH)
1452 --with-libedit[=PATH] Enable libedit support for sftp 1450 --with-libedit[=PATH] Enable libedit support for sftp
1453 --with-audit=module Enable audit support (modules=debug,bsm,linux) 1451 --with-audit=module Enable audit support (modules=debug,bsm,linux)
@@ -5546,9 +5544,7 @@ _ACEOF
5546 5544
5547fi 5545fi
5548 5546
5549if test -z "$LD" ; then 5547LD="$CC"
5550 LD=$CC
5551fi
5552 5548
5553 5549
5554{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for inline" >&5 5550{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for inline" >&5
@@ -5727,7 +5723,7 @@ int main(int argc, char **argv) {
5727_ACEOF 5723_ACEOF
5728if ac_fn_c_try_compile "$LINENO"; then : 5724if ac_fn_c_try_compile "$LINENO"; then :
5729 5725
5730if `grep -i "unrecognized option" conftest.err >/dev/null` 5726if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null
5731then 5727then
5732 { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 5728 { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
5733$as_echo "no" >&6; } 5729$as_echo "no" >&6; }
@@ -5770,7 +5766,7 @@ int main(int argc, char **argv) {
5770_ACEOF 5766_ACEOF
5771if ac_fn_c_try_compile "$LINENO"; then : 5767if ac_fn_c_try_compile "$LINENO"; then :
5772 5768
5773if `grep -i "unrecognized option" conftest.err >/dev/null` 5769if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null
5774then 5770then
5775 { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 5771 { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
5776$as_echo "no" >&6; } 5772$as_echo "no" >&6; }
@@ -5813,7 +5809,7 @@ int main(int argc, char **argv) {
5813_ACEOF 5809_ACEOF
5814if ac_fn_c_try_compile "$LINENO"; then : 5810if ac_fn_c_try_compile "$LINENO"; then :
5815 5811
5816if `grep -i "unrecognized option" conftest.err >/dev/null` 5812if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null
5817then 5813then
5818 { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 5814 { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
5819$as_echo "no" >&6; } 5815$as_echo "no" >&6; }
@@ -5856,7 +5852,7 @@ int main(int argc, char **argv) {
5856_ACEOF 5852_ACEOF
5857if ac_fn_c_try_compile "$LINENO"; then : 5853if ac_fn_c_try_compile "$LINENO"; then :
5858 5854
5859if `grep -i "unrecognized option" conftest.err >/dev/null` 5855if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null
5860then 5856then
5861 { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 5857 { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
5862$as_echo "no" >&6; } 5858$as_echo "no" >&6; }
@@ -5899,7 +5895,7 @@ int main(int argc, char **argv) {
5899_ACEOF 5895_ACEOF
5900if ac_fn_c_try_compile "$LINENO"; then : 5896if ac_fn_c_try_compile "$LINENO"; then :
5901 5897
5902if `grep -i "unrecognized option" conftest.err >/dev/null` 5898if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null
5903then 5899then
5904 { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 5900 { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
5905$as_echo "no" >&6; } 5901$as_echo "no" >&6; }
@@ -5942,7 +5938,7 @@ int main(int argc, char **argv) {
5942_ACEOF 5938_ACEOF
5943if ac_fn_c_try_compile "$LINENO"; then : 5939if ac_fn_c_try_compile "$LINENO"; then :
5944 5940
5945if `grep -i "unrecognized option" conftest.err >/dev/null` 5941if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null
5946then 5942then
5947 { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 5943 { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
5948$as_echo "no" >&6; } 5944$as_echo "no" >&6; }
@@ -5985,7 +5981,7 @@ int main(int argc, char **argv) {
5985_ACEOF 5981_ACEOF
5986if ac_fn_c_try_compile "$LINENO"; then : 5982if ac_fn_c_try_compile "$LINENO"; then :
5987 5983
5988if `grep -i "unrecognized option" conftest.err >/dev/null` 5984if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null
5989then 5985then
5990 { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 5986 { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
5991$as_echo "no" >&6; } 5987$as_echo "no" >&6; }
@@ -6028,7 +6024,7 @@ int main(int argc, char **argv) {
6028_ACEOF 6024_ACEOF
6029if ac_fn_c_try_compile "$LINENO"; then : 6025if ac_fn_c_try_compile "$LINENO"; then :
6030 6026
6031if `grep -i "unrecognized option" conftest.err >/dev/null` 6027if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null
6032then 6028then
6033 { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 6029 { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
6034$as_echo "no" >&6; } 6030$as_echo "no" >&6; }
@@ -6071,7 +6067,7 @@ int main(int argc, char **argv) {
6071_ACEOF 6067_ACEOF
6072if ac_fn_c_try_compile "$LINENO"; then : 6068if ac_fn_c_try_compile "$LINENO"; then :
6073 6069
6074if `grep -i "unrecognized option" conftest.err >/dev/null` 6070if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null
6075then 6071then
6076 { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 6072 { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
6077$as_echo "no" >&6; } 6073$as_echo "no" >&6; }
@@ -6114,7 +6110,7 @@ int main(int argc, char **argv) {
6114_ACEOF 6110_ACEOF
6115if ac_fn_c_try_compile "$LINENO"; then : 6111if ac_fn_c_try_compile "$LINENO"; then :
6116 6112
6117if `grep -i "unrecognized option" conftest.err >/dev/null` 6113if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null
6118then 6114then
6119 { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 6115 { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
6120$as_echo "no" >&6; } 6116$as_echo "no" >&6; }
@@ -6157,7 +6153,7 @@ int main(int argc, char **argv) {
6157_ACEOF 6153_ACEOF
6158if ac_fn_c_try_compile "$LINENO"; then : 6154if ac_fn_c_try_compile "$LINENO"; then :
6159 6155
6160if `grep -i "unrecognized option" conftest.err >/dev/null` 6156if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null
6161then 6157then
6162 { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 6158 { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
6163$as_echo "no" >&6; } 6159$as_echo "no" >&6; }
@@ -6200,7 +6196,7 @@ int main(int argc, char **argv) {
6200_ACEOF 6196_ACEOF
6201if ac_fn_c_try_compile "$LINENO"; then : 6197if ac_fn_c_try_compile "$LINENO"; then :
6202 6198
6203if `grep -i "unrecognized option" conftest.err >/dev/null` 6199if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null
6204then 6200then
6205 { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 6201 { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
6206$as_echo "no" >&6; } 6202$as_echo "no" >&6; }
@@ -6219,7 +6215,12 @@ fi
6219rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext 6215rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
6220} 6216}
6221 if test "x$use_toolchain_hardening" = "x1"; then 6217 if test "x$use_toolchain_hardening" = "x1"; then
6222 { 6218 # Cygwin GCC 7.x allows thunking on the CLI, but produces non-working
6219 # code. Unfortunately you only notice this at link time.
6220 case "$host" in
6221 *-*-cygwin*) ;;
6222 *)
6223 {
6223 { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -mfunction-return=thunk" >&5 6224 { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -mfunction-return=thunk" >&5
6224$as_echo_n "checking if $CC supports compile flag -mfunction-return=thunk... " >&6; } 6225$as_echo_n "checking if $CC supports compile flag -mfunction-return=thunk... " >&6; }
6225 saved_CFLAGS="$CFLAGS" 6226 saved_CFLAGS="$CFLAGS"
@@ -6244,7 +6245,7 @@ int main(int argc, char **argv) {
6244_ACEOF 6245_ACEOF
6245if ac_fn_c_try_compile "$LINENO"; then : 6246if ac_fn_c_try_compile "$LINENO"; then :
6246 6247
6247if `grep -i "unrecognized option" conftest.err >/dev/null` 6248if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null
6248then 6249then
6249 { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 6250 { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
6250$as_echo "no" >&6; } 6251$as_echo "no" >&6; }
@@ -6262,7 +6263,7 @@ $as_echo "no" >&6; }
6262fi 6263fi
6263rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext 6264rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
6264} # gcc 6265} # gcc
6265 { 6266 {
6266 { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -mindirect-branch=thunk" >&5 6267 { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -mindirect-branch=thunk" >&5
6267$as_echo_n "checking if $CC supports compile flag -mindirect-branch=thunk... " >&6; } 6268$as_echo_n "checking if $CC supports compile flag -mindirect-branch=thunk... " >&6; }
6268 saved_CFLAGS="$CFLAGS" 6269 saved_CFLAGS="$CFLAGS"
@@ -6287,7 +6288,7 @@ int main(int argc, char **argv) {
6287_ACEOF 6288_ACEOF
6288if ac_fn_c_try_compile "$LINENO"; then : 6289if ac_fn_c_try_compile "$LINENO"; then :
6289 6290
6290if `grep -i "unrecognized option" conftest.err >/dev/null` 6291if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null
6291then 6292then
6292 { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 6293 { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
6293$as_echo "no" >&6; } 6294$as_echo "no" >&6; }
@@ -6305,6 +6306,8 @@ $as_echo "no" >&6; }
6305fi 6306fi
6306rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext 6307rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
6307} # gcc 6308} # gcc
6309 ;;
6310 esac
6308 { 6311 {
6309 { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -mretpoline" >&5 6312 { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -mretpoline" >&5
6310$as_echo_n "checking if $CC supports compile flag -mretpoline... " >&6; } 6313$as_echo_n "checking if $CC supports compile flag -mretpoline... " >&6; }
@@ -6330,7 +6333,7 @@ int main(int argc, char **argv) {
6330_ACEOF 6333_ACEOF
6331if ac_fn_c_try_compile "$LINENO"; then : 6334if ac_fn_c_try_compile "$LINENO"; then :
6332 6335
6333if `grep -i "unrecognized option" conftest.err >/dev/null` 6336if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null
6334then 6337then
6335 { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 6338 { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
6336$as_echo "no" >&6; } 6339$as_echo "no" >&6; }
@@ -6373,9 +6376,17 @@ int main(int argc, char **argv) {
6373 6376
6374_ACEOF 6377_ACEOF
6375if ac_fn_c_try_link "$LINENO"; then : 6378if ac_fn_c_try_link "$LINENO"; then :
6376 { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 6379
6380if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null
6381then
6382 { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
6383$as_echo "no" >&6; }
6384 LDFLAGS="$saved_LDFLAGS"
6385else
6386 { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
6377$as_echo "yes" >&6; } 6387$as_echo "yes" >&6; }
6378 LDFLAGS="$saved_LDFLAGS $_define_flag" 6388 LDFLAGS="$saved_LDFLAGS $_define_flag"
6389fi
6379else 6390else
6380 { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 6391 { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
6381$as_echo "no" >&6; } 6392$as_echo "no" >&6; }
@@ -6410,7 +6421,7 @@ int main(int argc, char **argv) {
6410_ACEOF 6421_ACEOF
6411if ac_fn_c_try_compile "$LINENO"; then : 6422if ac_fn_c_try_compile "$LINENO"; then :
6412 6423
6413if `grep -i "unrecognized option" conftest.err >/dev/null` 6424if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null
6414then 6425then
6415 { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 6426 { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
6416$as_echo "no" >&6; } 6427$as_echo "no" >&6; }
@@ -6453,9 +6464,17 @@ int main(int argc, char **argv) {
6453 6464
6454_ACEOF 6465_ACEOF
6455if ac_fn_c_try_link "$LINENO"; then : 6466if ac_fn_c_try_link "$LINENO"; then :
6456 { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 6467
6468if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null
6469then
6470 { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
6471$as_echo "no" >&6; }
6472 LDFLAGS="$saved_LDFLAGS"
6473else
6474 { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
6457$as_echo "yes" >&6; } 6475$as_echo "yes" >&6; }
6458 LDFLAGS="$saved_LDFLAGS $_define_flag" 6476 LDFLAGS="$saved_LDFLAGS $_define_flag"
6477fi
6459else 6478else
6460 { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 6479 { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
6461$as_echo "no" >&6; } 6480$as_echo "no" >&6; }
@@ -6490,9 +6509,17 @@ int main(int argc, char **argv) {
6490 6509
6491_ACEOF 6510_ACEOF
6492if ac_fn_c_try_link "$LINENO"; then : 6511if ac_fn_c_try_link "$LINENO"; then :
6493 { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 6512
6513if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null
6514then
6515 { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
6516$as_echo "no" >&6; }
6517 LDFLAGS="$saved_LDFLAGS"
6518else
6519 { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
6494$as_echo "yes" >&6; } 6520$as_echo "yes" >&6; }
6495 LDFLAGS="$saved_LDFLAGS $_define_flag" 6521 LDFLAGS="$saved_LDFLAGS $_define_flag"
6522fi
6496else 6523else
6497 { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 6524 { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
6498$as_echo "no" >&6; } 6525$as_echo "no" >&6; }
@@ -6527,9 +6554,17 @@ int main(int argc, char **argv) {
6527 6554
6528_ACEOF 6555_ACEOF
6529if ac_fn_c_try_link "$LINENO"; then : 6556if ac_fn_c_try_link "$LINENO"; then :
6530 { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 6557
6558if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null
6559then
6560 { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
6561$as_echo "no" >&6; }
6562 LDFLAGS="$saved_LDFLAGS"
6563else
6564 { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
6531$as_echo "yes" >&6; } 6565$as_echo "yes" >&6; }
6532 LDFLAGS="$saved_LDFLAGS $_define_flag" 6566 LDFLAGS="$saved_LDFLAGS $_define_flag"
6567fi
6533else 6568else
6534 { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 6569 { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
6535$as_echo "no" >&6; } 6570$as_echo "no" >&6; }
@@ -6570,7 +6605,7 @@ int main(int argc, char **argv) {
6570_ACEOF 6605_ACEOF
6571if ac_fn_c_try_link "$LINENO"; then : 6606if ac_fn_c_try_link "$LINENO"; then :
6572 6607
6573if `grep -i "unrecognized option" conftest.err >/dev/null` 6608if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null
6574then 6609then
6575 { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 6610 { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
6576$as_echo "no" >&6; } 6611$as_echo "no" >&6; }
@@ -6944,6 +6979,7 @@ for ac_header in \
6944 sys/prctl.h \ 6979 sys/prctl.h \
6945 sys/pstat.h \ 6980 sys/pstat.h \
6946 sys/ptrace.h \ 6981 sys/ptrace.h \
6982 sys/random.h \
6947 sys/select.h \ 6983 sys/select.h \
6948 sys/stat.h \ 6984 sys/stat.h \
6949 sys/stream.h \ 6985 sys/stream.h \
@@ -7154,7 +7190,7 @@ case "$host" in
7154 # Some versions of VAC won't allow macro redefinitions at 7190 # Some versions of VAC won't allow macro redefinitions at
7155 # -qlanglevel=ansi, and autoconf 2.60 sometimes insists on using that 7191 # -qlanglevel=ansi, and autoconf 2.60 sometimes insists on using that
7156 # particularly with older versions of vac or xlc. 7192 # particularly with older versions of vac or xlc.
7157 # It also throws errors about null macro argments, but these are 7193 # It also throws errors about null macro arguments, but these are
7158 # not fatal. 7194 # not fatal.
7159 { $as_echo "$as_me:${as_lineno-$LINENO}: checking if compiler allows macro redefinitions" >&5 7195 { $as_echo "$as_me:${as_lineno-$LINENO}: checking if compiler allows macro redefinitions" >&5
7160$as_echo_n "checking if compiler allows macro redefinitions... " >&6; } 7196$as_echo_n "checking if compiler allows macro redefinitions... " >&6; }
@@ -7178,7 +7214,6 @@ else
7178 { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 7214 { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
7179$as_echo "no" >&6; } 7215$as_echo "no" >&6; }
7180 CC="`echo $CC | sed 's/-qlanglvl\=ansi//g'`" 7216 CC="`echo $CC | sed 's/-qlanglvl\=ansi//g'`"
7181 LD="`echo $LD | sed 's/-qlanglvl\=ansi//g'`"
7182 CFLAGS="`echo $CFLAGS | sed 's/-qlanglvl\=ansi//g'`" 7217 CFLAGS="`echo $CFLAGS | sed 's/-qlanglvl\=ansi//g'`"
7183 CPPFLAGS="`echo $CPPFLAGS | sed 's/-qlanglvl\=ansi//g'`" 7218 CPPFLAGS="`echo $CPPFLAGS | sed 's/-qlanglvl\=ansi//g'`"
7184 7219
@@ -7497,7 +7532,7 @@ int main(int argc, char **argv) {
7497_ACEOF 7532_ACEOF
7498if ac_fn_c_try_compile "$LINENO"; then : 7533if ac_fn_c_try_compile "$LINENO"; then :
7499 7534
7500if `grep -i "unrecognized option" conftest.err >/dev/null` 7535if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null
7501then 7536then
7502 { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 7537 { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
7503$as_echo "no" >&6; } 7538$as_echo "no" >&6; }
@@ -10195,7 +10230,7 @@ fi
10195{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $func_calloc_0_nonnull" >&5 10230{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $func_calloc_0_nonnull" >&5
10196$as_echo "$func_calloc_0_nonnull" >&6; } 10231$as_echo "$func_calloc_0_nonnull" >&6; }
10197 10232
10198if test "x$func_calloc_0_nonnull" == "xyes"; then 10233if test "x$func_calloc_0_nonnull" = "xyes"; then
10199 10234
10200$as_echo "#define HAVE_CALLOC 1" >>confdefs.h 10235$as_echo "#define HAVE_CALLOC 1" >>confdefs.h
10201 10236
@@ -10387,94 +10422,6 @@ else
10387$as_echo "no" >&6; } 10422$as_echo "no" >&6; }
10388fi 10423fi
10389 10424
10390# Check whether user wants S/Key support
10391SKEY_MSG="no"
10392
10393# Check whether --with-skey was given.
10394if test "${with_skey+set}" = set; then :
10395 withval=$with_skey;
10396 if test "x$withval" != "xno" ; then
10397
10398 if test "x$withval" != "xyes" ; then
10399 CPPFLAGS="$CPPFLAGS -I${withval}/include"
10400 LDFLAGS="$LDFLAGS -L${withval}/lib"
10401 fi
10402
10403
10404$as_echo "#define SKEY 1" >>confdefs.h
10405
10406 LIBS="-lskey $LIBS"
10407 SKEY_MSG="yes"
10408
10409 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for s/key support" >&5
10410$as_echo_n "checking for s/key support... " >&6; }
10411 cat confdefs.h - <<_ACEOF >conftest.$ac_ext
10412/* end confdefs.h. */
10413
10414#include <stdio.h>
10415#include <skey.h>
10416
10417int
10418main ()
10419{
10420
10421 char *ff = skey_keyinfo(""); ff="";
10422 exit(0);
10423
10424 ;
10425 return 0;
10426}
10427_ACEOF
10428if ac_fn_c_try_link "$LINENO"; then :
10429 { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
10430$as_echo "yes" >&6; }
10431else
10432
10433 { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
10434$as_echo "no" >&6; }
10435 as_fn_error $? "** Incomplete or missing s/key libraries." "$LINENO" 5
10436
10437fi
10438rm -f core conftest.err conftest.$ac_objext \
10439 conftest$ac_exeext conftest.$ac_ext
10440 { $as_echo "$as_me:${as_lineno-$LINENO}: checking if skeychallenge takes 4 arguments" >&5
10441$as_echo_n "checking if skeychallenge takes 4 arguments... " >&6; }
10442 cat confdefs.h - <<_ACEOF >conftest.$ac_ext
10443/* end confdefs.h. */
10444
10445#include <stdio.h>
10446#include <skey.h>
10447
10448int
10449main ()
10450{
10451
10452 (void)skeychallenge(NULL,"name","",0);
10453
10454 ;
10455 return 0;
10456}
10457_ACEOF
10458if ac_fn_c_try_compile "$LINENO"; then :
10459
10460 { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
10461$as_echo "yes" >&6; }
10462
10463$as_echo "#define SKEYCHALLENGE_4ARG 1" >>confdefs.h
10464
10465else
10466
10467 { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
10468$as_echo "no" >&6; }
10469
10470fi
10471rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
10472 fi
10473
10474
10475fi
10476
10477
10478# Check whether user wants to use ldns 10425# Check whether user wants to use ldns
10479LDNS_MSG="no" 10426LDNS_MSG="no"
10480 10427
@@ -11074,7 +11021,7 @@ int main(int argc, char **argv) {
11074_ACEOF 11021_ACEOF
11075if ac_fn_c_try_compile "$LINENO"; then : 11022if ac_fn_c_try_compile "$LINENO"; then :
11076 11023
11077if `grep -i "unrecognized option" conftest.err >/dev/null` 11024if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null
11078then 11025then
11079 { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 11026 { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
11080$as_echo "no" >&6; } 11027$as_echo "no" >&6; }
@@ -11117,9 +11064,17 @@ int main(int argc, char **argv) {
11117 11064
11118_ACEOF 11065_ACEOF
11119if ac_fn_c_try_link "$LINENO"; then : 11066if ac_fn_c_try_link "$LINENO"; then :
11120 { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 11067
11068if $ac_cv_path_EGREP -i "unrecognized option|warning.*ignored" conftest.err >/dev/null
11069then
11070 { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
11071$as_echo "no" >&6; }
11072 LDFLAGS="$saved_LDFLAGS"
11073else
11074 { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
11121$as_echo "yes" >&6; } 11075$as_echo "yes" >&6; }
11122 LDFLAGS="$saved_LDFLAGS $_define_flag" 11076 LDFLAGS="$saved_LDFLAGS $_define_flag"
11077fi
11123else 11078else
11124 { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 11079 { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
11125$as_echo "no" >&6; } 11080$as_echo "no" >&6; }
@@ -11178,6 +11133,7 @@ for ac_func in \
11178 getaddrinfo \ 11133 getaddrinfo \
11179 getcwd \ 11134 getcwd \
11180 getgrouplist \ 11135 getgrouplist \
11136 getline \
11181 getnameinfo \ 11137 getnameinfo \
11182 getopt \ 11138 getopt \
11183 getpagesize \ 11139 getpagesize \
@@ -11186,6 +11142,7 @@ for ac_func in \
11186 getpgid \ 11142 getpgid \
11187 _getpty \ 11143 _getpty \
11188 getrlimit \ 11144 getrlimit \
11145 getrandom \
11189 getsid \ 11146 getsid \
11190 getttyent \ 11147 getttyent \
11191 glob \ 11148 glob \
@@ -13962,7 +13919,7 @@ LIBS="$saved_LIBS"
13962 13919
13963### Configure cryptographic random number support 13920### Configure cryptographic random number support
13964 13921
13965# Check wheter OpenSSL seeds itself 13922# Check whether OpenSSL seeds itself
13966if test "x$openssl" = "xyes" ; then 13923if test "x$openssl" = "xyes" ; then
13967 { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether OpenSSL's PRNG is internally seeded" >&5 13924 { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether OpenSSL's PRNG is internally seeded" >&5
13968$as_echo_n "checking whether OpenSSL's PRNG is internally seeded... " >&6; } 13925$as_echo_n "checking whether OpenSSL's PRNG is internally seeded... " >&6; }
@@ -16072,7 +16029,7 @@ _ACEOF
16072fi 16029fi
16073 16030
16074 16031
16075# We need int64_t or else certian parts of the compile will fail. 16032# We need int64_t or else certain parts of the compile will fail.
16076if test "x$ac_cv_have_int64_t" = "xno" && \ 16033if test "x$ac_cv_have_int64_t" = "xno" && \
16077 test "x$ac_cv_sizeof_long_int" != "x8" && \ 16034 test "x$ac_cv_sizeof_long_int" != "x8" && \
16078 test "x$ac_cv_sizeof_long_long_int" = "x0" ; then 16035 test "x$ac_cv_sizeof_long_long_int" = "x0" ; then
@@ -21030,7 +20987,6 @@ echo " PAM support: $PAM_MSG"
21030echo " OSF SIA support: $SIA_MSG" 20987echo " OSF SIA support: $SIA_MSG"
21031echo " KerberosV support: $KRB5_MSG" 20988echo " KerberosV support: $KRB5_MSG"
21032echo " SELinux support: $SELINUX_MSG" 20989echo " SELinux support: $SELINUX_MSG"
21033echo " S/KEY support: $SKEY_MSG"
21034echo " MD5 password support: $MD5_MSG" 20990echo " MD5 password support: $MD5_MSG"
21035echo " libedit support: $LIBEDIT_MSG" 20991echo " libedit support: $LIBEDIT_MSG"
21036echo " libldns support: $LDNS_MSG" 20992echo " libldns support: $LDNS_MSG"
diff --git a/configure.ac b/configure.ac
index eac143b4d..dab138640 100644
--- a/configure.ac
+++ b/configure.ac
@@ -83,9 +83,11 @@ if test ! -z "$PATH_PASSWD_PROG" ; then
83 [Full path of your "passwd" program]) 83 [Full path of your "passwd" program])
84fi 84fi
85 85
86if test -z "$LD" ; then 86dnl Since autoconf doesn't support it very well, we no longer allow users to
87 LD=$CC 87dnl override LD, however keeping the hook here for now in case there's a use
88fi 88dnl use case we overlooked and someone needs to re-enable it. Unless a good
89dnl reason is found we'll be removing this in future.
90LD="$CC"
89AC_SUBST([LD]) 91AC_SUBST([LD])
90 92
91AC_C_INLINE 93AC_C_INLINE
@@ -162,8 +164,15 @@ if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
162 OSSH_CHECK_CFLAG_COMPILE([-Wunused-result], [-Wno-unused-result]) 164 OSSH_CHECK_CFLAG_COMPILE([-Wunused-result], [-Wno-unused-result])
163 OSSH_CHECK_CFLAG_COMPILE([-fno-strict-aliasing]) 165 OSSH_CHECK_CFLAG_COMPILE([-fno-strict-aliasing])
164 if test "x$use_toolchain_hardening" = "x1"; then 166 if test "x$use_toolchain_hardening" = "x1"; then
165 OSSH_CHECK_CFLAG_COMPILE([-mfunction-return=thunk]) # gcc 167 # Cygwin GCC 7.x allows thunking on the CLI, but produces non-working
166 OSSH_CHECK_CFLAG_COMPILE([-mindirect-branch=thunk]) # gcc 168 # code. Unfortunately you only notice this at link time.
169 case "$host" in
170 *-*-cygwin*) ;;
171 *)
172 OSSH_CHECK_CFLAG_COMPILE([-mfunction-return=thunk]) # gcc
173 OSSH_CHECK_CFLAG_COMPILE([-mindirect-branch=thunk]) # gcc
174 ;;
175 esac
167 OSSH_CHECK_CFLAG_COMPILE([-mretpoline]) # clang 176 OSSH_CHECK_CFLAG_COMPILE([-mretpoline]) # clang
168 OSSH_CHECK_LDFLAG_LINK([-Wl,-z,retpolineplt]) 177 OSSH_CHECK_LDFLAG_LINK([-Wl,-z,retpolineplt])
169 OSSH_CHECK_CFLAG_COMPILE([-D_FORTIFY_SOURCE=2]) 178 OSSH_CHECK_CFLAG_COMPILE([-D_FORTIFY_SOURCE=2])
@@ -274,7 +283,7 @@ typedef void foo(const char *, ...) __attribute__((format(printf, 1, 2)));]],
274 [ AC_MSG_RESULT([yes]) ], 283 [ AC_MSG_RESULT([yes]) ],
275 [ AC_MSG_RESULT([no]) 284 [ AC_MSG_RESULT([no])
276 AC_DEFINE(NO_ATTRIBUTE_ON_PROTOTYPE_ARGS, 1, 285 AC_DEFINE(NO_ATTRIBUTE_ON_PROTOTYPE_ARGS, 1,
277 [compiler does not accept __attribute__ on protoype args]) ] 286 [compiler does not accept __attribute__ on prototype args]) ]
278) 287)
279 288
280if test "x$no_attrib_nonnull" != "x1" ; then 289if test "x$no_attrib_nonnull" != "x1" ; then
@@ -413,6 +422,7 @@ AC_CHECK_HEADERS([ \
413 sys/prctl.h \ 422 sys/prctl.h \
414 sys/pstat.h \ 423 sys/pstat.h \
415 sys/ptrace.h \ 424 sys/ptrace.h \
425 sys/random.h \
416 sys/select.h \ 426 sys/select.h \
417 sys/stat.h \ 427 sys/stat.h \
418 sys/stream.h \ 428 sys/stream.h \
@@ -514,7 +524,7 @@ case "$host" in
514 # Some versions of VAC won't allow macro redefinitions at 524 # Some versions of VAC won't allow macro redefinitions at
515 # -qlanglevel=ansi, and autoconf 2.60 sometimes insists on using that 525 # -qlanglevel=ansi, and autoconf 2.60 sometimes insists on using that
516 # particularly with older versions of vac or xlc. 526 # particularly with older versions of vac or xlc.
517 # It also throws errors about null macro argments, but these are 527 # It also throws errors about null macro arguments, but these are
518 # not fatal. 528 # not fatal.
519 AC_MSG_CHECKING([if compiler allows macro redefinitions]) 529 AC_MSG_CHECKING([if compiler allows macro redefinitions])
520 AC_COMPILE_IFELSE( 530 AC_COMPILE_IFELSE(
@@ -525,7 +535,6 @@ case "$host" in
525 [ AC_MSG_RESULT([yes]) ], 535 [ AC_MSG_RESULT([yes]) ],
526 [ AC_MSG_RESULT([no]) 536 [ AC_MSG_RESULT([no])
527 CC="`echo $CC | sed 's/-qlanglvl\=ansi//g'`" 537 CC="`echo $CC | sed 's/-qlanglvl\=ansi//g'`"
528 LD="`echo $LD | sed 's/-qlanglvl\=ansi//g'`"
529 CFLAGS="`echo $CFLAGS | sed 's/-qlanglvl\=ansi//g'`" 538 CFLAGS="`echo $CFLAGS | sed 's/-qlanglvl\=ansi//g'`"
530 CPPFLAGS="`echo $CPPFLAGS | sed 's/-qlanglvl\=ansi//g'`" 539 CPPFLAGS="`echo $CPPFLAGS | sed 's/-qlanglvl\=ansi//g'`"
531 ] 540 ]
@@ -777,7 +786,7 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
777 PATH="$PATH:/usr/etc" 786 PATH="$PATH:/usr/etc"
778 AC_DEFINE([WITH_IRIX_ARRAY], [1], 787 AC_DEFINE([WITH_IRIX_ARRAY], [1],
779 [Define if you have/want arrays 788 [Define if you have/want arrays
780 (cluster-wide session managment, not C arrays)]) 789 (cluster-wide session management, not C arrays)])
781 AC_DEFINE([WITH_IRIX_PROJECT], [1], 790 AC_DEFINE([WITH_IRIX_PROJECT], [1],
782 [Define if you want IRIX project management]) 791 [Define if you want IRIX project management])
783 AC_DEFINE([WITH_IRIX_AUDIT], [1], 792 AC_DEFINE([WITH_IRIX_AUDIT], [1],
@@ -1422,7 +1431,7 @@ AC_RUN_IFELSE(
1422) 1431)
1423AC_MSG_RESULT([$func_calloc_0_nonnull]) 1432AC_MSG_RESULT([$func_calloc_0_nonnull])
1424 1433
1425if test "x$func_calloc_0_nonnull" == "xyes"; then 1434if test "x$func_calloc_0_nonnull" = "xyes"; then
1426 AC_DEFINE(HAVE_CALLOC, 1, [calloc(0, x) returns non-null]) 1435 AC_DEFINE(HAVE_CALLOC, 1, [calloc(0, x) returns non-null])
1427else 1436else
1428 AC_DEFINE(HAVE_CALLOC, 0, [calloc(0, x) returns NULL]) 1437 AC_DEFINE(HAVE_CALLOC, 0, [calloc(0, x) returns NULL])
@@ -1517,55 +1526,6 @@ else
1517 AC_MSG_RESULT([no]) 1526 AC_MSG_RESULT([no])
1518fi 1527fi
1519 1528
1520# Check whether user wants S/Key support
1521SKEY_MSG="no"
1522AC_ARG_WITH([skey],
1523 [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)],
1524 [
1525 if test "x$withval" != "xno" ; then
1526
1527 if test "x$withval" != "xyes" ; then
1528 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1529 LDFLAGS="$LDFLAGS -L${withval}/lib"
1530 fi
1531
1532 AC_DEFINE([SKEY], [1], [Define if you want S/Key support])
1533 LIBS="-lskey $LIBS"
1534 SKEY_MSG="yes"
1535
1536 AC_MSG_CHECKING([for s/key support])
1537 AC_LINK_IFELSE(
1538 [AC_LANG_PROGRAM([[
1539#include <stdio.h>
1540#include <skey.h>
1541 ]], [[
1542 char *ff = skey_keyinfo(""); ff="";
1543 exit(0);
1544 ]])],
1545 [AC_MSG_RESULT([yes])],
1546 [
1547 AC_MSG_RESULT([no])
1548 AC_MSG_ERROR([** Incomplete or missing s/key libraries.])
1549 ])
1550 AC_MSG_CHECKING([if skeychallenge takes 4 arguments])
1551 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[
1552#include <stdio.h>
1553#include <skey.h>
1554 ]], [[
1555 (void)skeychallenge(NULL,"name","",0);
1556 ]])],
1557 [
1558 AC_MSG_RESULT([yes])
1559 AC_DEFINE([SKEYCHALLENGE_4ARG], [1],
1560 [Define if your skeychallenge()
1561 function takes 4 arguments (NetBSD)])],
1562 [
1563 AC_MSG_RESULT([no])
1564 ])
1565 fi
1566 ]
1567)
1568
1569# Check whether user wants TCP wrappers support 1529# Check whether user wants TCP wrappers support
1570TCPW_MSG="no" 1530TCPW_MSG="no"
1571AC_ARG_WITH([tcp-wrappers], 1531AC_ARG_WITH([tcp-wrappers],
@@ -1858,6 +1818,7 @@ AC_CHECK_FUNCS([ \
1858 getaddrinfo \ 1818 getaddrinfo \
1859 getcwd \ 1819 getcwd \
1860 getgrouplist \ 1820 getgrouplist \
1821 getline \
1861 getnameinfo \ 1822 getnameinfo \
1862 getopt \ 1823 getopt \
1863 getpagesize \ 1824 getpagesize \
@@ -1866,6 +1827,7 @@ AC_CHECK_FUNCS([ \
1866 getpgid \ 1827 getpgid \
1867 _getpty \ 1828 _getpty \
1868 getrlimit \ 1829 getrlimit \
1830 getrandom \
1869 getsid \ 1831 getsid \
1870 getttyent \ 1832 getttyent \
1871 glob \ 1833 glob \
@@ -3085,7 +3047,7 @@ LIBS="$saved_LIBS"
3085 3047
3086### Configure cryptographic random number support 3048### Configure cryptographic random number support
3087 3049
3088# Check wheter OpenSSL seeds itself 3050# Check whether OpenSSL seeds itself
3089if test "x$openssl" = "xyes" ; then 3051if test "x$openssl" = "xyes" ; then
3090 AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded]) 3052 AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded])
3091 AC_RUN_IFELSE( 3053 AC_RUN_IFELSE(
@@ -3984,7 +3946,7 @@ fi
3984 3946
3985AC_CHECK_TYPES([struct timespec]) 3947AC_CHECK_TYPES([struct timespec])
3986 3948
3987# We need int64_t or else certian parts of the compile will fail. 3949# We need int64_t or else certain parts of the compile will fail.
3988if test "x$ac_cv_have_int64_t" = "xno" && \ 3950if test "x$ac_cv_have_int64_t" = "xno" && \
3989 test "x$ac_cv_sizeof_long_int" != "x8" && \ 3951 test "x$ac_cv_sizeof_long_int" != "x8" && \
3990 test "x$ac_cv_sizeof_long_long_int" = "x0" ; then 3952 test "x$ac_cv_sizeof_long_long_int" = "x0" ; then
@@ -5318,7 +5280,6 @@ echo " PAM support: $PAM_MSG"
5318echo " OSF SIA support: $SIA_MSG" 5280echo " OSF SIA support: $SIA_MSG"
5319echo " KerberosV support: $KRB5_MSG" 5281echo " KerberosV support: $KRB5_MSG"
5320echo " SELinux support: $SELINUX_MSG" 5282echo " SELinux support: $SELINUX_MSG"
5321echo " S/KEY support: $SKEY_MSG"
5322echo " TCP Wrappers support: $TCPW_MSG" 5283echo " TCP Wrappers support: $TCPW_MSG"
5323echo " MD5 password support: $MD5_MSG" 5284echo " MD5 password support: $MD5_MSG"
5324echo " libedit support: $LIBEDIT_MSG" 5285echo " libedit support: $LIBEDIT_MSG"
diff --git a/contrib/aix/buildbff.sh b/contrib/aix/buildbff.sh
index 00b384dc7..55113d9d3 100755
--- a/contrib/aix/buildbff.sh
+++ b/contrib/aix/buildbff.sh
@@ -240,21 +240,7 @@ echo
240 240
241# Generate keys unless they already exist 241# Generate keys unless they already exist
242echo Creating host keys if required. 242echo Creating host keys if required.
243if [ -f "$sysconfdir/ssh_host_key" ] ; then 243$bindir/ssh-keygen -A
244 echo "$sysconfdir/ssh_host_key already exists, skipping."
245else
246 $bindir/ssh-keygen -t rsa1 -f $sysconfdir/ssh_host_key -N ""
247fi
248if [ -f $sysconfdir/ssh_host_dsa_key ] ; then
249 echo "$sysconfdir/ssh_host_dsa_key already exists, skipping."
250else
251 $bindir/ssh-keygen -t dsa -f $sysconfdir/ssh_host_dsa_key -N ""
252fi
253if [ -f $sysconfdir/ssh_host_rsa_key ] ; then
254 echo "$sysconfdir/ssh_host_rsa_key already exists, skipping."
255else
256 $bindir/ssh-keygen -t rsa -f $sysconfdir/ssh_host_rsa_key -N ""
257fi
258echo 244echo
259 245
260# Set startup command depending on SRC support 246# Set startup command depending on SRC support
diff --git a/contrib/cygwin/ssh-host-config b/contrib/cygwin/ssh-host-config
index db6aaa08a..261020af3 100644
--- a/contrib/cygwin/ssh-host-config
+++ b/contrib/cygwin/ssh-host-config
@@ -22,7 +22,7 @@
22 22
23CSIH_SCRIPT=/usr/share/csih/cygwin-service-installation-helper.sh 23CSIH_SCRIPT=/usr/share/csih/cygwin-service-installation-helper.sh
24 24
25# List of apps used. This is checkad for existance in csih_sanity_check 25# List of apps used. This is checkad for existence in csih_sanity_check
26# Don't use *any* transient commands before sourcing the csih helper script, 26# Don't use *any* transient commands before sourcing the csih helper script,
27# otherwise the sanity checks are short-circuited. 27# otherwise the sanity checks are short-circuited.
28declare -a csih_required_commands=( 28declare -a csih_required_commands=(
diff --git a/contrib/cygwin/ssh-user-config b/contrib/cygwin/ssh-user-config
index 33dc0cbea..6fa4bb3ea 100644
--- a/contrib/cygwin/ssh-user-config
+++ b/contrib/cygwin/ssh-user-config
@@ -127,7 +127,7 @@ readonly -f check_user_homedir
127check_user_dot_ssh_dir() { 127check_user_dot_ssh_dir() {
128 if [ -e "${pwdhome}/.ssh" -a ! -d "${pwdhome}/.ssh" ] 128 if [ -e "${pwdhome}/.ssh" -a ! -d "${pwdhome}/.ssh" ]
129 then 129 then
130 csih_error "${pwdhome}/.ssh is existant but not a directory. Cannot create user identity files." 130 csih_error "${pwdhome}/.ssh is existent but not a directory. Cannot create user identity files."
131 fi 131 fi
132 132
133 if [ ! -e "${pwdhome}/.ssh" ] 133 if [ ! -e "${pwdhome}/.ssh" ]
diff --git a/contrib/redhat/openssh.spec b/contrib/redhat/openssh.spec
index a0d5e2071..8e9594d9c 100644
--- a/contrib/redhat/openssh.spec
+++ b/contrib/redhat/openssh.spec
@@ -1,4 +1,4 @@
1%define ver 7.7p1 1%define ver 7.8p1
2%define rel 1%{?dist} 2%define rel 1%{?dist}
3 3
4# OpenSSH privilege separation requires a user & group ID 4# OpenSSH privilege separation requires a user & group ID
diff --git a/contrib/solaris/README b/contrib/solaris/README
index fefdd4b53..cabecaa1a 100644
--- a/contrib/solaris/README
+++ b/contrib/solaris/README
@@ -5,7 +5,7 @@ SVR4 style package tools.
5 5
6The build process is called a 'dummy install'.. Which means the software does 6The build process is called a 'dummy install'.. Which means the software does
7a "make install-nokeys DESTDIR=[fakeroot]". This way all manpages should 7a "make install-nokeys DESTDIR=[fakeroot]". This way all manpages should
8be handled correctly and key are defered until the first time the sshd 8be handled correctly and key are deferred until the first time the sshd
9is started. 9is started.
10 10
11Directions: 11Directions:
diff --git a/contrib/suse/openssh.spec b/contrib/suse/openssh.spec
index d9c4298f1..9a1168f01 100644
--- a/contrib/suse/openssh.spec
+++ b/contrib/suse/openssh.spec
@@ -13,7 +13,7 @@
13 13
14Summary: OpenSSH, a free Secure Shell (SSH) protocol implementation 14Summary: OpenSSH, a free Secure Shell (SSH) protocol implementation
15Name: openssh 15Name: openssh
16Version: 7.7p1 16Version: 7.8p1
17URL: https://www.openssh.com/ 17URL: https://www.openssh.com/
18Release: 1 18Release: 1
19Source0: openssh-%{version}.tar.gz 19Source0: openssh-%{version}.tar.gz
@@ -56,7 +56,7 @@ arbitrary TCP/IP ports can also be forwarded over the secure channel.
56 56
57OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it 57OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it
58up to date in terms of security and features, as well as removing all 58up to date in terms of security and features, as well as removing all
59patented algorithms to seperate libraries (OpenSSL). 59patented algorithms to separate libraries (OpenSSL).
60 60
61This package includes all files necessary for both the OpenSSH 61This package includes all files necessary for both the OpenSSH
62client and server. 62client and server.
@@ -70,7 +70,7 @@ arbitrary TCP/IP ports can also be forwarded over the secure channel.
70 70
71OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it 71OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it
72up to date in terms of security and features, as well as removing all 72up to date in terms of security and features, as well as removing all
73patented algorithms to seperate libraries (OpenSSL). 73patented algorithms to separate libraries (OpenSSL).
74 74
75This package contains an X Window System passphrase dialog for OpenSSH. 75This package contains an X Window System passphrase dialog for OpenSSH.
76 76
diff --git a/debian/.git-dpm b/debian/.git-dpm
index 40345f1a3..7cfb27f1e 100644
--- a/debian/.git-dpm
+++ b/debian/.git-dpm
@@ -1,11 +1,11 @@
1# see git-dpm(1) from git-dpm package 1# see git-dpm(1) from git-dpm package
2c4ca1497658e0508e8595ad74978c07bc92a18e3 216a47fc4b04977a14f44dd433c8da1499fa80671
3c4ca1497658e0508e8595ad74978c07bc92a18e3 316a47fc4b04977a14f44dd433c8da1499fa80671
4ed6ae9c1a014a08ff5db3d768f01f2e427eeb476 4e6547182a54f0f268ee36e7c99319eeddffbaff2
5ed6ae9c1a014a08ff5db3d768f01f2e427eeb476 5e6547182a54f0f268ee36e7c99319eeddffbaff2
6openssh_7.7p1.orig.tar.gz 6openssh_7.8p1.orig.tar.gz
7446fe9ed171f289f0d62197dffdbfdaaf21c49f2 727e267e370315561de96577fccae563bc2c37a60
81536900 81548026
9debianTag="debian/%e%%%V" 9debianTag="debian/%e%%%V"
10patchedTag="patched/%e%%%V" 10patchedTag="patched/%e%%%V"
11upstreamTag="upstream/%U" 11upstreamTag="upstream/%U"
diff --git a/debian/NEWS b/debian/NEWS
index 08e596552..dd32ef436 100644
--- a/debian/NEWS
+++ b/debian/NEWS
@@ -1,3 +1,42 @@
1openssh (1:7.8p1-1) UNRELEASED; urgency=medium
2
3 OpenSSH 7.8 includes a number of changes that may affect existing
4 configurations:
5
6 * ssh-keygen(1): Write OpenSSH format private keys by default instead of
7 using OpenSSL's PEM format. The OpenSSH format, supported in OpenSSH
8 releases since 2014 and described in the PROTOCOL.key file in the
9 source distribution, offers substantially better protection against
10 offline password guessing and supports key comments in private keys.
11 If necessary, it is possible to write old PEM-style keys by adding "-m
12 PEM" to ssh-keygen's arguments when generating or updating a key.
13 * sshd(8): Remove internal support for S/Key multiple factor
14 authentication. S/Key may still be used via PAM or BSD auth.
15 * ssh(1): Remove vestigial support for running ssh(1) as setuid. This
16 used to be required for hostbased authentication and the (long gone)
17 rhosts-style authentication, but has not been necessary for a long
18 time. Attempting to execute ssh as a setuid binary, or with uid !=
19 effective uid will now yield a fatal error at runtime.
20 * sshd(8): The semantics of PubkeyAcceptedKeyTypes and the similar
21 HostbasedAcceptedKeyTypes options have changed. These now specify
22 signature algorithms that are accepted for their respective
23 authentication mechanism, where previously they specified accepted key
24 types. This distinction matters when using the RSA/SHA2 signature
25 algorithms "rsa-sha2-256", "rsa-sha2-512" and their certificate
26 counterparts. Configurations that override these options but omit
27 these algorithm names may cause unexpected authentication failures (no
28 action is required for configurations that accept the default for these
29 options).
30 * sshd(8): The precedence of session environment variables has changed.
31 ~/.ssh/environment and environment="..." options in authorized_keys
32 files can no longer override SSH_* variables set implicitly by sshd.
33 * ssh(1)/sshd(8): The default IPQoS used by ssh/sshd has changed. They
34 will now use DSCP AF21 for interactive traffic and CS1 for bulk. For a
35 detailed rationale, please see the commit message:
36 https://cvsweb.openbsd.org/src/usr.bin/ssh/readconf.c#rev1.284
37
38 -- Colin Watson <cjwatson@debian.org> Fri, 24 Aug 2018 10:13:03 +0100
39
1openssh (1:7.6p1-1) unstable; urgency=medium 40openssh (1:7.6p1-1) unstable; urgency=medium
2 41
3 OpenSSH 7.6 includes a number of changes that may affect existing 42 OpenSSH 7.6 includes a number of changes that may affect existing
diff --git a/debian/changelog b/debian/changelog
index bef0cb443..c3502c25a 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,5 +1,106 @@
1openssh (1:7.7p1-5) UNRELEASED; urgency=medium 1openssh (1:7.8p1-1) UNRELEASED; urgency=medium
2 2
3 * New upstream release (https://www.openssh.com/txt/release-7.8, closes:
4 #907534):
5 - ssh-keygen(1): Write OpenSSH format private keys by default instead of
6 using OpenSSL's PEM format (closes: #905407). The OpenSSH format,
7 supported in OpenSSH releases since 2014 and described in the
8 PROTOCOL.key file in the source distribution, offers substantially
9 better protection against offline password guessing and supports key
10 comments in private keys. If necessary, it is possible to write old
11 PEM-style keys by adding "-m PEM" to ssh-keygen's arguments when
12 generating or updating a key.
13 - sshd(8): Remove internal support for S/Key multiple factor
14 authentication. S/Key may still be used via PAM or BSD auth.
15 - ssh(1): Remove vestigial support for running ssh(1) as setuid. This
16 used to be required for hostbased authentication and the (long gone)
17 rhosts-style authentication, but has not been necessary for a long
18 time. Attempting to execute ssh as a setuid binary, or with uid !=
19 effective uid will now yield a fatal error at runtime.
20 - sshd(8): The semantics of PubkeyAcceptedKeyTypes and the similar
21 HostbasedAcceptedKeyTypes options have changed. These now specify
22 signature algorithms that are accepted for their respective
23 authentication mechanism, where previously they specified accepted key
24 types. This distinction matters when using the RSA/SHA2 signature
25 algorithms "rsa-sha2-256", "rsa-sha2-512" and their certificate
26 counterparts. Configurations that override these options but omit
27 these algorithm names may cause unexpected authentication failures (no
28 action is required for configurations that accept the default for
29 these options).
30 - sshd(8): The precedence of session environment variables has changed.
31 ~/.ssh/environment and environment="..." options in authorized_keys
32 files can no longer override SSH_* variables set implicitly by sshd.
33 - ssh(1)/sshd(8): The default IPQoS used by ssh/sshd has changed. They
34 will now use DSCP AF21 for interactive traffic and CS1 for bulk. For
35 a detailed rationale, please see the commit message:
36 https://cvsweb.openbsd.org/src/usr.bin/ssh/readconf.c#rev1.284
37 - ssh(1)/sshd(8): Add new signature algorithms "rsa-sha2-256-cert-
38 v01@openssh.com" and "rsa-sha2-512-cert-v01@openssh.com" to explicitly
39 force use of RSA/SHA2 signatures in authentication.
40 - sshd(8): Extend the PermitUserEnvironment option to accept a whitelist
41 of environment variable names in addition to global "yes" or "no"
42 settings.
43 - sshd(8): Add a PermitListen directive to sshd_config(5) and a
44 corresponding permitlisten= authorized_keys option that control which
45 listen addresses and port numbers may be used by remote forwarding
46 (ssh -R ...).
47 - sshd(8): Add some countermeasures against timing attacks used for
48 account validation/enumeration. sshd will enforce a minimum time or
49 each failed authentication attempt consisting of a global 5ms minimum
50 plus an additional per-user 0-4ms delay derived from a host secret.
51 - sshd(8): Add a SetEnv directive to allow an administrator to
52 explicitly specify environment variables in sshd_config. Variables
53 set by SetEnv override the default and client-specified environment.
54 - ssh(1): Add a SetEnv directive to request that the server sets an
55 environment variable in the session. Similar to the existing SendEnv
56 option, these variables are set subject to server configuration.
57 - ssh(1): Allow "SendEnv -PATTERN" to clear environment variables
58 previously marked for sending to the server (closes: #573316).
59 - ssh(1)/sshd(8): Make UID available as a %-expansion everywhere that
60 the username is available currently.
61 - ssh(1): Allow setting ProxyJump=none to disable ProxyJump
62 functionality.
63 - sshd(8): Avoid observable differences in request parsing that could be
64 used to determine whether a target user is valid.
65 - ssh(1)/sshd(8): Fix some memory leaks.
66 - ssh(1): Fix a pwent clobber (introduced in openssh-7.7) that could
67 occur during key loading, manifesting as crash on some platforms.
68 - sshd_config(5): Clarify documentation for AuthenticationMethods
69 option.
70 - ssh(1): Ensure that the public key algorithm sent in a public key
71 SSH_MSG_USERAUTH_REQUEST matches the content of the signature blob.
72 Previously, these could be inconsistent when a legacy or non-OpenSSH
73 ssh-agent returned a RSA/SHA1 signature when asked to make a RSA/SHA2
74 signature.
75 - sshd(8): Fix failures to read authorized_keys caused by faulty
76 supplemental group caching.
77 - scp(1): Apply umask to directories, fixing potential mkdir/chmod race
78 when copying directory trees.
79 - ssh-keygen(1): Return correct exit code when searching for and hashing
80 known_hosts entries in a single operation.
81 - ssh(1): Prefer the ssh binary pointed to via argv[0] to $PATH when
82 re-executing ssh for ProxyJump.
83 - sshd(8): Do not ban PTY allocation when a sshd session is restricted
84 because the user password is expired as it breaks password change
85 dialog.
86 - ssh(1)/sshd(8): Fix error reporting from select() failures.
87 - ssh(1): Improve documentation for -w (tunnel) flag, emphasising that
88 -w implicitly sets Tunnel=point-to-point.
89 - ssh-agent(1): Implement EMFILE mitigation for ssh-agent. ssh-agent
90 will no longer spin when its file descriptor limit is exceeded.
91 - ssh(1)/sshd(8): Disable SSH2_MSG_DEBUG messages for Twisted Conch
92 clients. Twisted Conch versions that lack a version number in their
93 identification strings will mishandle these messages when running on
94 Python 2.x (https://twistedmatrix.com/trac/ticket/9422).
95 - sftp(1): Notify user immediately when underlying ssh process dies
96 expectedly.
97 - ssh(1)/sshd(8): Fix tunnel forwarding; regression in 7.7 release.
98 - ssh-agent(1): Don't kill ssh-agent's listening socket entirely if it
99 fails to accept(2) a connection.
100 - ssh(1): Add some missing options in the configuration dump output (ssh
101 -G).
102 - sshd(8): Expose details of completed authentication to PAM auth
103 modules via SSH_AUTH_INFO_0 in the PAM environment.
3 * Switch debian/watch to HTTPS. 104 * Switch debian/watch to HTTPS.
4 105
5 -- Colin Watson <cjwatson@debian.org> Fri, 24 Aug 2018 10:13:03 +0100 106 -- Colin Watson <cjwatson@debian.org> Fri, 24 Aug 2018 10:13:03 +0100
diff --git a/debian/patches/authorized-keys-man-symlink.patch b/debian/patches/authorized-keys-man-symlink.patch
index b5a1ea191..ad2890400 100644
--- a/debian/patches/authorized-keys-man-symlink.patch
+++ b/debian/patches/authorized-keys-man-symlink.patch
@@ -1,4 +1,4 @@
1From 66488db1ed04b4ca150ec530ed212fa46a653c1a Mon Sep 17 00:00:00 2001 1From 153278a21da639b5ad965632485f79ea4ac5e705 Mon Sep 17 00:00:00 2001
2From: Tomas Pospisek <tpo_deb@sourcepole.ch> 2From: Tomas Pospisek <tpo_deb@sourcepole.ch>
3Date: Sun, 9 Feb 2014 16:10:07 +0000 3Date: Sun, 9 Feb 2014 16:10:07 +0000
4Subject: Install authorized_keys(5) as a symlink to sshd(8) 4Subject: Install authorized_keys(5) as a symlink to sshd(8)
@@ -13,10 +13,10 @@ Patch-Name: authorized-keys-man-symlink.patch
13 1 file changed, 1 insertion(+) 13 1 file changed, 1 insertion(+)
14 14
15diff --git a/Makefile.in b/Makefile.in 15diff --git a/Makefile.in b/Makefile.in
16index 6f3f042b1..1afb4f798 100644 16index 6175c6063..0ee0285f6 100644
17--- a/Makefile.in 17--- a/Makefile.in
18+++ b/Makefile.in 18+++ b/Makefile.in
19@@ -352,6 +352,7 @@ install-files: 19@@ -356,6 +356,7 @@ install-files:
20 $(INSTALL) -m 644 sshd_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/sshd_config.5 20 $(INSTALL) -m 644 sshd_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/sshd_config.5
21 $(INSTALL) -m 644 ssh_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/ssh_config.5 21 $(INSTALL) -m 644 ssh_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/ssh_config.5
22 $(INSTALL) -m 644 sshd.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/sshd.8 22 $(INSTALL) -m 644 sshd.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/sshd.8
diff --git a/debian/patches/debian-banner.patch b/debian/patches/debian-banner.patch
index 9062918f6..98d97dce8 100644
--- a/debian/patches/debian-banner.patch
+++ b/debian/patches/debian-banner.patch
@@ -1,4 +1,4 @@
1From 9ec4db016a0510c449f9cefeb3299c2e755698c7 Mon Sep 17 00:00:00 2001 1From 905ffae23105d59b013aac809da6195d231b0395 Mon Sep 17 00:00:00 2001
2From: Kees Cook <kees@debian.org> 2From: Kees Cook <kees@debian.org>
3Date: Sun, 9 Feb 2014 16:10:06 +0000 3Date: Sun, 9 Feb 2014 16:10:06 +0000
4Subject: Add DebianBanner server configuration option 4Subject: Add DebianBanner server configuration option
@@ -8,7 +8,7 @@ initial protocol handshake, for those scared by package-versioning.patch.
8 8
9Bug-Debian: http://bugs.debian.org/562048 9Bug-Debian: http://bugs.debian.org/562048
10Forwarded: not-needed 10Forwarded: not-needed
11Last-Update: 2018-04-03 11Last-Update: 2018-08-24
12 12
13Patch-Name: debian-banner.patch 13Patch-Name: debian-banner.patch
14--- 14---
@@ -19,10 +19,10 @@ Patch-Name: debian-banner.patch
19 4 files changed, 18 insertions(+), 1 deletion(-) 19 4 files changed, 18 insertions(+), 1 deletion(-)
20 20
21diff --git a/servconf.c b/servconf.c 21diff --git a/servconf.c b/servconf.c
22index 3fff3d531..0a8f6fd62 100644 22index e49984a81..bb43a649c 100644
23--- a/servconf.c 23--- a/servconf.c
24+++ b/servconf.c 24+++ b/servconf.c
25@@ -177,6 +177,7 @@ initialize_server_options(ServerOptions *options) 25@@ -181,6 +181,7 @@ initialize_server_options(ServerOptions *options)
26 options->fingerprint_hash = -1; 26 options->fingerprint_hash = -1;
27 options->disable_forwarding = -1; 27 options->disable_forwarding = -1;
28 options->expose_userauth_info = -1; 28 options->expose_userauth_info = -1;
@@ -30,7 +30,7 @@ index 3fff3d531..0a8f6fd62 100644
30 } 30 }
31 31
32 /* Returns 1 if a string option is unset or set to "none" or 0 otherwise. */ 32 /* Returns 1 if a string option is unset or set to "none" or 0 otherwise. */
33@@ -393,6 +394,8 @@ fill_default_server_options(ServerOptions *options) 33@@ -413,6 +414,8 @@ fill_default_server_options(ServerOptions *options)
34 options->disable_forwarding = 0; 34 options->disable_forwarding = 0;
35 if (options->expose_userauth_info == -1) 35 if (options->expose_userauth_info == -1)
36 options->expose_userauth_info = 0; 36 options->expose_userauth_info = 0;
@@ -39,7 +39,7 @@ index 3fff3d531..0a8f6fd62 100644
39 39
40 assemble_algorithms(options); 40 assemble_algorithms(options);
41 41
42@@ -480,6 +483,7 @@ typedef enum { 42@@ -500,6 +503,7 @@ typedef enum {
43 sStreamLocalBindMask, sStreamLocalBindUnlink, 43 sStreamLocalBindMask, sStreamLocalBindUnlink,
44 sAllowStreamLocalForwarding, sFingerprintHash, sDisableForwarding, 44 sAllowStreamLocalForwarding, sFingerprintHash, sDisableForwarding,
45 sExposeAuthInfo, sRDomain, 45 sExposeAuthInfo, sRDomain,
@@ -47,7 +47,7 @@ index 3fff3d531..0a8f6fd62 100644
47 sDeprecated, sIgnore, sUnsupported 47 sDeprecated, sIgnore, sUnsupported
48 } ServerOpCodes; 48 } ServerOpCodes;
49 49
50@@ -634,6 +638,7 @@ static struct { 50@@ -656,6 +660,7 @@ static struct {
51 { "disableforwarding", sDisableForwarding, SSHCFG_ALL }, 51 { "disableforwarding", sDisableForwarding, SSHCFG_ALL },
52 { "exposeauthinfo", sExposeAuthInfo, SSHCFG_ALL }, 52 { "exposeauthinfo", sExposeAuthInfo, SSHCFG_ALL },
53 { "rdomain", sRDomain, SSHCFG_ALL }, 53 { "rdomain", sRDomain, SSHCFG_ALL },
@@ -55,7 +55,7 @@ index 3fff3d531..0a8f6fd62 100644
55 { NULL, sBadOption, 0 } 55 { NULL, sBadOption, 0 }
56 }; 56 };
57 57
58@@ -2056,6 +2061,10 @@ process_server_config_line(ServerOptions *options, char *line, 58@@ -2164,6 +2169,10 @@ process_server_config_line(ServerOptions *options, char *line,
59 *charptr = xstrdup(arg); 59 *charptr = xstrdup(arg);
60 break; 60 break;
61 61
@@ -67,20 +67,20 @@ index 3fff3d531..0a8f6fd62 100644
67 case sIgnore: 67 case sIgnore:
68 case sUnsupported: 68 case sUnsupported:
69diff --git a/servconf.h b/servconf.h 69diff --git a/servconf.h b/servconf.h
70index 5dfc9bc02..b0fa70455 100644 70index 9b117fe27..76098119b 100644
71--- a/servconf.h 71--- a/servconf.h
72+++ b/servconf.h 72+++ b/servconf.h
73@@ -211,6 +211,8 @@ typedef struct { 73@@ -211,6 +211,8 @@ typedef struct {
74
75 int fingerprint_hash; 74 int fingerprint_hash;
76 int expose_userauth_info; 75 int expose_userauth_info;
76 u_int64_t timing_secret;
77+ 77+
78+ int debian_banner; 78+ int debian_banner;
79 } ServerOptions; 79 } ServerOptions;
80 80
81 /* Information about the incoming connection as used by Match */ 81 /* Information about the incoming connection as used by Match */
82diff --git a/sshd.c b/sshd.c 82diff --git a/sshd.c b/sshd.c
83index 9a7f5495c..1d645a170 100644 83index ffd3dad6a..698593605 100644
84--- a/sshd.c 84--- a/sshd.c
85+++ b/sshd.c 85+++ b/sshd.c
86@@ -384,7 +384,8 @@ sshd_exchange_identification(struct ssh *ssh, int sock_in, int sock_out) 86@@ -384,7 +384,8 @@ sshd_exchange_identification(struct ssh *ssh, int sock_in, int sock_out)
@@ -94,10 +94,10 @@ index 9a7f5495c..1d645a170 100644
94 options.version_addendum); 94 options.version_addendum);
95 95
96diff --git a/sshd_config.5 b/sshd_config.5 96diff --git a/sshd_config.5 b/sshd_config.5
97index 1a1c6dd09..45044a70f 100644 97index 0fbbccbde..96a69ab55 100644
98--- a/sshd_config.5 98--- a/sshd_config.5
99+++ b/sshd_config.5 99+++ b/sshd_config.5
100@@ -531,6 +531,11 @@ or 100@@ -532,6 +532,11 @@ or
101 .Cm no . 101 .Cm no .
102 The default is 102 The default is
103 .Cm yes . 103 .Cm yes .
diff --git a/debian/patches/debian-config.patch b/debian/patches/debian-config.patch
index be6d7df30..fd86d5a4d 100644
--- a/debian/patches/debian-config.patch
+++ b/debian/patches/debian-config.patch
@@ -1,4 +1,4 @@
1From e8e09061f8168f6f105f56fca10b6cd61b9f587a Mon Sep 17 00:00:00 2001 1From 157278376c0eb6e4de3d47e8573684095a230685 Mon Sep 17 00:00:00 2001
2From: Colin Watson <cjwatson@debian.org> 2From: Colin Watson <cjwatson@debian.org>
3Date: Sun, 9 Feb 2014 16:10:18 +0000 3Date: Sun, 9 Feb 2014 16:10:18 +0000
4Subject: Various Debian-specific configuration changes 4Subject: Various Debian-specific configuration changes
@@ -39,10 +39,10 @@ Patch-Name: debian-config.patch
39 6 files changed, 77 insertions(+), 9 deletions(-) 39 6 files changed, 77 insertions(+), 9 deletions(-)
40 40
41diff --git a/readconf.c b/readconf.c 41diff --git a/readconf.c b/readconf.c
42index 50349e238..efcf2d628 100644 42index 3ed6dfb54..a3d42f2ae 100644
43--- a/readconf.c 43--- a/readconf.c
44+++ b/readconf.c 44+++ b/readconf.c
45@@ -1916,7 +1916,7 @@ fill_default_options(Options * options) 45@@ -1974,7 +1974,7 @@ fill_default_options(Options * options)
46 if (options->forward_x11 == -1) 46 if (options->forward_x11 == -1)
47 options->forward_x11 = 0; 47 options->forward_x11 = 0;
48 if (options->forward_x11_trusted == -1) 48 if (options->forward_x11_trusted == -1)
@@ -52,10 +52,10 @@ index 50349e238..efcf2d628 100644
52 options->forward_x11_timeout = 1200; 52 options->forward_x11_timeout = 1200;
53 /* 53 /*
54diff --git a/ssh.1 b/ssh.1 54diff --git a/ssh.1 b/ssh.1
55index f8fc26d2a..8a03db952 100644 55index 0a8e63f51..ba55aa665 100644
56--- a/ssh.1 56--- a/ssh.1
57+++ b/ssh.1 57+++ b/ssh.1
58@@ -768,6 +768,16 @@ directive in 58@@ -772,6 +772,16 @@ directive in
59 .Xr ssh_config 5 59 .Xr ssh_config 5
60 for more information. 60 for more information.
61 .Pp 61 .Pp
@@ -72,7 +72,7 @@ index f8fc26d2a..8a03db952 100644
72 .It Fl x 72 .It Fl x
73 Disables X11 forwarding. 73 Disables X11 forwarding.
74 .Pp 74 .Pp
75@@ -776,6 +786,17 @@ Enables trusted X11 forwarding. 75@@ -780,6 +790,17 @@ Enables trusted X11 forwarding.
76 Trusted X11 forwardings are not subjected to the X11 SECURITY extension 76 Trusted X11 forwardings are not subjected to the X11 SECURITY extension
77 controls. 77 controls.
78 .Pp 78 .Pp
@@ -114,7 +114,7 @@ index bcb9f153d..1b676fb2c 100644
114+ HashKnownHosts yes 114+ HashKnownHosts yes
115+ GSSAPIAuthentication yes 115+ GSSAPIAuthentication yes
116diff --git a/ssh_config.5 b/ssh_config.5 116diff --git a/ssh_config.5 b/ssh_config.5
117index ca0528842..ed6e5d026 100644 117index cb68f51a6..35c578c3b 100644
118--- a/ssh_config.5 118--- a/ssh_config.5
119+++ b/ssh_config.5 119+++ b/ssh_config.5
120@@ -71,6 +71,22 @@ Since the first obtained value for each parameter is used, more 120@@ -71,6 +71,22 @@ Since the first obtained value for each parameter is used, more
@@ -140,7 +140,7 @@ index ca0528842..ed6e5d026 100644
140 The file contains keyword-argument pairs, one per line. 140 The file contains keyword-argument pairs, one per line.
141 Lines starting with 141 Lines starting with
142 .Ql # 142 .Ql #
143@@ -690,11 +706,12 @@ elapsed. 143@@ -681,11 +697,12 @@ elapsed.
144 .It Cm ForwardX11Trusted 144 .It Cm ForwardX11Trusted
145 If this option is set to 145 If this option is set to
146 .Cm yes , 146 .Cm yes ,
@@ -155,7 +155,7 @@ index ca0528842..ed6e5d026 100644
155 from stealing or tampering with data belonging to trusted X11 155 from stealing or tampering with data belonging to trusted X11
156 clients. 156 clients.
157diff --git a/sshd_config b/sshd_config 157diff --git a/sshd_config b/sshd_config
158index 86263d713..de9cc9fe2 100644 158index 2c48105f8..ed8272f6d 100644
159--- a/sshd_config 159--- a/sshd_config
160+++ b/sshd_config 160+++ b/sshd_config
161@@ -57,8 +57,9 @@ AuthorizedKeysFile .ssh/authorized_keys 161@@ -57,8 +57,9 @@ AuthorizedKeysFile .ssh/authorized_keys
@@ -189,8 +189,8 @@ index 86263d713..de9cc9fe2 100644
189+PrintMotd no 189+PrintMotd no
190 #PrintLastLog yes 190 #PrintLastLog yes
191 #TCPKeepAlive yes 191 #TCPKeepAlive yes
192 #UseLogin no 192 #PermitUserEnvironment no
193@@ -108,8 +109,11 @@ AuthorizedKeysFile .ssh/authorized_keys 193@@ -107,8 +108,11 @@ AuthorizedKeysFile .ssh/authorized_keys
194 # no default banner path 194 # no default banner path
195 #Banner none 195 #Banner none
196 196
@@ -204,7 +204,7 @@ index 86263d713..de9cc9fe2 100644
204 # Example of overriding settings on a per-user basis 204 # Example of overriding settings on a per-user basis
205 #Match User anoncvs 205 #Match User anoncvs
206diff --git a/sshd_config.5 b/sshd_config.5 206diff --git a/sshd_config.5 b/sshd_config.5
207index 44b918463..4c7ee4254 100644 207index 9774831fe..15b82e84d 100644
208--- a/sshd_config.5 208--- a/sshd_config.5
209+++ b/sshd_config.5 209+++ b/sshd_config.5
210@@ -56,6 +56,28 @@ Arguments may optionally be enclosed in double quotes 210@@ -56,6 +56,28 @@ Arguments may optionally be enclosed in double quotes
diff --git a/debian/patches/dnssec-sshfp.patch b/debian/patches/dnssec-sshfp.patch
index 6c2ebf173..6e90d402c 100644
--- a/debian/patches/dnssec-sshfp.patch
+++ b/debian/patches/dnssec-sshfp.patch
@@ -1,4 +1,4 @@
1From 8c11a03efd47de883b52838735d6890ca8d4d9f8 Mon Sep 17 00:00:00 2001 1From 298716354cedb77d8e3672a2157d63e15a778d64 Mon Sep 17 00:00:00 2001
2From: Colin Watson <cjwatson@debian.org> 2From: Colin Watson <cjwatson@debian.org>
3Date: Sun, 9 Feb 2014 16:10:01 +0000 3Date: Sun, 9 Feb 2014 16:10:01 +0000
4Subject: Force use of DNSSEC even if "options edns0" isn't in resolv.conf 4Subject: Force use of DNSSEC even if "options edns0" isn't in resolv.conf
diff --git a/debian/patches/doc-hash-tab-completion.patch b/debian/patches/doc-hash-tab-completion.patch
index 599b8c0f6..2b7936a5d 100644
--- a/debian/patches/doc-hash-tab-completion.patch
+++ b/debian/patches/doc-hash-tab-completion.patch
@@ -1,4 +1,4 @@
1From 6765f629a8f5416b133d26e023a201193c33d8b5 Mon Sep 17 00:00:00 2001 1From c1af61a47620c9f50efb53774139c308410f9296 Mon Sep 17 00:00:00 2001
2From: Colin Watson <cjwatson@debian.org> 2From: Colin Watson <cjwatson@debian.org>
3Date: Sun, 9 Feb 2014 16:10:11 +0000 3Date: Sun, 9 Feb 2014 16:10:11 +0000
4Subject: Document that HashKnownHosts may break tab-completion 4Subject: Document that HashKnownHosts may break tab-completion
@@ -13,10 +13,10 @@ Patch-Name: doc-hash-tab-completion.patch
13 1 file changed, 3 insertions(+) 13 1 file changed, 3 insertions(+)
14 14
15diff --git a/ssh_config.5 b/ssh_config.5 15diff --git a/ssh_config.5 b/ssh_config.5
16index 84dcd52cc..ca0528842 100644 16index 03341a229..cb68f51a6 100644
17--- a/ssh_config.5 17--- a/ssh_config.5
18+++ b/ssh_config.5 18+++ b/ssh_config.5
19@@ -784,6 +784,9 @@ Note that existing names and addresses in known hosts files 19@@ -775,6 +775,9 @@ Note that existing names and addresses in known hosts files
20 will not be converted automatically, 20 will not be converted automatically,
21 but may be manually hashed using 21 but may be manually hashed using
22 .Xr ssh-keygen 1 . 22 .Xr ssh-keygen 1 .
diff --git a/debian/patches/gnome-ssh-askpass2-icon.patch b/debian/patches/gnome-ssh-askpass2-icon.patch
index 3a4a5c896..eb212da29 100644
--- a/debian/patches/gnome-ssh-askpass2-icon.patch
+++ b/debian/patches/gnome-ssh-askpass2-icon.patch
@@ -1,4 +1,4 @@
1From 4ccb07d2ebea1b01b56a455790224ce97a0b36e8 Mon Sep 17 00:00:00 2001 1From cae89cd0edc9d656661ea05b7ecca4c9a9ba4d77 Mon Sep 17 00:00:00 2001
2From: Vincent Untz <vuntz@ubuntu.com> 2From: Vincent Untz <vuntz@ubuntu.com>
3Date: Sun, 9 Feb 2014 16:10:16 +0000 3Date: Sun, 9 Feb 2014 16:10:16 +0000
4Subject: Give the ssh-askpass-gnome window a default icon 4Subject: Give the ssh-askpass-gnome window a default icon
diff --git a/debian/patches/gssapi.patch b/debian/patches/gssapi.patch
index d47b0a796..25edd5cbe 100644
--- a/debian/patches/gssapi.patch
+++ b/debian/patches/gssapi.patch
@@ -1,4 +1,4 @@
1From cb427e23bf78d65407c78d868c4ef525dbfaa68f Mon Sep 17 00:00:00 2001 1From e6c7c11ac2576ac62334616bd4408bf64140bba7 Mon Sep 17 00:00:00 2001
2From: Simon Wilkinson <simon@sxw.org.uk> 2From: Simon Wilkinson <simon@sxw.org.uk>
3Date: Sun, 9 Feb 2014 16:09:48 +0000 3Date: Sun, 9 Feb 2014 16:09:48 +0000
4Subject: GSSAPI key exchange support 4Subject: GSSAPI key exchange support
@@ -17,7 +17,7 @@ have it merged into the main openssh package rather than having separate
17security history. 17security history.
18 18
19Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1242 19Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1242
20Last-Updated: 2017-10-04 20Last-Updated: 2018-08-24
21 21
22Patch-Name: gssapi.patch 22Patch-Name: gssapi.patch
23--- 23---
@@ -25,23 +25,23 @@ Patch-Name: gssapi.patch
25 Makefile.in | 3 +- 25 Makefile.in | 3 +-
26 auth-krb5.c | 17 ++- 26 auth-krb5.c | 17 ++-
27 auth.c | 96 +------------- 27 auth.c | 96 +-------------
28 auth2-gss.c | 49 ++++++- 28 auth2-gss.c | 54 +++++++-
29 auth2.c | 2 + 29 auth2.c | 2 +
30 canohost.c | 93 +++++++++++++ 30 canohost.c | 93 +++++++++++++
31 canohost.h | 3 + 31 canohost.h | 3 +
32 clientloop.c | 15 ++- 32 clientloop.c | 15 ++-
33 config.h.in | 6 + 33 config.h.in | 6 +
34 configure.ac | 24 ++++ 34 configure.ac | 24 ++++
35 gss-genr.c | 275 +++++++++++++++++++++++++++++++++++++- 35 gss-genr.c | 277 +++++++++++++++++++++++++++++++++++++-
36 gss-serv-krb5.c | 85 +++++++++++- 36 gss-serv-krb5.c | 85 +++++++++++-
37 gss-serv.c | 184 ++++++++++++++++++++++++-- 37 gss-serv.c | 184 ++++++++++++++++++++++++--
38 kex.c | 19 +++ 38 kex.c | 19 +++
39 kex.h | 14 ++ 39 kex.h | 14 ++
40 kexgssc.c | 338 +++++++++++++++++++++++++++++++++++++++++++++++ 40 kexgssc.c | 338 +++++++++++++++++++++++++++++++++++++++++++++++
41 kexgsss.c | 295 +++++++++++++++++++++++++++++++++++++++++ 41 kexgsss.c | 295 +++++++++++++++++++++++++++++++++++++++++
42 monitor.c | 115 ++++++++++++++-- 42 monitor.c | 122 +++++++++++++++--
43 monitor.h | 3 + 43 monitor.h | 3 +
44 monitor_wrap.c | 47 ++++++- 44 monitor_wrap.c | 53 +++++++-
45 monitor_wrap.h | 4 +- 45 monitor_wrap.h | 4 +-
46 readconf.c | 43 ++++++ 46 readconf.c | 43 ++++++
47 readconf.h | 5 + 47 readconf.h | 5 +
@@ -50,13 +50,13 @@ Patch-Name: gssapi.patch
50 ssh-gss.h | 41 +++++- 50 ssh-gss.h | 41 +++++-
51 ssh_config | 2 + 51 ssh_config | 2 +
52 ssh_config.5 | 32 +++++ 52 ssh_config.5 | 32 +++++
53 sshconnect2.c | 131 +++++++++++++++++- 53 sshconnect2.c | 133 ++++++++++++++++++-
54 sshd.c | 112 +++++++++++++++- 54 sshd.c | 112 +++++++++++++++-
55 sshd_config | 2 + 55 sshd_config | 2 +
56 sshd_config.5 | 10 ++ 56 sshd_config.5 | 10 ++
57 sshkey.c | 3 +- 57 sshkey.c | 3 +-
58 sshkey.h | 1 + 58 sshkey.h | 1 +
59 35 files changed, 2063 insertions(+), 147 deletions(-) 59 35 files changed, 2087 insertions(+), 145 deletions(-)
60 create mode 100644 ChangeLog.gssapi 60 create mode 100644 ChangeLog.gssapi
61 create mode 100644 kexgssc.c 61 create mode 100644 kexgssc.c
62 create mode 100644 kexgsss.c 62 create mode 100644 kexgsss.c
@@ -181,7 +181,7 @@ index 000000000..f117a336a
181+ (from jbasney AT ncsa.uiuc.edu) 181+ (from jbasney AT ncsa.uiuc.edu)
182+ <gssapi-with-mic support is Bugzilla #1008> 182+ <gssapi-with-mic support is Bugzilla #1008>
183diff --git a/Makefile.in b/Makefile.in 183diff --git a/Makefile.in b/Makefile.in
184index 04e1c8e53..6f3f042b1 100644 184index 2385c62a8..6175c6063 100644
185--- a/Makefile.in 185--- a/Makefile.in
186+++ b/Makefile.in 186+++ b/Makefile.in
187@@ -100,6 +100,7 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ 187@@ -100,6 +100,7 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \
@@ -193,7 +193,7 @@ index 04e1c8e53..6f3f042b1 100644
193 193
194 SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \ 194 SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \
195@@ -113,7 +114,7 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o \ 195@@ -113,7 +114,7 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o \
196 auth-skey.o auth-bsdauth.o auth2-hostbased.o auth2-kbdint.o \ 196 auth-bsdauth.o auth2-hostbased.o auth2-kbdint.o \
197 auth2-none.o auth2-passwd.o auth2-pubkey.o \ 197 auth2-none.o auth2-passwd.o auth2-pubkey.o \
198 monitor.o monitor_wrap.o auth-krb5.o \ 198 monitor.o monitor_wrap.o auth-krb5.o \
199- auth2-gss.o gss-serv.o gss-serv-krb5.o \ 199- auth2-gss.o gss-serv.o gss-serv-krb5.o \
@@ -202,7 +202,7 @@ index 04e1c8e53..6f3f042b1 100644
202 sftp-server.o sftp-common.o \ 202 sftp-server.o sftp-common.o \
203 sandbox-null.o sandbox-rlimit.o sandbox-systrace.o sandbox-darwin.o \ 203 sandbox-null.o sandbox-rlimit.o sandbox-systrace.o sandbox-darwin.o \
204diff --git a/auth-krb5.c b/auth-krb5.c 204diff --git a/auth-krb5.c b/auth-krb5.c
205index a5a81ed2e..38e7fee21 100644 205index 3096f1c8e..204752e1b 100644
206--- a/auth-krb5.c 206--- a/auth-krb5.c
207+++ b/auth-krb5.c 207+++ b/auth-krb5.c
208@@ -182,8 +182,13 @@ auth_krb5_password(Authctxt *authctxt, const char *password) 208@@ -182,8 +182,13 @@ auth_krb5_password(Authctxt *authctxt, const char *password)
@@ -253,10 +253,10 @@ index a5a81ed2e..38e7fee21 100644
253 return (krb5_cc_resolve(ctx, ccname, ccache)); 253 return (krb5_cc_resolve(ctx, ccname, ccache));
254 } 254 }
255diff --git a/auth.c b/auth.c 255diff --git a/auth.c b/auth.c
256index 63366768a..76d586e31 100644 256index 9a3bc96f1..80eb78c48 100644
257--- a/auth.c 257--- a/auth.c
258+++ b/auth.c 258+++ b/auth.c
259@@ -396,7 +396,8 @@ auth_root_allowed(struct ssh *ssh, const char *method) 259@@ -395,7 +395,8 @@ auth_root_allowed(struct ssh *ssh, const char *method)
260 case PERMIT_NO_PASSWD: 260 case PERMIT_NO_PASSWD:
261 if (strcmp(method, "publickey") == 0 || 261 if (strcmp(method, "publickey") == 0 ||
262 strcmp(method, "hostbased") == 0 || 262 strcmp(method, "hostbased") == 0 ||
@@ -266,7 +266,7 @@ index 63366768a..76d586e31 100644
266 return 1; 266 return 1;
267 break; 267 break;
268 case PERMIT_FORCED_ONLY: 268 case PERMIT_FORCED_ONLY:
269@@ -728,99 +729,6 @@ fakepw(void) 269@@ -733,99 +734,6 @@ fakepw(void)
270 return (&fake); 270 return (&fake);
271 } 271 }
272 272
@@ -367,11 +367,11 @@ index 63366768a..76d586e31 100644
367 * Return the canonical name of the host in the other side of the current 367 * Return the canonical name of the host in the other side of the current
368 * connection. The host name is cached, so it is efficient to call this 368 * connection. The host name is cached, so it is efficient to call this
369diff --git a/auth2-gss.c b/auth2-gss.c 369diff --git a/auth2-gss.c b/auth2-gss.c
370index 589283b72..fd411d3a7 100644 370index 9351e0428..1f12bb113 100644
371--- a/auth2-gss.c 371--- a/auth2-gss.c
372+++ b/auth2-gss.c 372+++ b/auth2-gss.c
373@@ -1,7 +1,7 @@ 373@@ -1,7 +1,7 @@
374 /* $OpenBSD: auth2-gss.c,v 1.26 2017/06/24 06:34:38 djm Exp $ */ 374 /* $OpenBSD: auth2-gss.c,v 1.29 2018/07/31 03:10:27 djm Exp $ */
375 375
376 /* 376 /*
377- * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. 377- * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
@@ -379,7 +379,7 @@ index 589283b72..fd411d3a7 100644
379 * 379 *
380 * Redistribution and use in source and binary forms, with or without 380 * Redistribution and use in source and binary forms, with or without
381 * modification, are permitted provided that the following conditions 381 * modification, are permitted provided that the following conditions
382@@ -53,6 +53,41 @@ static int input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh); 382@@ -54,6 +54,46 @@ static int input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh);
383 static int input_gssapi_exchange_complete(int type, u_int32_t plen, struct ssh *ssh); 383 static int input_gssapi_exchange_complete(int type, u_int32_t plen, struct ssh *ssh);
384 static int input_gssapi_errtok(int, u_int32_t, struct ssh *); 384 static int input_gssapi_errtok(int, u_int32_t, struct ssh *);
385 385
@@ -390,21 +390,26 @@ index 589283b72..fd411d3a7 100644
390+userauth_gsskeyex(struct ssh *ssh) 390+userauth_gsskeyex(struct ssh *ssh)
391+{ 391+{
392+ Authctxt *authctxt = ssh->authctxt; 392+ Authctxt *authctxt = ssh->authctxt;
393+ int authenticated = 0; 393+ int r, authenticated = 0;
394+ Buffer b; 394+ struct sshbuf *b;
395+ gss_buffer_desc mic, gssbuf; 395+ gss_buffer_desc mic, gssbuf;
396+ u_int len; 396+ u_char *p;
397+ 397+ size_t len;
398+ mic.value = packet_get_string(&len); 398+
399+ if ((r = sshpkt_get_string(ssh, &p, &len)) != 0 ||
400+ (r = sshpkt_get_end(ssh)) != 0)
401+ fatal("%s: %s", __func__, ssh_err(r));
402+ if ((b = sshbuf_new()) == NULL)
403+ fatal("%s: sshbuf_new failed", __func__);
404+ mic.value = p;
399+ mic.length = len; 405+ mic.length = len;
400+ 406+
401+ packet_check_eom(); 407+ ssh_gssapi_buildmic(b, authctxt->user, authctxt->service,
402+
403+ ssh_gssapi_buildmic(&b, authctxt->user, authctxt->service,
404+ "gssapi-keyex"); 408+ "gssapi-keyex");
405+ 409+
406+ gssbuf.value = buffer_ptr(&b); 410+ if ((gssbuf.value = sshbuf_mutable_ptr(b)) == NULL)
407+ gssbuf.length = buffer_len(&b); 411+ fatal("%s: sshbuf_mutable_ptr failed", __func__);
412+ gssbuf.length = sshbuf_len(b);
408+ 413+
409+ /* gss_kex_context is NULL with privsep, so we can't check it here */ 414+ /* gss_kex_context is NULL with privsep, so we can't check it here */
410+ if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gss_kex_context, 415+ if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gss_kex_context,
@@ -412,7 +417,7 @@ index 589283b72..fd411d3a7 100644
412+ authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user, 417+ authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user,
413+ authctxt->pw)); 418+ authctxt->pw));
414+ 419+
415+ buffer_free(&b); 420+ sshbuf_free(b);
416+ free(mic.value); 421+ free(mic.value);
417+ 422+
418+ return (authenticated); 423+ return (authenticated);
@@ -421,9 +426,9 @@ index 589283b72..fd411d3a7 100644
421 /* 426 /*
422 * We only support those mechanisms that we know about (ie ones that we know 427 * We only support those mechanisms that we know about (ie ones that we know
423 * how to check local user kuserok and the like) 428 * how to check local user kuserok and the like)
424@@ -240,7 +275,8 @@ input_gssapi_exchange_complete(int type, u_int32_t plen, struct ssh *ssh) 429@@ -260,7 +300,8 @@ input_gssapi_exchange_complete(int type, u_int32_t plen, struct ssh *ssh)
425 430 if ((r = sshpkt_get_end(ssh)) != 0)
426 packet_check_eom(); 431 fatal("%s: %s", __func__, ssh_err(r));
427 432
428- authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user)); 433- authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user));
429+ authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user, 434+ authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user,
@@ -431,8 +436,8 @@ index 589283b72..fd411d3a7 100644
431 436
432 if ((!use_privsep || mm_is_monitor()) && 437 if ((!use_privsep || mm_is_monitor()) &&
433 (displayname = ssh_gssapi_displayname()) != NULL) 438 (displayname = ssh_gssapi_displayname()) != NULL)
434@@ -281,7 +317,8 @@ input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh) 439@@ -306,7 +347,8 @@ input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh)
435 gssbuf.length = buffer_len(&b); 440 gssbuf.length = sshbuf_len(b);
436 441
437 if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gssctxt, &gssbuf, &mic)))) 442 if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gssctxt, &gssbuf, &mic))))
438- authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user)); 443- authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user));
@@ -441,7 +446,7 @@ index 589283b72..fd411d3a7 100644
441 else 446 else
442 logit("GSSAPI MIC check failed"); 447 logit("GSSAPI MIC check failed");
443 448
444@@ -301,6 +338,12 @@ input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh) 449@@ -326,6 +368,12 @@ input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh)
445 return 0; 450 return 0;
446 } 451 }
447 452
@@ -455,10 +460,10 @@ index 589283b72..fd411d3a7 100644
455 "gssapi-with-mic", 460 "gssapi-with-mic",
456 userauth_gssapi, 461 userauth_gssapi,
457diff --git a/auth2.c b/auth2.c 462diff --git a/auth2.c b/auth2.c
458index e0034229a..c34f58c45 100644 463index ab8795895..96efe164c 100644
459--- a/auth2.c 464--- a/auth2.c
460+++ b/auth2.c 465+++ b/auth2.c
461@@ -72,6 +72,7 @@ extern Authmethod method_passwd; 466@@ -74,6 +74,7 @@ extern Authmethod method_passwd;
462 extern Authmethod method_kbdint; 467 extern Authmethod method_kbdint;
463 extern Authmethod method_hostbased; 468 extern Authmethod method_hostbased;
464 #ifdef GSSAPI 469 #ifdef GSSAPI
@@ -466,7 +471,7 @@ index e0034229a..c34f58c45 100644
466 extern Authmethod method_gssapi; 471 extern Authmethod method_gssapi;
467 #endif 472 #endif
468 473
469@@ -79,6 +80,7 @@ Authmethod *authmethods[] = { 474@@ -81,6 +82,7 @@ Authmethod *authmethods[] = {
470 &method_none, 475 &method_none,
471 &method_pubkey, 476 &method_pubkey,
472 #ifdef GSSAPI 477 #ifdef GSSAPI
@@ -593,7 +598,7 @@ index 26d62855a..0cadc9f18 100644
593 int get_peer_port(int); 598 int get_peer_port(int);
594 char *get_local_ipaddr(int); 599 char *get_local_ipaddr(int);
595diff --git a/clientloop.c b/clientloop.c 600diff --git a/clientloop.c b/clientloop.c
596index 7bcf22e38..ef803e985 100644 601index ad35cb7ba..e69c5141f 100644
597--- a/clientloop.c 602--- a/clientloop.c
598+++ b/clientloop.c 603+++ b/clientloop.c
599@@ -112,6 +112,10 @@ 604@@ -112,6 +112,10 @@
@@ -607,7 +612,7 @@ index 7bcf22e38..ef803e985 100644
607 /* import options */ 612 /* import options */
608 extern Options options; 613 extern Options options;
609 614
610@@ -1335,9 +1339,18 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg, 615@@ -1357,9 +1361,18 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg,
611 break; 616 break;
612 617
613 /* Do channel operations unless rekeying in progress. */ 618 /* Do channel operations unless rekeying in progress. */
@@ -628,10 +633,10 @@ index 7bcf22e38..ef803e985 100644
628 client_process_net_input(readset); 633 client_process_net_input(readset);
629 634
630diff --git a/config.h.in b/config.h.in 635diff --git a/config.h.in b/config.h.in
631index 572087407..4c9545c78 100644 636index 7940b4c86..93295da07 100644
632--- a/config.h.in 637--- a/config.h.in
633+++ b/config.h.in 638+++ b/config.h.in
634@@ -1746,6 +1746,9 @@ 639@@ -1749,6 +1749,9 @@
635 /* Use btmp to log bad logins */ 640 /* Use btmp to log bad logins */
636 #undef USE_BTMP 641 #undef USE_BTMP
637 642
@@ -641,7 +646,7 @@ index 572087407..4c9545c78 100644
641 /* Use libedit for sftp */ 646 /* Use libedit for sftp */
642 #undef USE_LIBEDIT 647 #undef USE_LIBEDIT
643 648
644@@ -1761,6 +1764,9 @@ 649@@ -1764,6 +1767,9 @@
645 /* Use PIPES instead of a socketpair() */ 650 /* Use PIPES instead of a socketpair() */
646 #undef USE_PIPES 651 #undef USE_PIPES
647 652
@@ -652,10 +657,10 @@ index 572087407..4c9545c78 100644
652 #undef USE_SOLARIS_PRIVS 657 #undef USE_SOLARIS_PRIVS
653 658
654diff --git a/configure.ac b/configure.ac 659diff --git a/configure.ac b/configure.ac
655index 663062bef..1cd5eab6c 100644 660index 83e530750..82428b241 100644
656--- a/configure.ac 661--- a/configure.ac
657+++ b/configure.ac 662+++ b/configure.ac
658@@ -664,6 +664,30 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) 663@@ -673,6 +673,30 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
659 [Use tunnel device compatibility to OpenBSD]) 664 [Use tunnel device compatibility to OpenBSD])
660 AC_DEFINE([SSH_TUN_PREPEND_AF], [1], 665 AC_DEFINE([SSH_TUN_PREPEND_AF], [1],
661 [Prepend the address family to IP tunnel traffic]) 666 [Prepend the address family to IP tunnel traffic])
@@ -687,11 +692,11 @@ index 663062bef..1cd5eab6c 100644
687 AC_CHECK_DECL([AU_IPv4], [], 692 AC_CHECK_DECL([AU_IPv4], [],
688 AC_DEFINE([AU_IPv4], [0], [System only supports IPv4 audit records]) 693 AC_DEFINE([AU_IPv4], [0], [System only supports IPv4 audit records])
689diff --git a/gss-genr.c b/gss-genr.c 694diff --git a/gss-genr.c b/gss-genr.c
690index 62559ed9e..0b3ae073c 100644 695index d56257b4a..285fc29a5 100644
691--- a/gss-genr.c 696--- a/gss-genr.c
692+++ b/gss-genr.c 697+++ b/gss-genr.c
693@@ -1,7 +1,7 @@ 698@@ -1,7 +1,7 @@
694 /* $OpenBSD: gss-genr.c,v 1.24 2016/09/12 01:22:38 deraadt Exp $ */ 699 /* $OpenBSD: gss-genr.c,v 1.26 2018/07/10 09:13:30 djm Exp $ */
695 700
696 /* 701 /*
697- * Copyright (c) 2001-2007 Simon Wilkinson. All rights reserved. 702- * Copyright (c) 2001-2007 Simon Wilkinson. All rights reserved.
@@ -699,12 +704,11 @@ index 62559ed9e..0b3ae073c 100644
699 * 704 *
700 * Redistribution and use in source and binary forms, with or without 705 * Redistribution and use in source and binary forms, with or without
701 * modification, are permitted provided that the following conditions 706 * modification, are permitted provided that the following conditions
702@@ -40,12 +40,167 @@ 707@@ -41,12 +41,34 @@
703 #include "buffer.h" 708 #include "sshbuf.h"
704 #include "log.h" 709 #include "log.h"
705 #include "ssh2.h" 710 #include "ssh2.h"
706+#include "cipher.h" 711+#include "cipher.h"
707+#include "key.h"
708+#include "kex.h" 712+#include "kex.h"
709+#include <openssl/evp.h> 713+#include <openssl/evp.h>
710 714
@@ -732,6 +736,13 @@ index 62559ed9e..0b3ae073c 100644
732+ return (gss_enc2oid != NULL); 736+ return (gss_enc2oid != NULL);
733+} 737+}
734+ 738+
739 /* sshbuf_get for gss_buffer_desc */
740 int
741 ssh_gssapi_get_buffer_desc(struct sshbuf *b, gss_buffer_desc *g)
742@@ -62,6 +84,141 @@ ssh_gssapi_get_buffer_desc(struct sshbuf *b, gss_buffer_desc *g)
743 return 0;
744 }
745
735+/* 746+/*
736+ * Return a list of the gss-group1-sha1 mechanisms supported by this program 747+ * Return a list of the gss-group1-sha1 mechanisms supported by this program
737+ * 748+ *
@@ -754,9 +765,9 @@ index 62559ed9e..0b3ae073c 100644
754+char * 765+char *
755+ssh_gssapi_kex_mechs(gss_OID_set gss_supported, ssh_gssapi_check_fn *check, 766+ssh_gssapi_kex_mechs(gss_OID_set gss_supported, ssh_gssapi_check_fn *check,
756+ const char *host, const char *client) { 767+ const char *host, const char *client) {
757+ Buffer buf; 768+ struct sshbuf *buf;
758+ size_t i; 769+ size_t i;
759+ int oidpos, enclen; 770+ int r, oidpos, enclen;
760+ char *mechs, *encoded; 771+ char *mechs, *encoded;
761+ u_char digest[EVP_MAX_MD_SIZE]; 772+ u_char digest[EVP_MAX_MD_SIZE];
762+ char deroid[2]; 773+ char deroid[2];
@@ -772,7 +783,8 @@ index 62559ed9e..0b3ae073c 100644
772+ gss_enc2oid = xmalloc(sizeof(ssh_gss_kex_mapping) * 783+ gss_enc2oid = xmalloc(sizeof(ssh_gss_kex_mapping) *
773+ (gss_supported->count + 1)); 784+ (gss_supported->count + 1));
774+ 785+
775+ buffer_init(&buf); 786+ if ((buf = sshbuf_new()) == NULL)
787+ fatal("%s: sshbuf_new failed", __func__);
776+ 788+
777+ oidpos = 0; 789+ oidpos = 0;
778+ for (i = 0; i < gss_supported->count; i++) { 790+ for (i = 0; i < gss_supported->count; i++) {
@@ -793,20 +805,25 @@ index 62559ed9e..0b3ae073c 100644
793+ enclen = __b64_ntop(digest, EVP_MD_size(evp_md), 805+ enclen = __b64_ntop(digest, EVP_MD_size(evp_md),
794+ encoded, EVP_MD_size(evp_md) * 2); 806+ encoded, EVP_MD_size(evp_md) * 2);
795+ 807+
796+ if (oidpos != 0) 808+ if (oidpos != 0) {
797+ buffer_put_char(&buf, ','); 809+ if ((r = sshbuf_put_u8(buf, ',')) != 0)
798+ 810+ fatal("%s: buffer error: %s",
799+ buffer_append(&buf, KEX_GSS_GEX_SHA1_ID, 811+ __func__, ssh_err(r));
800+ sizeof(KEX_GSS_GEX_SHA1_ID) - 1); 812+ }
801+ buffer_append(&buf, encoded, enclen); 813+
802+ buffer_put_char(&buf, ','); 814+ if ((r = sshbuf_put(buf, KEX_GSS_GEX_SHA1_ID,
803+ buffer_append(&buf, KEX_GSS_GRP1_SHA1_ID, 815+ sizeof(KEX_GSS_GEX_SHA1_ID) - 1)) != 0 ||
804+ sizeof(KEX_GSS_GRP1_SHA1_ID) - 1); 816+ (r = sshbuf_put(buf, encoded, enclen)) != 0 ||
805+ buffer_append(&buf, encoded, enclen); 817+ (r = sshbuf_put_u8(buf, ',')) != 0 ||
806+ buffer_put_char(&buf, ','); 818+ (r = sshbuf_put(buf, KEX_GSS_GRP1_SHA1_ID,
807+ buffer_append(&buf, KEX_GSS_GRP14_SHA1_ID, 819+ sizeof(KEX_GSS_GRP1_SHA1_ID) - 1)) != 0 ||
808+ sizeof(KEX_GSS_GRP14_SHA1_ID) - 1); 820+ (r = sshbuf_put(buf, encoded, enclen)) != 0 ||
809+ buffer_append(&buf, encoded, enclen); 821+ (r = sshbuf_put_u8(buf, ',')) != 0 ||
822+ (r = sshbuf_put(buf, KEX_GSS_GRP14_SHA1_ID,
823+ sizeof(KEX_GSS_GRP14_SHA1_ID) - 1)) != 0 ||
824+ (r = sshbuf_put(buf, encoded, enclen)) != 0)
825+ fatal("%s: buffer error: %s",
826+ __func__, ssh_err(r));
810+ 827+
811+ gss_enc2oid[oidpos].oid = &(gss_supported->elements[i]); 828+ gss_enc2oid[oidpos].oid = &(gss_supported->elements[i]);
812+ gss_enc2oid[oidpos].encoded = encoded; 829+ gss_enc2oid[oidpos].encoded = encoded;
@@ -816,11 +833,8 @@ index 62559ed9e..0b3ae073c 100644
816+ gss_enc2oid[oidpos].oid = NULL; 833+ gss_enc2oid[oidpos].oid = NULL;
817+ gss_enc2oid[oidpos].encoded = NULL; 834+ gss_enc2oid[oidpos].encoded = NULL;
818+ 835+
819+ buffer_put_char(&buf, '\0'); 836+ if ((mechs = sshbuf_dup_string(buf)) == NULL)
820+ 837+ fatal("%s: sshbuf_dup_string failed", __func__);
821+ mechs = xmalloc(buffer_len(&buf));
822+ buffer_get(&buf, mechs, buffer_len(&buf));
823+ buffer_free(&buf);
824+ 838+
825+ if (strlen(mechs) == 0) { 839+ if (strlen(mechs) == 0) {
826+ free(mechs); 840+ free(mechs);
@@ -867,7 +881,7 @@ index 62559ed9e..0b3ae073c 100644
867 /* Check that the OID in a data stream matches that in the context */ 881 /* Check that the OID in a data stream matches that in the context */
868 int 882 int
869 ssh_gssapi_check_oid(Gssctxt *ctx, void *data, size_t len) 883 ssh_gssapi_check_oid(Gssctxt *ctx, void *data, size_t len)
870@@ -198,7 +353,7 @@ ssh_gssapi_init_ctx(Gssctxt *ctx, int deleg_creds, gss_buffer_desc *recv_tok, 884@@ -218,7 +375,7 @@ ssh_gssapi_init_ctx(Gssctxt *ctx, int deleg_creds, gss_buffer_desc *recv_tok,
871 } 885 }
872 886
873 ctx->major = gss_init_sec_context(&ctx->minor, 887 ctx->major = gss_init_sec_context(&ctx->minor,
@@ -876,7 +890,7 @@ index 62559ed9e..0b3ae073c 100644
876 GSS_C_MUTUAL_FLAG | GSS_C_INTEG_FLAG | deleg_flag, 890 GSS_C_MUTUAL_FLAG | GSS_C_INTEG_FLAG | deleg_flag,
877 0, NULL, recv_tok, NULL, send_tok, flags, NULL); 891 0, NULL, recv_tok, NULL, send_tok, flags, NULL);
878 892
879@@ -227,9 +382,43 @@ ssh_gssapi_import_name(Gssctxt *ctx, const char *host) 893@@ -247,9 +404,43 @@ ssh_gssapi_import_name(Gssctxt *ctx, const char *host)
880 return (ctx->major); 894 return (ctx->major);
881 } 895 }
882 896
@@ -920,7 +934,7 @@ index 62559ed9e..0b3ae073c 100644
920 if ((ctx->major = gss_get_mic(&ctx->minor, ctx->context, 934 if ((ctx->major = gss_get_mic(&ctx->minor, ctx->context,
921 GSS_C_QOP_DEFAULT, buffer, hash))) 935 GSS_C_QOP_DEFAULT, buffer, hash)))
922 ssh_gssapi_error(ctx); 936 ssh_gssapi_error(ctx);
923@@ -237,6 +426,19 @@ ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_t buffer, gss_buffer_t hash) 937@@ -257,6 +448,19 @@ ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_t buffer, gss_buffer_t hash)
924 return (ctx->major); 938 return (ctx->major);
925 } 939 }
926 940
@@ -938,9 +952,9 @@ index 62559ed9e..0b3ae073c 100644
938+} 952+}
939+ 953+
940 void 954 void
941 ssh_gssapi_buildmic(Buffer *b, const char *user, const char *service, 955 ssh_gssapi_buildmic(struct sshbuf *b, const char *user, const char *service,
942 const char *context) 956 const char *context)
943@@ -250,11 +452,16 @@ ssh_gssapi_buildmic(Buffer *b, const char *user, const char *service, 957@@ -273,11 +477,16 @@ ssh_gssapi_buildmic(struct sshbuf *b, const char *user, const char *service,
944 } 958 }
945 959
946 int 960 int
@@ -958,7 +972,7 @@ index 62559ed9e..0b3ae073c 100644
958 972
959 /* RFC 4462 says we MUST NOT do SPNEGO */ 973 /* RFC 4462 says we MUST NOT do SPNEGO */
960 if (oid->length == spnego_oid.length && 974 if (oid->length == spnego_oid.length &&
961@@ -264,6 +471,10 @@ ssh_gssapi_check_mechanism(Gssctxt **ctx, gss_OID oid, const char *host) 975@@ -287,6 +496,10 @@ ssh_gssapi_check_mechanism(Gssctxt **ctx, gss_OID oid, const char *host)
962 ssh_gssapi_build_ctx(ctx); 976 ssh_gssapi_build_ctx(ctx);
963 ssh_gssapi_set_oid(*ctx, oid); 977 ssh_gssapi_set_oid(*ctx, oid);
964 major = ssh_gssapi_import_name(*ctx, host); 978 major = ssh_gssapi_import_name(*ctx, host);
@@ -969,7 +983,7 @@ index 62559ed9e..0b3ae073c 100644
969 if (!GSS_ERROR(major)) { 983 if (!GSS_ERROR(major)) {
970 major = ssh_gssapi_init_ctx(*ctx, 0, GSS_C_NO_BUFFER, &token, 984 major = ssh_gssapi_init_ctx(*ctx, 0, GSS_C_NO_BUFFER, &token,
971 NULL); 985 NULL);
972@@ -273,10 +484,66 @@ ssh_gssapi_check_mechanism(Gssctxt **ctx, gss_OID oid, const char *host) 986@@ -296,10 +509,66 @@ ssh_gssapi_check_mechanism(Gssctxt **ctx, gss_OID oid, const char *host)
973 GSS_C_NO_BUFFER); 987 GSS_C_NO_BUFFER);
974 } 988 }
975 989
@@ -1038,11 +1052,11 @@ index 62559ed9e..0b3ae073c 100644
1038+ 1052+
1039 #endif /* GSSAPI */ 1053 #endif /* GSSAPI */
1040diff --git a/gss-serv-krb5.c b/gss-serv-krb5.c 1054diff --git a/gss-serv-krb5.c b/gss-serv-krb5.c
1041index 795992d9f..fd8b37183 100644 1055index a151bc1e4..90f8692f5 100644
1042--- a/gss-serv-krb5.c 1056--- a/gss-serv-krb5.c
1043+++ b/gss-serv-krb5.c 1057+++ b/gss-serv-krb5.c
1044@@ -1,7 +1,7 @@ 1058@@ -1,7 +1,7 @@
1045 /* $OpenBSD: gss-serv-krb5.c,v 1.8 2013/07/20 01:55:13 djm Exp $ */ 1059 /* $OpenBSD: gss-serv-krb5.c,v 1.9 2018/07/09 21:37:55 markus Exp $ */
1046 1060
1047 /* 1061 /*
1048- * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. 1062- * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
@@ -1050,7 +1064,7 @@ index 795992d9f..fd8b37183 100644
1050 * 1064 *
1051 * Redistribution and use in source and binary forms, with or without 1065 * Redistribution and use in source and binary forms, with or without
1052 * modification, are permitted provided that the following conditions 1066 * modification, are permitted provided that the following conditions
1053@@ -121,8 +121,8 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client) 1067@@ -120,8 +120,8 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client)
1054 krb5_error_code problem; 1068 krb5_error_code problem;
1055 krb5_principal princ; 1069 krb5_principal princ;
1056 OM_uint32 maj_status, min_status; 1070 OM_uint32 maj_status, min_status;
@@ -1060,7 +1074,7 @@ index 795992d9f..fd8b37183 100644
1060 1074
1061 if (client->creds == NULL) { 1075 if (client->creds == NULL) {
1062 debug("No credentials stored"); 1076 debug("No credentials stored");
1063@@ -181,11 +181,16 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client) 1077@@ -180,11 +180,16 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client)
1064 return; 1078 return;
1065 } 1079 }
1066 1080
@@ -1081,7 +1095,7 @@ index 795992d9f..fd8b37183 100644
1081 1095
1082 #ifdef USE_PAM 1096 #ifdef USE_PAM
1083 if (options.use_pam) 1097 if (options.use_pam)
1084@@ -197,6 +202,71 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client) 1098@@ -196,6 +201,71 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client)
1085 return; 1099 return;
1086 } 1100 }
1087 1101
@@ -1153,7 +1167,7 @@ index 795992d9f..fd8b37183 100644
1153 ssh_gssapi_mech gssapi_kerberos_mech = { 1167 ssh_gssapi_mech gssapi_kerberos_mech = {
1154 "toWM5Slw5Ew8Mqkay+al2g==", 1168 "toWM5Slw5Ew8Mqkay+al2g==",
1155 "Kerberos", 1169 "Kerberos",
1156@@ -204,7 +274,8 @@ ssh_gssapi_mech gssapi_kerberos_mech = { 1170@@ -203,7 +273,8 @@ ssh_gssapi_mech gssapi_kerberos_mech = {
1157 NULL, 1171 NULL,
1158 &ssh_gssapi_krb5_userok, 1172 &ssh_gssapi_krb5_userok,
1159 NULL, 1173 NULL,
@@ -1164,11 +1178,11 @@ index 795992d9f..fd8b37183 100644
1164 1178
1165 #endif /* KRB5 */ 1179 #endif /* KRB5 */
1166diff --git a/gss-serv.c b/gss-serv.c 1180diff --git a/gss-serv.c b/gss-serv.c
1167index 6cae720e5..967c6cfbc 100644 1181index ab3a15f0f..6c087a1b1 100644
1168--- a/gss-serv.c 1182--- a/gss-serv.c
1169+++ b/gss-serv.c 1183+++ b/gss-serv.c
1170@@ -1,7 +1,7 @@ 1184@@ -1,7 +1,7 @@
1171 /* $OpenBSD: gss-serv.c,v 1.30 2017/06/24 06:34:38 djm Exp $ */ 1185 /* $OpenBSD: gss-serv.c,v 1.31 2018/07/09 21:37:55 markus Exp $ */
1172 1186
1173 /* 1187 /*
1174- * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. 1188- * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
@@ -1176,7 +1190,7 @@ index 6cae720e5..967c6cfbc 100644
1176 * 1190 *
1177 * Redistribution and use in source and binary forms, with or without 1191 * Redistribution and use in source and binary forms, with or without
1178 * modification, are permitted provided that the following conditions 1192 * modification, are permitted provided that the following conditions
1179@@ -45,17 +45,22 @@ 1193@@ -44,17 +44,22 @@
1180 #include "session.h" 1194 #include "session.h"
1181 #include "misc.h" 1195 #include "misc.h"
1182 #include "servconf.h" 1196 #include "servconf.h"
@@ -1201,7 +1215,7 @@ index 6cae720e5..967c6cfbc 100644
1201 1215
1202 #ifdef KRB5 1216 #ifdef KRB5
1203 extern ssh_gssapi_mech gssapi_kerberos_mech; 1217 extern ssh_gssapi_mech gssapi_kerberos_mech;
1204@@ -141,6 +146,28 @@ ssh_gssapi_server_ctx(Gssctxt **ctx, gss_OID oid) 1218@@ -140,6 +145,28 @@ ssh_gssapi_server_ctx(Gssctxt **ctx, gss_OID oid)
1205 return (ssh_gssapi_acquire_cred(*ctx)); 1219 return (ssh_gssapi_acquire_cred(*ctx));
1206 } 1220 }
1207 1221
@@ -1230,7 +1244,7 @@ index 6cae720e5..967c6cfbc 100644
1230 /* Unprivileged */ 1244 /* Unprivileged */
1231 void 1245 void
1232 ssh_gssapi_supported_oids(gss_OID_set *oidset) 1246 ssh_gssapi_supported_oids(gss_OID_set *oidset)
1233@@ -151,7 +178,9 @@ ssh_gssapi_supported_oids(gss_OID_set *oidset) 1247@@ -150,7 +177,9 @@ ssh_gssapi_supported_oids(gss_OID_set *oidset)
1234 gss_OID_set supported; 1248 gss_OID_set supported;
1235 1249
1236 gss_create_empty_oid_set(&min_status, oidset); 1250 gss_create_empty_oid_set(&min_status, oidset);
@@ -1241,7 +1255,7 @@ index 6cae720e5..967c6cfbc 100644
1241 1255
1242 while (supported_mechs[i]->name != NULL) { 1256 while (supported_mechs[i]->name != NULL) {
1243 if (GSS_ERROR(gss_test_oid_set_member(&min_status, 1257 if (GSS_ERROR(gss_test_oid_set_member(&min_status,
1244@@ -277,8 +306,48 @@ OM_uint32 1258@@ -276,8 +305,48 @@ OM_uint32
1245 ssh_gssapi_getclient(Gssctxt *ctx, ssh_gssapi_client *client) 1259 ssh_gssapi_getclient(Gssctxt *ctx, ssh_gssapi_client *client)
1246 { 1260 {
1247 int i = 0; 1261 int i = 0;
@@ -1291,7 +1305,7 @@ index 6cae720e5..967c6cfbc 100644
1291 1305
1292 client->mech = NULL; 1306 client->mech = NULL;
1293 1307
1294@@ -293,6 +362,13 @@ ssh_gssapi_getclient(Gssctxt *ctx, ssh_gssapi_client *client) 1308@@ -292,6 +361,13 @@ ssh_gssapi_getclient(Gssctxt *ctx, ssh_gssapi_client *client)
1295 if (client->mech == NULL) 1309 if (client->mech == NULL)
1296 return GSS_S_FAILURE; 1310 return GSS_S_FAILURE;
1297 1311
@@ -1305,7 +1319,7 @@ index 6cae720e5..967c6cfbc 100644
1305 if ((ctx->major = gss_display_name(&ctx->minor, ctx->client, 1319 if ((ctx->major = gss_display_name(&ctx->minor, ctx->client,
1306 &client->displayname, NULL))) { 1320 &client->displayname, NULL))) {
1307 ssh_gssapi_error(ctx); 1321 ssh_gssapi_error(ctx);
1308@@ -310,6 +386,8 @@ ssh_gssapi_getclient(Gssctxt *ctx, ssh_gssapi_client *client) 1322@@ -309,6 +385,8 @@ ssh_gssapi_getclient(Gssctxt *ctx, ssh_gssapi_client *client)
1309 return (ctx->major); 1323 return (ctx->major);
1310 } 1324 }
1311 1325
@@ -1314,7 +1328,7 @@ index 6cae720e5..967c6cfbc 100644
1314 /* We can't copy this structure, so we just move the pointer to it */ 1328 /* We can't copy this structure, so we just move the pointer to it */
1315 client->creds = ctx->client_creds; 1329 client->creds = ctx->client_creds;
1316 ctx->client_creds = GSS_C_NO_CREDENTIAL; 1330 ctx->client_creds = GSS_C_NO_CREDENTIAL;
1317@@ -357,7 +435,7 @@ ssh_gssapi_do_child(char ***envp, u_int *envsizep) 1331@@ -356,7 +434,7 @@ ssh_gssapi_do_child(char ***envp, u_int *envsizep)
1318 1332
1319 /* Privileged */ 1333 /* Privileged */
1320 int 1334 int
@@ -1323,7 +1337,7 @@ index 6cae720e5..967c6cfbc 100644
1323 { 1337 {
1324 OM_uint32 lmin; 1338 OM_uint32 lmin;
1325 1339
1326@@ -367,9 +445,11 @@ ssh_gssapi_userok(char *user) 1340@@ -366,9 +444,11 @@ ssh_gssapi_userok(char *user)
1327 return 0; 1341 return 0;
1328 } 1342 }
1329 if (gssapi_client.mech && gssapi_client.mech->userok) 1343 if (gssapi_client.mech && gssapi_client.mech->userok)
@@ -1337,7 +1351,7 @@ index 6cae720e5..967c6cfbc 100644
1337 /* Destroy delegated credentials if userok fails */ 1351 /* Destroy delegated credentials if userok fails */
1338 gss_release_buffer(&lmin, &gssapi_client.displayname); 1352 gss_release_buffer(&lmin, &gssapi_client.displayname);
1339 gss_release_buffer(&lmin, &gssapi_client.exportedname); 1353 gss_release_buffer(&lmin, &gssapi_client.exportedname);
1340@@ -383,14 +463,90 @@ ssh_gssapi_userok(char *user) 1354@@ -382,14 +462,90 @@ ssh_gssapi_userok(char *user)
1341 return (0); 1355 return (0);
1342 } 1356 }
1343 1357
@@ -1435,7 +1449,7 @@ index 6cae720e5..967c6cfbc 100644
1435 1449
1436 /* Privileged */ 1450 /* Privileged */
1437diff --git a/kex.c b/kex.c 1451diff --git a/kex.c b/kex.c
1438index 15ea28b07..6cc2935fe 100644 1452index 25f9f66f6..fb5bfaea5 100644
1439--- a/kex.c 1453--- a/kex.c
1440+++ b/kex.c 1454+++ b/kex.c
1441@@ -54,6 +54,10 @@ 1455@@ -54,6 +54,10 @@
@@ -1475,7 +1489,7 @@ index 15ea28b07..6cc2935fe 100644
1475 return NULL; 1489 return NULL;
1476 } 1490 }
1477 1491
1478@@ -599,6 +615,9 @@ kex_free(struct kex *kex) 1492@@ -653,6 +669,9 @@ kex_free(struct kex *kex)
1479 sshbuf_free(kex->peer); 1493 sshbuf_free(kex->peer);
1480 sshbuf_free(kex->my); 1494 sshbuf_free(kex->my);
1481 free(kex->session_id); 1495 free(kex->session_id);
@@ -1486,10 +1500,10 @@ index 15ea28b07..6cc2935fe 100644
1486 free(kex->server_version_string); 1500 free(kex->server_version_string);
1487 free(kex->failed_choice); 1501 free(kex->failed_choice);
1488diff --git a/kex.h b/kex.h 1502diff --git a/kex.h b/kex.h
1489index 01bb3986a..a708e4868 100644 1503index 593de1208..4e5ead839 100644
1490--- a/kex.h 1504--- a/kex.h
1491+++ b/kex.h 1505+++ b/kex.h
1492@@ -99,6 +99,9 @@ enum kex_exchange { 1506@@ -100,6 +100,9 @@ enum kex_exchange {
1493 KEX_DH_GEX_SHA256, 1507 KEX_DH_GEX_SHA256,
1494 KEX_ECDH_SHA2, 1508 KEX_ECDH_SHA2,
1495 KEX_C25519_SHA256, 1509 KEX_C25519_SHA256,
@@ -1499,7 +1513,7 @@ index 01bb3986a..a708e4868 100644
1499 KEX_MAX 1513 KEX_MAX
1500 }; 1514 };
1501 1515
1502@@ -147,6 +150,12 @@ struct kex { 1516@@ -148,6 +151,12 @@ struct kex {
1503 u_int flags; 1517 u_int flags;
1504 int hash_alg; 1518 int hash_alg;
1505 int ec_nid; 1519 int ec_nid;
@@ -1512,7 +1526,7 @@ index 01bb3986a..a708e4868 100644
1512 char *client_version_string; 1526 char *client_version_string;
1513 char *server_version_string; 1527 char *server_version_string;
1514 char *failed_choice; 1528 char *failed_choice;
1515@@ -197,6 +206,11 @@ int kexecdh_server(struct ssh *); 1529@@ -198,6 +207,11 @@ int kexecdh_server(struct ssh *);
1516 int kexc25519_client(struct ssh *); 1530 int kexc25519_client(struct ssh *);
1517 int kexc25519_server(struct ssh *); 1531 int kexc25519_server(struct ssh *);
1518 1532
@@ -1526,7 +1540,7 @@ index 01bb3986a..a708e4868 100644
1526 const BIGNUM *, const BIGNUM *, const BIGNUM *, u_char *, size_t *); 1540 const BIGNUM *, const BIGNUM *, const BIGNUM *, u_char *, size_t *);
1527diff --git a/kexgssc.c b/kexgssc.c 1541diff --git a/kexgssc.c b/kexgssc.c
1528new file mode 100644 1542new file mode 100644
1529index 000000000..10447f2b0 1543index 000000000..953c0a248
1530--- /dev/null 1544--- /dev/null
1531+++ b/kexgssc.c 1545+++ b/kexgssc.c
1532@@ -0,0 +1,338 @@ 1546@@ -0,0 +1,338 @@
@@ -1566,9 +1580,9 @@ index 000000000..10447f2b0
1566+#include <string.h> 1580+#include <string.h>
1567+ 1581+
1568+#include "xmalloc.h" 1582+#include "xmalloc.h"
1569+#include "buffer.h" 1583+#include "sshbuf.h"
1570+#include "ssh2.h" 1584+#include "ssh2.h"
1571+#include "key.h" 1585+#include "sshkey.h"
1572+#include "cipher.h" 1586+#include "cipher.h"
1573+#include "kex.h" 1587+#include "kex.h"
1574+#include "log.h" 1588+#include "log.h"
@@ -1805,8 +1819,8 @@ index 000000000..10447f2b0
1805+ ssh->kex->hash_alg, 1819+ ssh->kex->hash_alg,
1806+ ssh->kex->client_version_string, 1820+ ssh->kex->client_version_string,
1807+ ssh->kex->server_version_string, 1821+ ssh->kex->server_version_string,
1808+ buffer_ptr(ssh->kex->my), buffer_len(ssh->kex->my), 1822+ sshbuf_ptr(ssh->kex->my), sshbuf_len(ssh->kex->my),
1809+ buffer_ptr(ssh->kex->peer), buffer_len(ssh->kex->peer), 1823+ sshbuf_ptr(ssh->kex->peer), sshbuf_len(ssh->kex->peer),
1810+ (serverhostkey ? serverhostkey : empty), slen, 1824+ (serverhostkey ? serverhostkey : empty), slen,
1811+ dh->pub_key, /* e */ 1825+ dh->pub_key, /* e */
1812+ dh_server_pub, /* f */ 1826+ dh_server_pub, /* f */
@@ -1819,8 +1833,8 @@ index 000000000..10447f2b0
1819+ ssh->kex->hash_alg, 1833+ ssh->kex->hash_alg,
1820+ ssh->kex->client_version_string, 1834+ ssh->kex->client_version_string,
1821+ ssh->kex->server_version_string, 1835+ ssh->kex->server_version_string,
1822+ buffer_ptr(ssh->kex->my), buffer_len(ssh->kex->my), 1836+ sshbuf_ptr(ssh->kex->my), sshbuf_len(ssh->kex->my),
1823+ buffer_ptr(ssh->kex->peer), buffer_len(ssh->kex->peer), 1837+ sshbuf_ptr(ssh->kex->peer), sshbuf_len(ssh->kex->peer),
1824+ (serverhostkey ? serverhostkey : empty), slen, 1838+ (serverhostkey ? serverhostkey : empty), slen,
1825+ min, nbits, max, 1839+ min, nbits, max,
1826+ dh->p, dh->g, 1840+ dh->p, dh->g,
@@ -1870,7 +1884,7 @@ index 000000000..10447f2b0
1870+#endif /* GSSAPI */ 1884+#endif /* GSSAPI */
1871diff --git a/kexgsss.c b/kexgsss.c 1885diff --git a/kexgsss.c b/kexgsss.c
1872new file mode 100644 1886new file mode 100644
1873index 000000000..38ca082ba 1887index 000000000..31ec6a890
1874--- /dev/null 1888--- /dev/null
1875+++ b/kexgsss.c 1889+++ b/kexgsss.c
1876@@ -0,0 +1,295 @@ 1890@@ -0,0 +1,295 @@
@@ -1908,9 +1922,9 @@ index 000000000..38ca082ba
1908+#include <openssl/bn.h> 1922+#include <openssl/bn.h>
1909+ 1923+
1910+#include "xmalloc.h" 1924+#include "xmalloc.h"
1911+#include "buffer.h" 1925+#include "sshbuf.h"
1912+#include "ssh2.h" 1926+#include "ssh2.h"
1913+#include "key.h" 1927+#include "sshkey.h"
1914+#include "cipher.h" 1928+#include "cipher.h"
1915+#include "kex.h" 1929+#include "kex.h"
1916+#include "log.h" 1930+#include "log.h"
@@ -2096,8 +2110,8 @@ index 000000000..38ca082ba
2096+ kex_dh_hash( 2110+ kex_dh_hash(
2097+ ssh->kex->hash_alg, 2111+ ssh->kex->hash_alg,
2098+ ssh->kex->client_version_string, ssh->kex->server_version_string, 2112+ ssh->kex->client_version_string, ssh->kex->server_version_string,
2099+ buffer_ptr(ssh->kex->peer), buffer_len(ssh->kex->peer), 2113+ sshbuf_ptr(ssh->kex->peer), sshbuf_len(ssh->kex->peer),
2100+ buffer_ptr(ssh->kex->my), buffer_len(ssh->kex->my), 2114+ sshbuf_ptr(ssh->kex->my), sshbuf_len(ssh->kex->my),
2101+ NULL, 0, /* Change this if we start sending host keys */ 2115+ NULL, 0, /* Change this if we start sending host keys */
2102+ dh_client_pub, dh->pub_key, shared_secret, 2116+ dh_client_pub, dh->pub_key, shared_secret,
2103+ hash, &hashlen 2117+ hash, &hashlen
@@ -2107,8 +2121,8 @@ index 000000000..38ca082ba
2107+ kexgex_hash( 2121+ kexgex_hash(
2108+ ssh->kex->hash_alg, 2122+ ssh->kex->hash_alg,
2109+ ssh->kex->client_version_string, ssh->kex->server_version_string, 2123+ ssh->kex->client_version_string, ssh->kex->server_version_string,
2110+ buffer_ptr(ssh->kex->peer), buffer_len(ssh->kex->peer), 2124+ sshbuf_ptr(ssh->kex->peer), sshbuf_len(ssh->kex->peer),
2111+ buffer_ptr(ssh->kex->my), buffer_len(ssh->kex->my), 2125+ sshbuf_ptr(ssh->kex->my), sshbuf_len(ssh->kex->my),
2112+ NULL, 0, 2126+ NULL, 0,
2113+ min, nbits, max, 2127+ min, nbits, max,
2114+ dh->p, dh->g, 2128+ dh->p, dh->g,
@@ -2170,19 +2184,19 @@ index 000000000..38ca082ba
2170+} 2184+}
2171+#endif /* GSSAPI */ 2185+#endif /* GSSAPI */
2172diff --git a/monitor.c b/monitor.c 2186diff --git a/monitor.c b/monitor.c
2173index c68e1b0d9..868fb0d2d 100644 2187index d4b4b0471..4e574a2ae 100644
2174--- a/monitor.c 2188--- a/monitor.c
2175+++ b/monitor.c 2189+++ b/monitor.c
2176@@ -158,6 +158,8 @@ int mm_answer_gss_setup_ctx(int, Buffer *); 2190@@ -143,6 +143,8 @@ int mm_answer_gss_setup_ctx(int, struct sshbuf *);
2177 int mm_answer_gss_accept_ctx(int, Buffer *); 2191 int mm_answer_gss_accept_ctx(int, struct sshbuf *);
2178 int mm_answer_gss_userok(int, Buffer *); 2192 int mm_answer_gss_userok(int, struct sshbuf *);
2179 int mm_answer_gss_checkmic(int, Buffer *); 2193 int mm_answer_gss_checkmic(int, struct sshbuf *);
2180+int mm_answer_gss_sign(int, Buffer *); 2194+int mm_answer_gss_sign(int, struct sshbuf *);
2181+int mm_answer_gss_updatecreds(int, Buffer *); 2195+int mm_answer_gss_updatecreds(int, struct sshbuf *);
2182 #endif 2196 #endif
2183 2197
2184 #ifdef SSH_AUDIT_EVENTS 2198 #ifdef SSH_AUDIT_EVENTS
2185@@ -232,11 +234,18 @@ struct mon_table mon_dispatch_proto20[] = { 2199@@ -213,11 +215,18 @@ struct mon_table mon_dispatch_proto20[] = {
2186 {MONITOR_REQ_GSSSTEP, 0, mm_answer_gss_accept_ctx}, 2200 {MONITOR_REQ_GSSSTEP, 0, mm_answer_gss_accept_ctx},
2187 {MONITOR_REQ_GSSUSEROK, MON_ONCE|MON_AUTHDECIDE, mm_answer_gss_userok}, 2201 {MONITOR_REQ_GSSUSEROK, MON_ONCE|MON_AUTHDECIDE, mm_answer_gss_userok},
2188 {MONITOR_REQ_GSSCHECKMIC, MON_ONCE, mm_answer_gss_checkmic}, 2202 {MONITOR_REQ_GSSCHECKMIC, MON_ONCE, mm_answer_gss_checkmic},
@@ -2201,7 +2215,7 @@ index c68e1b0d9..868fb0d2d 100644
2201 #ifdef WITH_OPENSSL 2215 #ifdef WITH_OPENSSL
2202 {MONITOR_REQ_MODULI, 0, mm_answer_moduli}, 2216 {MONITOR_REQ_MODULI, 0, mm_answer_moduli},
2203 #endif 2217 #endif
2204@@ -306,6 +315,10 @@ monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor) 2218@@ -287,6 +296,10 @@ monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor)
2205 /* Permit requests for moduli and signatures */ 2219 /* Permit requests for moduli and signatures */
2206 monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1); 2220 monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1);
2207 monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1); 2221 monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1);
@@ -2212,7 +2226,7 @@ index c68e1b0d9..868fb0d2d 100644
2212 2226
2213 /* The first few requests do not require asynchronous access */ 2227 /* The first few requests do not require asynchronous access */
2214 while (!authenticated) { 2228 while (!authenticated) {
2215@@ -415,6 +428,10 @@ monitor_child_postauth(struct monitor *pmonitor) 2229@@ -399,6 +412,10 @@ monitor_child_postauth(struct monitor *pmonitor)
2216 monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1); 2230 monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1);
2217 monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1); 2231 monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1);
2218 monitor_permit(mon_dispatch, MONITOR_REQ_TERM, 1); 2232 monitor_permit(mon_dispatch, MONITOR_REQ_TERM, 1);
@@ -2223,7 +2237,7 @@ index c68e1b0d9..868fb0d2d 100644
2223 2237
2224 if (auth_opts->permit_pty_flag) { 2238 if (auth_opts->permit_pty_flag) {
2225 monitor_permit(mon_dispatch, MONITOR_REQ_PTY, 1); 2239 monitor_permit(mon_dispatch, MONITOR_REQ_PTY, 1);
2226@@ -1652,6 +1669,13 @@ monitor_apply_keystate(struct monitor *pmonitor) 2240@@ -1662,6 +1679,13 @@ monitor_apply_keystate(struct monitor *pmonitor)
2227 # endif 2241 # endif
2228 #endif /* WITH_OPENSSL */ 2242 #endif /* WITH_OPENSSL */
2229 kex->kex[KEX_C25519_SHA256] = kexc25519_server; 2243 kex->kex[KEX_C25519_SHA256] = kexc25519_server;
@@ -2237,29 +2251,29 @@ index c68e1b0d9..868fb0d2d 100644
2237 kex->load_host_public_key=&get_hostkey_public_by_type; 2251 kex->load_host_public_key=&get_hostkey_public_by_type;
2238 kex->load_host_private_key=&get_hostkey_private_by_type; 2252 kex->load_host_private_key=&get_hostkey_private_by_type;
2239 kex->host_key_index=&get_hostkey_index; 2253 kex->host_key_index=&get_hostkey_index;
2240@@ -1740,8 +1764,8 @@ mm_answer_gss_setup_ctx(int sock, Buffer *m) 2254@@ -1752,8 +1776,8 @@ mm_answer_gss_setup_ctx(int sock, struct sshbuf *m)
2241 OM_uint32 major; 2255 u_char *p;
2242 u_int len; 2256 int r;
2243 2257
2244- if (!options.gss_authentication) 2258- if (!options.gss_authentication)
2245- fatal("%s: GSSAPI authentication not enabled", __func__); 2259- fatal("%s: GSSAPI authentication not enabled", __func__);
2246+ if (!options.gss_authentication && !options.gss_keyex) 2260+ if (!options.gss_authentication && !options.gss_keyex)
2247+ fatal("%s: GSSAPI not enabled", __func__); 2261+ fatal("%s: GSSAPI not enabled", __func__);
2248 2262
2249 goid.elements = buffer_get_string(m, &len); 2263 if ((r = sshbuf_get_string(m, &p, &len)) != 0)
2250 goid.length = len; 2264 fatal("%s: buffer error: %s", __func__, ssh_err(r));
2251@@ -1770,8 +1794,8 @@ mm_answer_gss_accept_ctx(int sock, Buffer *m) 2265@@ -1785,8 +1809,8 @@ mm_answer_gss_accept_ctx(int sock, struct sshbuf *m)
2252 OM_uint32 flags = 0; /* GSI needs this */ 2266 OM_uint32 flags = 0; /* GSI needs this */
2253 u_int len; 2267 int r;
2254 2268
2255- if (!options.gss_authentication) 2269- if (!options.gss_authentication)
2256- fatal("%s: GSSAPI authentication not enabled", __func__); 2270- fatal("%s: GSSAPI authentication not enabled", __func__);
2257+ if (!options.gss_authentication && !options.gss_keyex) 2271+ if (!options.gss_authentication && !options.gss_keyex)
2258+ fatal("%s: GSSAPI not enabled", __func__); 2272+ fatal("%s: GSSAPI not enabled", __func__);
2259 2273
2260 in.value = buffer_get_string(m, &len); 2274 if ((r = ssh_gssapi_get_buffer_desc(m, &in)) != 0)
2261 in.length = len; 2275 fatal("%s: buffer error: %s", __func__, ssh_err(r));
2262@@ -1790,6 +1814,7 @@ mm_answer_gss_accept_ctx(int sock, Buffer *m) 2276@@ -1806,6 +1830,7 @@ mm_answer_gss_accept_ctx(int sock, struct sshbuf *m)
2263 monitor_permit(mon_dispatch, MONITOR_REQ_GSSSTEP, 0); 2277 monitor_permit(mon_dispatch, MONITOR_REQ_GSSSTEP, 0);
2264 monitor_permit(mon_dispatch, MONITOR_REQ_GSSUSEROK, 1); 2278 monitor_permit(mon_dispatch, MONITOR_REQ_GSSUSEROK, 1);
2265 monitor_permit(mon_dispatch, MONITOR_REQ_GSSCHECKMIC, 1); 2279 monitor_permit(mon_dispatch, MONITOR_REQ_GSSCHECKMIC, 1);
@@ -2267,19 +2281,19 @@ index c68e1b0d9..868fb0d2d 100644
2267 } 2281 }
2268 return (0); 2282 return (0);
2269 } 2283 }
2270@@ -1801,8 +1826,8 @@ mm_answer_gss_checkmic(int sock, Buffer *m) 2284@@ -1817,8 +1842,8 @@ mm_answer_gss_checkmic(int sock, struct sshbuf *m)
2271 OM_uint32 ret; 2285 OM_uint32 ret;
2272 u_int len; 2286 int r;
2273 2287
2274- if (!options.gss_authentication) 2288- if (!options.gss_authentication)
2275- fatal("%s: GSSAPI authentication not enabled", __func__); 2289- fatal("%s: GSSAPI authentication not enabled", __func__);
2276+ if (!options.gss_authentication && !options.gss_keyex) 2290+ if (!options.gss_authentication && !options.gss_keyex)
2277+ fatal("%s: GSSAPI not enabled", __func__); 2291+ fatal("%s: GSSAPI not enabled", __func__);
2278 2292
2279 gssbuf.value = buffer_get_string(m, &len); 2293 if ((r = ssh_gssapi_get_buffer_desc(m, &gssbuf)) != 0 ||
2280 gssbuf.length = len; 2294 (r = ssh_gssapi_get_buffer_desc(m, &mic)) != 0)
2281@@ -1831,10 +1856,11 @@ mm_answer_gss_userok(int sock, Buffer *m) 2295@@ -1847,10 +1872,11 @@ mm_answer_gss_userok(int sock, struct sshbuf *m)
2282 int authenticated; 2296 int r, authenticated;
2283 const char *displayname; 2297 const char *displayname;
2284 2298
2285- if (!options.gss_authentication) 2299- if (!options.gss_authentication)
@@ -2291,25 +2305,29 @@ index c68e1b0d9..868fb0d2d 100644
2291+ authenticated = authctxt->valid && 2305+ authenticated = authctxt->valid &&
2292+ ssh_gssapi_userok(authctxt->user, authctxt->pw); 2306+ ssh_gssapi_userok(authctxt->user, authctxt->pw);
2293 2307
2294 buffer_clear(m); 2308 sshbuf_reset(m);
2295 buffer_put_int(m, authenticated); 2309 if ((r = sshbuf_put_u32(m, authenticated)) != 0)
2296@@ -1850,5 +1876,76 @@ mm_answer_gss_userok(int sock, Buffer *m) 2310@@ -1867,5 +1893,83 @@ mm_answer_gss_userok(int sock, struct sshbuf *m)
2297 /* Monitor loop will terminate if authenticated */ 2311 /* Monitor loop will terminate if authenticated */
2298 return (authenticated); 2312 return (authenticated);
2299 } 2313 }
2300+ 2314+
2301+int 2315+int
2302+mm_answer_gss_sign(int socket, Buffer *m) 2316+mm_answer_gss_sign(int socket, struct sshbuf *m)
2303+{ 2317+{
2304+ gss_buffer_desc data; 2318+ gss_buffer_desc data;
2305+ gss_buffer_desc hash = GSS_C_EMPTY_BUFFER; 2319+ gss_buffer_desc hash = GSS_C_EMPTY_BUFFER;
2306+ OM_uint32 major, minor; 2320+ OM_uint32 major, minor;
2307+ u_int len; 2321+ size_t len;
2322+ u_char *p;
2323+ int r;
2308+ 2324+
2309+ if (!options.gss_authentication && !options.gss_keyex) 2325+ if (!options.gss_authentication && !options.gss_keyex)
2310+ fatal("%s: GSSAPI not enabled", __func__); 2326+ fatal("%s: GSSAPI not enabled", __func__);
2311+ 2327+
2312+ data.value = buffer_get_string(m, &len); 2328+ if ((r = sshbuf_get_string(m, &p, &len)) != 0)
2329+ fatal("%s: buffer error: %s", __func__, ssh_err(r));
2330+ data.value = p;
2313+ data.length = len; 2331+ data.length = len;
2314+ if (data.length != 20) 2332+ if (data.length != 20)
2315+ fatal("%s: data length incorrect: %d", __func__, 2333+ fatal("%s: data length incorrect: %d", __func__,
@@ -2325,9 +2343,10 @@ index c68e1b0d9..868fb0d2d 100644
2325+ 2343+
2326+ free(data.value); 2344+ free(data.value);
2327+ 2345+
2328+ buffer_clear(m); 2346+ sshbuf_reset(m);
2329+ buffer_put_int(m, major); 2347+ if ((r = sshbuf_put_u32(m, major)) != 0 ||
2330+ buffer_put_string(m, hash.value, hash.length); 2348+ (r = sshbuf_put_string(m, hash.value, hash.length)) != 0)
2349+ fatal("%s: buffer error: %s", __func__, ssh_err(r));
2331+ 2350+
2332+ mm_request_send(socket, MONITOR_ANS_GSSSIGN, m); 2351+ mm_request_send(socket, MONITOR_ANS_GSSSIGN, m);
2333+ 2352+
@@ -2343,16 +2362,17 @@ index c68e1b0d9..868fb0d2d 100644
2343+} 2362+}
2344+ 2363+
2345+int 2364+int
2346+mm_answer_gss_updatecreds(int socket, Buffer *m) { 2365+mm_answer_gss_updatecreds(int socket, struct sshbuf *m) {
2347+ ssh_gssapi_ccache store; 2366+ ssh_gssapi_ccache store;
2348+ int ok; 2367+ int r, ok;
2349+ 2368+
2350+ if (!options.gss_authentication && !options.gss_keyex) 2369+ if (!options.gss_authentication && !options.gss_keyex)
2351+ fatal("%s: GSSAPI not enabled", __func__); 2370+ fatal("%s: GSSAPI not enabled", __func__);
2352+ 2371+
2353+ store.filename = buffer_get_string(m, NULL); 2372+ if ((r = sshbuf_get_cstring(m, &store.filename, NULL)) != 0 ||
2354+ store.envvar = buffer_get_string(m, NULL); 2373+ (r = sshbuf_get_cstring(m, &store.envvar, NULL)) != 0 ||
2355+ store.envval = buffer_get_string(m, NULL); 2374+ (r = sshbuf_get_cstring(m, &store.envval, NULL)) != 0)
2375+ fatal("%s: buffer error: %s", __func__, ssh_err(r));
2356+ 2376+
2357+ ok = ssh_gssapi_update_creds(&store); 2377+ ok = ssh_gssapi_update_creds(&store);
2358+ 2378+
@@ -2360,8 +2380,9 @@ index c68e1b0d9..868fb0d2d 100644
2360+ free(store.envvar); 2380+ free(store.envvar);
2361+ free(store.envval); 2381+ free(store.envval);
2362+ 2382+
2363+ buffer_clear(m); 2383+ sshbuf_reset(m);
2364+ buffer_put_int(m, ok); 2384+ if ((r = sshbuf_put_u32(m, ok)) != 0)
2385+ fatal("%s: buffer error: %s", __func__, ssh_err(r));
2365+ 2386+
2366+ mm_request_send(socket, MONITOR_ANS_GSSUPCREDS, m); 2387+ mm_request_send(socket, MONITOR_ANS_GSSUPCREDS, m);
2367+ 2388+
@@ -2371,10 +2392,10 @@ index c68e1b0d9..868fb0d2d 100644
2371 #endif /* GSSAPI */ 2392 #endif /* GSSAPI */
2372 2393
2373diff --git a/monitor.h b/monitor.h 2394diff --git a/monitor.h b/monitor.h
2374index d68f67458..ec41404c7 100644 2395index 16047299f..44fbed589 100644
2375--- a/monitor.h 2396--- a/monitor.h
2376+++ b/monitor.h 2397+++ b/monitor.h
2377@@ -65,6 +65,9 @@ enum monitor_reqtype { 2398@@ -63,6 +63,9 @@ enum monitor_reqtype {
2378 MONITOR_REQ_PAM_FREE_CTX = 110, MONITOR_ANS_PAM_FREE_CTX = 111, 2399 MONITOR_REQ_PAM_FREE_CTX = 110, MONITOR_ANS_PAM_FREE_CTX = 111,
2379 MONITOR_REQ_AUDIT_EVENT = 112, MONITOR_REQ_AUDIT_COMMAND = 113, 2400 MONITOR_REQ_AUDIT_EVENT = 112, MONITOR_REQ_AUDIT_COMMAND = 113,
2380 2401
@@ -2385,19 +2406,19 @@ index d68f67458..ec41404c7 100644
2385 2406
2386 struct monitor { 2407 struct monitor {
2387diff --git a/monitor_wrap.c b/monitor_wrap.c 2408diff --git a/monitor_wrap.c b/monitor_wrap.c
2388index 9666bda4b..e749efc18 100644 2409index 732fb3476..1865a122a 100644
2389--- a/monitor_wrap.c 2410--- a/monitor_wrap.c
2390+++ b/monitor_wrap.c 2411+++ b/monitor_wrap.c
2391@@ -943,7 +943,7 @@ mm_ssh_gssapi_checkmic(Gssctxt *ctx, gss_buffer_t gssbuf, gss_buffer_t gssmic) 2412@@ -984,7 +984,7 @@ mm_ssh_gssapi_checkmic(Gssctxt *ctx, gss_buffer_t gssbuf, gss_buffer_t gssmic)
2392 } 2413 }
2393 2414
2394 int 2415 int
2395-mm_ssh_gssapi_userok(char *user) 2416-mm_ssh_gssapi_userok(char *user)
2396+mm_ssh_gssapi_userok(char *user, struct passwd *pw) 2417+mm_ssh_gssapi_userok(char *user, struct passwd *pw)
2397 { 2418 {
2398 Buffer m; 2419 struct sshbuf *m;
2399 int authenticated = 0; 2420 int r, authenticated = 0;
2400@@ -960,5 +960,50 @@ mm_ssh_gssapi_userok(char *user) 2421@@ -1003,4 +1003,55 @@ mm_ssh_gssapi_userok(char *user)
2401 debug3("%s: user %sauthenticated",__func__, authenticated ? "" : "not "); 2422 debug3("%s: user %sauthenticated",__func__, authenticated ? "" : "not ");
2402 return (authenticated); 2423 return (authenticated);
2403 } 2424 }
@@ -2405,21 +2426,23 @@ index 9666bda4b..e749efc18 100644
2405+OM_uint32 2426+OM_uint32
2406+mm_ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_desc *data, gss_buffer_desc *hash) 2427+mm_ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_desc *data, gss_buffer_desc *hash)
2407+{ 2428+{
2408+ Buffer m; 2429+ struct sshbuf *m;
2409+ OM_uint32 major; 2430+ OM_uint32 major;
2410+ u_int len; 2431+ int r;
2411+ 2432+
2412+ buffer_init(&m); 2433+ if ((m = sshbuf_new()) == NULL)
2413+ buffer_put_string(&m, data->value, data->length); 2434+ fatal("%s: sshbuf_new failed", __func__);
2435+ if ((r = sshbuf_put_string(m, data->value, data->length)) != 0)
2436+ fatal("%s: buffer error: %s", __func__, ssh_err(r));
2414+ 2437+
2415+ mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSSIGN, &m); 2438+ mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSSIGN, m);
2416+ mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_GSSSIGN, &m); 2439+ mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_GSSSIGN, m);
2417+ 2440+
2418+ major = buffer_get_int(&m); 2441+ if ((r = sshbuf_get_u32(m, &major)) != 0 ||
2419+ hash->value = buffer_get_string(&m, &len); 2442+ (r = ssh_gssapi_get_buffer_desc(m, hash)) != 0)
2420+ hash->length = len; 2443+ fatal("%s: buffer error: %s", __func__, ssh_err(r));
2421+ 2444+
2422+ buffer_free(&m); 2445+ sshbuf_free(m);
2423+ 2446+
2424+ return(major); 2447+ return(major);
2425+} 2448+}
@@ -2427,29 +2450,32 @@ index 9666bda4b..e749efc18 100644
2427+int 2450+int
2428+mm_ssh_gssapi_update_creds(ssh_gssapi_ccache *store) 2451+mm_ssh_gssapi_update_creds(ssh_gssapi_ccache *store)
2429+{ 2452+{
2430+ Buffer m; 2453+ struct sshbuf *m;
2431+ int ok; 2454+ int r, ok;
2432+ 2455+
2433+ buffer_init(&m); 2456+ if ((m = sshbuf_new()) == NULL)
2434+ 2457+ fatal("%s: sshbuf_new failed", __func__);
2435+ buffer_put_cstring(&m, store->filename ? store->filename : ""); 2458+ if ((r = sshbuf_put_cstring(m,
2436+ buffer_put_cstring(&m, store->envvar ? store->envvar : ""); 2459+ store->filename ? store->filename : "")) != 0 ||
2437+ buffer_put_cstring(&m, store->envval ? store->envval : ""); 2460+ (r = sshbuf_put_cstring(m,
2438+ 2461+ store->envvar ? store->envvar : "")) != 0 ||
2439+ mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSUPCREDS, &m); 2462+ (r = sshbuf_put_cstring(m,
2440+ mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_GSSUPCREDS, &m); 2463+ store->envval ? store->envval : "")) != 0)
2464+ fatal("%s: buffer error: %s", __func__, ssh_err(r));
2465+
2466+ mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSUPCREDS, m);
2467+ mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_GSSUPCREDS, m);
2468+
2469+ if ((r = sshbuf_get_u32(m, &ok)) != 0)
2470+ fatal("%s: buffer error: %s", __func__, ssh_err(r));
2471+ sshbuf_free(m);
2441+ 2472+
2442+ ok = buffer_get_int(&m);
2443+
2444+ buffer_free(&m);
2445+
2446+ return (ok); 2473+ return (ok);
2447+} 2474+}
2448+ 2475+
2449 #endif /* GSSAPI */ 2476 #endif /* GSSAPI */
2450
2451diff --git a/monitor_wrap.h b/monitor_wrap.h 2477diff --git a/monitor_wrap.h b/monitor_wrap.h
2452index 762332704..0970d1f87 100644 2478index 644da081d..7f93144ff 100644
2453--- a/monitor_wrap.h 2479--- a/monitor_wrap.h
2454+++ b/monitor_wrap.h 2480+++ b/monitor_wrap.h
2455@@ -60,8 +60,10 @@ int mm_sshkey_verify(const struct sshkey *, const u_char *, size_t, 2481@@ -60,8 +60,10 @@ int mm_sshkey_verify(const struct sshkey *, const u_char *, size_t,
@@ -2465,19 +2491,19 @@ index 762332704..0970d1f87 100644
2465 2491
2466 #ifdef USE_PAM 2492 #ifdef USE_PAM
2467diff --git a/readconf.c b/readconf.c 2493diff --git a/readconf.c b/readconf.c
2468index 88051db57..c8e792991 100644 2494index db5f2d547..4ad3c75fe 100644
2469--- a/readconf.c 2495--- a/readconf.c
2470+++ b/readconf.c 2496+++ b/readconf.c
2471@@ -160,6 +160,8 @@ typedef enum { 2497@@ -161,6 +161,8 @@ typedef enum {
2472 oClearAllForwardings, oNoHostAuthenticationForLocalhost, 2498 oClearAllForwardings, oNoHostAuthenticationForLocalhost,
2473 oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout, 2499 oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout,
2474 oAddressFamily, oGssAuthentication, oGssDelegateCreds, 2500 oAddressFamily, oGssAuthentication, oGssDelegateCreds,
2475+ oGssTrustDns, oGssKeyEx, oGssClientIdentity, oGssRenewalRekey, 2501+ oGssTrustDns, oGssKeyEx, oGssClientIdentity, oGssRenewalRekey,
2476+ oGssServerIdentity, 2502+ oGssServerIdentity,
2477 oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly, 2503 oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly,
2478 oSendEnv, oControlPath, oControlMaster, oControlPersist, 2504 oSendEnv, oSetEnv, oControlPath, oControlMaster, oControlPersist,
2479 oHashKnownHosts, 2505 oHashKnownHosts,
2480@@ -199,10 +201,20 @@ static struct { 2506@@ -201,10 +203,20 @@ static struct {
2481 /* Sometimes-unsupported options */ 2507 /* Sometimes-unsupported options */
2482 #if defined(GSSAPI) 2508 #if defined(GSSAPI)
2483 { "gssapiauthentication", oGssAuthentication }, 2509 { "gssapiauthentication", oGssAuthentication },
@@ -2498,7 +2524,7 @@ index 88051db57..c8e792991 100644
2498 #endif 2524 #endif
2499 #ifdef ENABLE_PKCS11 2525 #ifdef ENABLE_PKCS11
2500 { "smartcarddevice", oPKCS11Provider }, 2526 { "smartcarddevice", oPKCS11Provider },
2501@@ -950,10 +962,30 @@ parse_time: 2527@@ -973,10 +985,30 @@ parse_time:
2502 intptr = &options->gss_authentication; 2528 intptr = &options->gss_authentication;
2503 goto parse_flag; 2529 goto parse_flag;
2504 2530
@@ -2529,7 +2555,7 @@ index 88051db57..c8e792991 100644
2529 case oBatchMode: 2555 case oBatchMode:
2530 intptr = &options->batch_mode; 2556 intptr = &options->batch_mode;
2531 goto parse_flag; 2557 goto parse_flag;
2532@@ -1765,7 +1797,12 @@ initialize_options(Options * options) 2558@@ -1817,7 +1849,12 @@ initialize_options(Options * options)
2533 options->pubkey_authentication = -1; 2559 options->pubkey_authentication = -1;
2534 options->challenge_response_authentication = -1; 2560 options->challenge_response_authentication = -1;
2535 options->gss_authentication = -1; 2561 options->gss_authentication = -1;
@@ -2542,7 +2568,7 @@ index 88051db57..c8e792991 100644
2542 options->password_authentication = -1; 2568 options->password_authentication = -1;
2543 options->kbd_interactive_authentication = -1; 2569 options->kbd_interactive_authentication = -1;
2544 options->kbd_interactive_devices = NULL; 2570 options->kbd_interactive_devices = NULL;
2545@@ -1906,8 +1943,14 @@ fill_default_options(Options * options) 2571@@ -1962,8 +1999,14 @@ fill_default_options(Options * options)
2546 options->challenge_response_authentication = 1; 2572 options->challenge_response_authentication = 1;
2547 if (options->gss_authentication == -1) 2573 if (options->gss_authentication == -1)
2548 options->gss_authentication = 0; 2574 options->gss_authentication = 0;
@@ -2558,10 +2584,10 @@ index 88051db57..c8e792991 100644
2558 options->password_authentication = 1; 2584 options->password_authentication = 1;
2559 if (options->kbd_interactive_authentication == -1) 2585 if (options->kbd_interactive_authentication == -1)
2560diff --git a/readconf.h b/readconf.h 2586diff --git a/readconf.h b/readconf.h
2561index f4d9e2b26..f469daaff 100644 2587index c56887816..5ea0c296b 100644
2562--- a/readconf.h 2588--- a/readconf.h
2563+++ b/readconf.h 2589+++ b/readconf.h
2564@@ -42,7 +42,12 @@ typedef struct { 2590@@ -40,7 +40,12 @@ typedef struct {
2565 int challenge_response_authentication; 2591 int challenge_response_authentication;
2566 /* Try S/Key or TIS, authentication. */ 2592 /* Try S/Key or TIS, authentication. */
2567 int gss_authentication; /* Try GSS authentication */ 2593 int gss_authentication; /* Try GSS authentication */
@@ -2575,10 +2601,10 @@ index f4d9e2b26..f469daaff 100644
2575 * authentication. */ 2601 * authentication. */
2576 int kbd_interactive_authentication; /* Try keyboard-interactive auth. */ 2602 int kbd_interactive_authentication; /* Try keyboard-interactive auth. */
2577diff --git a/servconf.c b/servconf.c 2603diff --git a/servconf.c b/servconf.c
2578index 0f0d09068..cbbea05bf 100644 2604index c0f6af0be..e1ae07fb7 100644
2579--- a/servconf.c 2605--- a/servconf.c
2580+++ b/servconf.c 2606+++ b/servconf.c
2581@@ -123,8 +123,10 @@ initialize_server_options(ServerOptions *options) 2607@@ -124,8 +124,10 @@ initialize_server_options(ServerOptions *options)
2582 options->kerberos_ticket_cleanup = -1; 2608 options->kerberos_ticket_cleanup = -1;
2583 options->kerberos_get_afs_token = -1; 2609 options->kerberos_get_afs_token = -1;
2584 options->gss_authentication=-1; 2610 options->gss_authentication=-1;
@@ -2589,7 +2615,7 @@ index 0f0d09068..cbbea05bf 100644
2589 options->password_authentication = -1; 2615 options->password_authentication = -1;
2590 options->kbd_interactive_authentication = -1; 2616 options->kbd_interactive_authentication = -1;
2591 options->challenge_response_authentication = -1; 2617 options->challenge_response_authentication = -1;
2592@@ -315,10 +317,14 @@ fill_default_server_options(ServerOptions *options) 2618@@ -333,10 +335,14 @@ fill_default_server_options(ServerOptions *options)
2593 options->kerberos_get_afs_token = 0; 2619 options->kerberos_get_afs_token = 0;
2594 if (options->gss_authentication == -1) 2620 if (options->gss_authentication == -1)
2595 options->gss_authentication = 0; 2621 options->gss_authentication = 0;
@@ -2604,15 +2630,15 @@ index 0f0d09068..cbbea05bf 100644
2604 if (options->password_authentication == -1) 2630 if (options->password_authentication == -1)
2605 options->password_authentication = 1; 2631 options->password_authentication = 1;
2606 if (options->kbd_interactive_authentication == -1) 2632 if (options->kbd_interactive_authentication == -1)
2607@@ -461,6 +467,7 @@ typedef enum { 2633@@ -481,6 +487,7 @@ typedef enum {
2608 sHostKeyAlgorithms, 2634 sHostKeyAlgorithms,
2609 sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile, 2635 sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile,
2610 sGssAuthentication, sGssCleanupCreds, sGssStrictAcceptor, 2636 sGssAuthentication, sGssCleanupCreds, sGssStrictAcceptor,
2611+ sGssKeyEx, sGssStoreRekey, 2637+ sGssKeyEx, sGssStoreRekey,
2612 sAcceptEnv, sPermitTunnel, 2638 sAcceptEnv, sSetEnv, sPermitTunnel,
2613 sMatch, sPermitOpen, sForceCommand, sChrootDirectory, 2639 sMatch, sPermitOpen, sPermitListen, sForceCommand, sChrootDirectory,
2614 sUsePrivilegeSeparation, sAllowAgentForwarding, 2640 sUsePrivilegeSeparation, sAllowAgentForwarding,
2615@@ -535,12 +542,20 @@ static struct { 2641@@ -555,12 +562,20 @@ static struct {
2616 #ifdef GSSAPI 2642 #ifdef GSSAPI
2617 { "gssapiauthentication", sGssAuthentication, SSHCFG_ALL }, 2643 { "gssapiauthentication", sGssAuthentication, SSHCFG_ALL },
2618 { "gssapicleanupcredentials", sGssCleanupCreds, SSHCFG_GLOBAL }, 2644 { "gssapicleanupcredentials", sGssCleanupCreds, SSHCFG_GLOBAL },
@@ -2633,7 +2659,7 @@ index 0f0d09068..cbbea05bf 100644
2633 { "passwordauthentication", sPasswordAuthentication, SSHCFG_ALL }, 2659 { "passwordauthentication", sPasswordAuthentication, SSHCFG_ALL },
2634 { "kbdinteractiveauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL }, 2660 { "kbdinteractiveauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL },
2635 { "challengeresponseauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL }, 2661 { "challengeresponseauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL },
2636@@ -1407,6 +1422,10 @@ process_server_config_line(ServerOptions *options, char *line, 2662@@ -1459,6 +1474,10 @@ process_server_config_line(ServerOptions *options, char *line,
2637 intptr = &options->gss_authentication; 2663 intptr = &options->gss_authentication;
2638 goto parse_flag; 2664 goto parse_flag;
2639 2665
@@ -2644,7 +2670,7 @@ index 0f0d09068..cbbea05bf 100644
2644 case sGssCleanupCreds: 2670 case sGssCleanupCreds:
2645 intptr = &options->gss_cleanup_creds; 2671 intptr = &options->gss_cleanup_creds;
2646 goto parse_flag; 2672 goto parse_flag;
2647@@ -1415,6 +1434,10 @@ process_server_config_line(ServerOptions *options, char *line, 2673@@ -1467,6 +1486,10 @@ process_server_config_line(ServerOptions *options, char *line,
2648 intptr = &options->gss_strict_acceptor; 2674 intptr = &options->gss_strict_acceptor;
2649 goto parse_flag; 2675 goto parse_flag;
2650 2676
@@ -2655,7 +2681,7 @@ index 0f0d09068..cbbea05bf 100644
2655 case sPasswordAuthentication: 2681 case sPasswordAuthentication:
2656 intptr = &options->password_authentication; 2682 intptr = &options->password_authentication;
2657 goto parse_flag; 2683 goto parse_flag;
2658@@ -2453,7 +2476,10 @@ dump_config(ServerOptions *o) 2684@@ -2551,7 +2574,10 @@ dump_config(ServerOptions *o)
2659 #endif 2685 #endif
2660 #ifdef GSSAPI 2686 #ifdef GSSAPI
2661 dump_cfg_fmtint(sGssAuthentication, o->gss_authentication); 2687 dump_cfg_fmtint(sGssAuthentication, o->gss_authentication);
@@ -2667,10 +2693,10 @@ index 0f0d09068..cbbea05bf 100644
2667 dump_cfg_fmtint(sPasswordAuthentication, o->password_authentication); 2693 dump_cfg_fmtint(sPasswordAuthentication, o->password_authentication);
2668 dump_cfg_fmtint(sKbdInteractiveAuthentication, 2694 dump_cfg_fmtint(sKbdInteractiveAuthentication,
2669diff --git a/servconf.h b/servconf.h 2695diff --git a/servconf.h b/servconf.h
2670index 37a0fb1a3..5dfc9bc02 100644 2696index 557521d73..9b117fe27 100644
2671--- a/servconf.h 2697--- a/servconf.h
2672+++ b/servconf.h 2698+++ b/servconf.h
2673@@ -130,8 +130,10 @@ typedef struct { 2699@@ -124,8 +124,10 @@ typedef struct {
2674 int kerberos_get_afs_token; /* If true, try to get AFS token if 2700 int kerberos_get_afs_token; /* If true, try to get AFS token if
2675 * authenticated with Kerberos. */ 2701 * authenticated with Kerberos. */
2676 int gss_authentication; /* If true, permit GSSAPI authentication */ 2702 int gss_authentication; /* If true, permit GSSAPI authentication */
@@ -2682,11 +2708,11 @@ index 37a0fb1a3..5dfc9bc02 100644
2682 * authentication. */ 2708 * authentication. */
2683 int kbd_interactive_authentication; /* If true, permit */ 2709 int kbd_interactive_authentication; /* If true, permit */
2684diff --git a/ssh-gss.h b/ssh-gss.h 2710diff --git a/ssh-gss.h b/ssh-gss.h
2685index 6593e422d..919660a03 100644 2711index 36180d07a..350ce7882 100644
2686--- a/ssh-gss.h 2712--- a/ssh-gss.h
2687+++ b/ssh-gss.h 2713+++ b/ssh-gss.h
2688@@ -1,6 +1,6 @@ 2714@@ -1,6 +1,6 @@
2689 /* $OpenBSD: ssh-gss.h,v 1.12 2017/06/24 06:34:38 djm Exp $ */ 2715 /* $OpenBSD: ssh-gss.h,v 1.14 2018/07/10 09:13:30 djm Exp $ */
2690 /* 2716 /*
2691- * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. 2717- * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
2692+ * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved. 2718+ * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved.
@@ -2749,10 +2775,10 @@ index 6593e422d..919660a03 100644
2749 2775
2750 int ssh_gssapi_check_oid(Gssctxt *, void *, size_t); 2776 int ssh_gssapi_check_oid(Gssctxt *, void *, size_t);
2751 void ssh_gssapi_set_oid_data(Gssctxt *, void *, size_t); 2777 void ssh_gssapi_set_oid_data(Gssctxt *, void *, size_t);
2752@@ -119,17 +136,33 @@ void ssh_gssapi_build_ctx(Gssctxt **); 2778@@ -123,17 +140,33 @@ void ssh_gssapi_delete_ctx(Gssctxt **);
2753 void ssh_gssapi_delete_ctx(Gssctxt **);
2754 OM_uint32 ssh_gssapi_sign(Gssctxt *, gss_buffer_t, gss_buffer_t); 2779 OM_uint32 ssh_gssapi_sign(Gssctxt *, gss_buffer_t, gss_buffer_t);
2755 void ssh_gssapi_buildmic(Buffer *, const char *, const char *, const char *); 2780 void ssh_gssapi_buildmic(struct sshbuf *, const char *,
2781 const char *, const char *);
2756-int ssh_gssapi_check_mechanism(Gssctxt **, gss_OID, const char *); 2782-int ssh_gssapi_check_mechanism(Gssctxt **, gss_OID, const char *);
2757+int ssh_gssapi_check_mechanism(Gssctxt **, gss_OID, const char *, const char *); 2783+int ssh_gssapi_check_mechanism(Gssctxt **, gss_OID, const char *, const char *);
2758+OM_uint32 ssh_gssapi_client_identity(Gssctxt *, const char *); 2784+OM_uint32 ssh_gssapi_client_identity(Gssctxt *, const char *);
@@ -2799,10 +2825,10 @@ index c12f5ef52..bcb9f153d 100644
2799 # CheckHostIP yes 2825 # CheckHostIP yes
2800 # AddressFamily any 2826 # AddressFamily any
2801diff --git a/ssh_config.5 b/ssh_config.5 2827diff --git a/ssh_config.5 b/ssh_config.5
2802index 71705cabd..66826aa70 100644 2828index f499396a3..5b99921b4 100644
2803--- a/ssh_config.5 2829--- a/ssh_config.5
2804+++ b/ssh_config.5 2830+++ b/ssh_config.5
2805@@ -727,10 +727,42 @@ The default is 2831@@ -718,10 +718,42 @@ The default is
2806 Specifies whether user authentication based on GSSAPI is allowed. 2832 Specifies whether user authentication based on GSSAPI is allowed.
2807 The default is 2833 The default is
2808 .Cm no . 2834 .Cm no .
@@ -2846,7 +2872,7 @@ index 71705cabd..66826aa70 100644
2846 Indicates that 2872 Indicates that
2847 .Xr ssh 1 2873 .Xr ssh 1
2848diff --git a/sshconnect2.c b/sshconnect2.c 2874diff --git a/sshconnect2.c b/sshconnect2.c
2849index 1f4a74cf4..83562c688 100644 2875index 10e4f0a08..c6a1b1271 100644
2850--- a/sshconnect2.c 2876--- a/sshconnect2.c
2851+++ b/sshconnect2.c 2877+++ b/sshconnect2.c
2852@@ -162,6 +162,11 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port) 2878@@ -162,6 +162,11 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port)
@@ -2861,7 +2887,7 @@ index 1f4a74cf4..83562c688 100644
2861 xxx_host = host; 2887 xxx_host = host;
2862 xxx_hostaddr = hostaddr; 2888 xxx_hostaddr = hostaddr;
2863 2889
2864@@ -192,6 +197,35 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port) 2890@@ -194,6 +199,35 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port)
2865 order_hostkeyalgs(host, hostaddr, port)); 2891 order_hostkeyalgs(host, hostaddr, port));
2866 } 2892 }
2867 2893
@@ -2897,7 +2923,7 @@ index 1f4a74cf4..83562c688 100644
2897 if (options.rekey_limit || options.rekey_interval) 2923 if (options.rekey_limit || options.rekey_interval)
2898 packet_set_rekey_limits(options.rekey_limit, 2924 packet_set_rekey_limits(options.rekey_limit,
2899 options.rekey_interval); 2925 options.rekey_interval);
2900@@ -213,15 +247,41 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port) 2926@@ -215,15 +249,41 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port)
2901 # endif 2927 # endif
2902 #endif 2928 #endif
2903 kex->kex[KEX_C25519_SHA256] = kexc25519_client; 2929 kex->kex[KEX_C25519_SHA256] = kexc25519_client;
@@ -2939,7 +2965,7 @@ index 1f4a74cf4..83562c688 100644
2939 if ((r = kex_prop2buf(kex->my, myproposal)) != 0) 2965 if ((r = kex_prop2buf(kex->my, myproposal)) != 0)
2940 fatal("kex_prop2buf: %s", ssh_err(r)); 2966 fatal("kex_prop2buf: %s", ssh_err(r));
2941 2967
2942@@ -311,6 +371,7 @@ int input_gssapi_token(int type, u_int32_t, struct ssh *); 2968@@ -314,6 +374,7 @@ int input_gssapi_token(int type, u_int32_t, struct ssh *);
2943 int input_gssapi_hash(int type, u_int32_t, struct ssh *); 2969 int input_gssapi_hash(int type, u_int32_t, struct ssh *);
2944 int input_gssapi_error(int, u_int32_t, struct ssh *); 2970 int input_gssapi_error(int, u_int32_t, struct ssh *);
2945 int input_gssapi_errtok(int, u_int32_t, struct ssh *); 2971 int input_gssapi_errtok(int, u_int32_t, struct ssh *);
@@ -2947,7 +2973,7 @@ index 1f4a74cf4..83562c688 100644
2947 #endif 2973 #endif
2948 2974
2949 void userauth(Authctxt *, char *); 2975 void userauth(Authctxt *, char *);
2950@@ -327,6 +388,11 @@ static char *authmethods_get(void); 2976@@ -330,6 +391,11 @@ static char *authmethods_get(void);
2951 2977
2952 Authmethod authmethods[] = { 2978 Authmethod authmethods[] = {
2953 #ifdef GSSAPI 2979 #ifdef GSSAPI
@@ -2959,10 +2985,10 @@ index 1f4a74cf4..83562c688 100644
2959 {"gssapi-with-mic", 2985 {"gssapi-with-mic",
2960 userauth_gssapi, 2986 userauth_gssapi,
2961 NULL, 2987 NULL,
2962@@ -643,25 +709,40 @@ userauth_gssapi(Authctxt *authctxt) 2988@@ -657,25 +723,40 @@ userauth_gssapi(Authctxt *authctxt)
2963 static u_int mech = 0; 2989 static u_int mech = 0;
2964 OM_uint32 min; 2990 OM_uint32 min;
2965 int ok = 0; 2991 int r, ok = 0;
2966+ char *gss_host; 2992+ char *gss_host;
2967+ 2993+
2968+ if (options.gss_server_identity) 2994+ if (options.gss_server_identity)
@@ -2987,9 +3013,9 @@ index 1f4a74cf4..83562c688 100644
2987 while (mech < gss_supported->count && !ok) { 3013 while (mech < gss_supported->count && !ok) {
2988 /* My DER encoding requires length<128 */ 3014 /* My DER encoding requires length<128 */
2989 if (gss_supported->elements[mech].length < 128 && 3015 if (gss_supported->elements[mech].length < 128 &&
2990 ssh_gssapi_check_mechanism(&gssctxt, 3016 ssh_gssapi_check_mechanism(&gssctxt,
2991- &gss_supported->elements[mech], authctxt->host)) { 3017- &gss_supported->elements[mech], authctxt->host)) {
2992+ &gss_supported->elements[mech], gss_host, 3018+ &gss_supported->elements[mech], gss_host,
2993+ options.gss_client_identity)) { 3019+ options.gss_client_identity)) {
2994 ok = 1; /* Mechanism works */ 3020 ok = 1; /* Mechanism works */
2995 } else { 3021 } else {
@@ -3002,29 +3028,20 @@ index 1f4a74cf4..83562c688 100644
3002 if (!ok) 3028 if (!ok)
3003 return 0; 3029 return 0;
3004 3030
3005@@ -752,8 +833,8 @@ input_gssapi_response(int type, u_int32_t plen, struct ssh *ssh) 3031@@ -906,6 +987,54 @@ input_gssapi_error(int type, u_int32_t plen, struct ssh *ssh)
3006 {
3007 Authctxt *authctxt = ssh->authctxt;
3008 Gssctxt *gssctxt;
3009- int oidlen;
3010- char *oidv;
3011+ u_int oidlen;
3012+ u_char *oidv;
3013
3014 if (authctxt == NULL)
3015 fatal("input_gssapi_response: no authentication context");
3016@@ -866,6 +947,48 @@ input_gssapi_error(int type, u_int32_t plen, struct ssh *ssh)
3017 free(lang); 3032 free(lang);
3018 return 0; 3033 return r;
3019 } 3034 }
3020+ 3035+
3021+int 3036+int
3022+userauth_gsskeyex(Authctxt *authctxt) 3037+userauth_gsskeyex(Authctxt *authctxt)
3023+{ 3038+{
3024+ Buffer b; 3039+ struct ssh *ssh = active_state; /* XXX */
3040+ struct sshbuf *b;
3025+ gss_buffer_desc gssbuf; 3041+ gss_buffer_desc gssbuf;
3026+ gss_buffer_desc mic = GSS_C_EMPTY_BUFFER; 3042+ gss_buffer_desc mic = GSS_C_EMPTY_BUFFER;
3027+ OM_uint32 ms; 3043+ OM_uint32 ms;
3044+ int r;
3028+ 3045+
3029+ static int attempt = 0; 3046+ static int attempt = 0;
3030+ if (attempt++ >= 1) 3047+ if (attempt++ >= 1)
@@ -3035,25 +3052,29 @@ index 1f4a74cf4..83562c688 100644
3035+ return (0); 3052+ return (0);
3036+ } 3053+ }
3037+ 3054+
3038+ ssh_gssapi_buildmic(&b, authctxt->server_user, authctxt->service, 3055+ if ((b = sshbuf_new()) == NULL)
3056+ fatal("%s: sshbuf_new failed", __func__);
3057+ ssh_gssapi_buildmic(b, authctxt->server_user, authctxt->service,
3039+ "gssapi-keyex"); 3058+ "gssapi-keyex");
3040+ 3059+
3041+ gssbuf.value = buffer_ptr(&b); 3060+ if ((gssbuf.value = sshbuf_mutable_ptr(b)) == NULL)
3042+ gssbuf.length = buffer_len(&b); 3061+ fatal("%s: sshbuf_mutable_ptr failed", __func__);
3062+ gssbuf.length = sshbuf_len(b);
3043+ 3063+
3044+ if (GSS_ERROR(ssh_gssapi_sign(gss_kex_context, &gssbuf, &mic))) { 3064+ if (GSS_ERROR(ssh_gssapi_sign(gss_kex_context, &gssbuf, &mic))) {
3045+ buffer_free(&b); 3065+ sshbuf_free(b);
3046+ return (0); 3066+ return (0);
3047+ } 3067+ }
3048+ 3068+
3049+ packet_start(SSH2_MSG_USERAUTH_REQUEST); 3069+ if ((r = sshpkt_start(ssh, SSH2_MSG_USERAUTH_REQUEST)) != 0 ||
3050+ packet_put_cstring(authctxt->server_user); 3070+ (r = sshpkt_put_cstring(ssh, authctxt->server_user)) != 0 ||
3051+ packet_put_cstring(authctxt->service); 3071+ (r = sshpkt_put_cstring(ssh, authctxt->service)) != 0 ||
3052+ packet_put_cstring(authctxt->method->name); 3072+ (r = sshpkt_put_cstring(ssh, authctxt->method->name)) != 0 ||
3053+ packet_put_string(mic.value, mic.length); 3073+ (r = sshpkt_put_string(ssh, mic.value, mic.length)) != 0 ||
3054+ packet_send(); 3074+ (r = sshpkt_send(ssh)) != 0)
3075+ fatal("%s: %s", __func__, ssh_err(r));
3055+ 3076+
3056+ buffer_free(&b); 3077+ sshbuf_free(b);
3057+ gss_release_buffer(&ms, &mic); 3078+ gss_release_buffer(&ms, &mic);
3058+ 3079+
3059+ return (1); 3080+ return (1);
@@ -3063,7 +3084,7 @@ index 1f4a74cf4..83562c688 100644
3063 3084
3064 int 3085 int
3065diff --git a/sshd.c b/sshd.c 3086diff --git a/sshd.c b/sshd.c
3066index fd95b681b..e88185efa 100644 3087index a738c3ab6..2e453cdf8 100644
3067--- a/sshd.c 3088--- a/sshd.c
3068+++ b/sshd.c 3089+++ b/sshd.c
3069@@ -123,6 +123,10 @@ 3090@@ -123,6 +123,10 @@
@@ -3077,7 +3098,7 @@ index fd95b681b..e88185efa 100644
3077 /* Re-exec fds */ 3098 /* Re-exec fds */
3078 #define REEXEC_DEVCRYPTO_RESERVED_FD (STDERR_FILENO + 1) 3099 #define REEXEC_DEVCRYPTO_RESERVED_FD (STDERR_FILENO + 1)
3079 #define REEXEC_STARTUP_PIPE_FD (STDERR_FILENO + 2) 3100 #define REEXEC_STARTUP_PIPE_FD (STDERR_FILENO + 2)
3080@@ -531,7 +535,7 @@ privsep_preauth_child(void) 3101@@ -536,7 +540,7 @@ privsep_preauth_child(void)
3081 3102
3082 #ifdef GSSAPI 3103 #ifdef GSSAPI
3083 /* Cache supported mechanism OIDs for later use */ 3104 /* Cache supported mechanism OIDs for later use */
@@ -3086,10 +3107,10 @@ index fd95b681b..e88185efa 100644
3086 ssh_gssapi_prepare_supported_oids(); 3107 ssh_gssapi_prepare_supported_oids();
3087 #endif 3108 #endif
3088 3109
3089@@ -1753,10 +1757,13 @@ main(int ac, char **av) 3110@@ -1811,10 +1815,13 @@ main(int ac, char **av)
3090 key ? "private" : "agent", i, sshkey_ssh_name(pubkey), fp);
3091 free(fp); 3111 free(fp);
3092 } 3112 }
3113 accumulate_host_timing_secret(cfg, NULL);
3093+#ifndef GSSAPI 3114+#ifndef GSSAPI
3094+ /* The GSSAPI key exchange can run without a host key */ 3115+ /* The GSSAPI key exchange can run without a host key */
3095 if (!sensitive_data.have_ssh2_key) { 3116 if (!sensitive_data.have_ssh2_key) {
@@ -3100,7 +3121,7 @@ index fd95b681b..e88185efa 100644
3100 3121
3101 /* 3122 /*
3102 * Load certificates. They are stored in an array at identical 3123 * Load certificates. They are stored in an array at identical
3103@@ -2047,6 +2054,60 @@ main(int ac, char **av) 3124@@ -2105,6 +2112,60 @@ main(int ac, char **av)
3104 rdomain == NULL ? "" : "\""); 3125 rdomain == NULL ? "" : "\"");
3105 free(laddr); 3126 free(laddr);
3106 3127
@@ -3161,7 +3182,7 @@ index fd95b681b..e88185efa 100644
3161 /* 3182 /*
3162 * We don't want to listen forever unless the other side 3183 * We don't want to listen forever unless the other side
3163 * successfully authenticates itself. So we set up an alarm which is 3184 * successfully authenticates itself. So we set up an alarm which is
3164@@ -2234,6 +2295,48 @@ do_ssh2_kex(void) 3185@@ -2288,6 +2349,48 @@ do_ssh2_kex(void)
3165 myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = compat_pkalg_proposal( 3186 myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = compat_pkalg_proposal(
3166 list_hostkey_types()); 3187 list_hostkey_types());
3167 3188
@@ -3210,7 +3231,7 @@ index fd95b681b..e88185efa 100644
3210 /* start key exchange */ 3231 /* start key exchange */
3211 if ((r = kex_setup(active_state, myproposal)) != 0) 3232 if ((r = kex_setup(active_state, myproposal)) != 0)
3212 fatal("kex_setup: %s", ssh_err(r)); 3233 fatal("kex_setup: %s", ssh_err(r));
3213@@ -2251,6 +2354,13 @@ do_ssh2_kex(void) 3234@@ -2305,6 +2408,13 @@ do_ssh2_kex(void)
3214 # endif 3235 # endif
3215 #endif 3236 #endif
3216 kex->kex[KEX_C25519_SHA256] = kexc25519_server; 3237 kex->kex[KEX_C25519_SHA256] = kexc25519_server;
@@ -3225,7 +3246,7 @@ index fd95b681b..e88185efa 100644
3225 kex->client_version_string=client_version_string; 3246 kex->client_version_string=client_version_string;
3226 kex->server_version_string=server_version_string; 3247 kex->server_version_string=server_version_string;
3227diff --git a/sshd_config b/sshd_config 3248diff --git a/sshd_config b/sshd_config
3228index 3109d5d73..86263d713 100644 3249index 19b7c91a1..2c48105f8 100644
3229--- a/sshd_config 3250--- a/sshd_config
3230+++ b/sshd_config 3251+++ b/sshd_config
3231@@ -69,6 +69,8 @@ AuthorizedKeysFile .ssh/authorized_keys 3252@@ -69,6 +69,8 @@ AuthorizedKeysFile .ssh/authorized_keys
@@ -3238,10 +3259,10 @@ index 3109d5d73..86263d713 100644
3238 # Set this to 'yes' to enable PAM authentication, account processing, 3259 # Set this to 'yes' to enable PAM authentication, account processing,
3239 # and session processing. If this is enabled, PAM authentication will 3260 # and session processing. If this is enabled, PAM authentication will
3240diff --git a/sshd_config.5 b/sshd_config.5 3261diff --git a/sshd_config.5 b/sshd_config.5
3241index e3c7c3936..c4a3f3cb2 100644 3262index e1b54ba20..a0ac717c7 100644
3242--- a/sshd_config.5 3263--- a/sshd_config.5
3243+++ b/sshd_config.5 3264+++ b/sshd_config.5
3244@@ -636,6 +636,11 @@ The default is 3265@@ -637,6 +637,11 @@ The default is
3245 Specifies whether user authentication based on GSSAPI is allowed. 3266 Specifies whether user authentication based on GSSAPI is allowed.
3246 The default is 3267 The default is
3247 .Cm no . 3268 .Cm no .
@@ -3253,7 +3274,7 @@ index e3c7c3936..c4a3f3cb2 100644
3253 .It Cm GSSAPICleanupCredentials 3274 .It Cm GSSAPICleanupCredentials
3254 Specifies whether to automatically destroy the user's credentials cache 3275 Specifies whether to automatically destroy the user's credentials cache
3255 on logout. 3276 on logout.
3256@@ -655,6 +660,11 @@ machine's default store. 3277@@ -656,6 +661,11 @@ machine's default store.
3257 This facility is provided to assist with operation on multi homed machines. 3278 This facility is provided to assist with operation on multi homed machines.
3258 The default is 3279 The default is
3259 .Cm yes . 3280 .Cm yes .
@@ -3264,20 +3285,20 @@ index e3c7c3936..c4a3f3cb2 100644
3264+.Cm no . 3285+.Cm no .
3265 .It Cm HostbasedAcceptedKeyTypes 3286 .It Cm HostbasedAcceptedKeyTypes
3266 Specifies the key types that will be accepted for hostbased authentication 3287 Specifies the key types that will be accepted for hostbased authentication
3267 as a comma-separated pattern list. 3288 as a list of comma-separated patterns.
3268diff --git a/sshkey.c b/sshkey.c 3289diff --git a/sshkey.c b/sshkey.c
3269index 7712fba23..088872860 100644 3290index 72c08c7e0..91e99a262 100644
3270--- a/sshkey.c 3291--- a/sshkey.c
3271+++ b/sshkey.c 3292+++ b/sshkey.c
3272@@ -122,6 +122,7 @@ static const struct keytype keytypes[] = { 3293@@ -140,6 +140,7 @@ static const struct keytype keytypes[] = {
3273 # endif /* OPENSSL_HAS_NISTP521 */ 3294 # endif /* OPENSSL_HAS_NISTP521 */
3274 # endif /* OPENSSL_HAS_ECC */ 3295 # endif /* OPENSSL_HAS_ECC */
3275 #endif /* WITH_OPENSSL */ 3296 #endif /* WITH_OPENSSL */
3276+ { "null", "null", KEY_NULL, 0, 0, 0 }, 3297+ { "null", "null", NULL, KEY_NULL, 0, 0, 0 },
3277 { NULL, NULL, -1, -1, 0, 0 } 3298 { NULL, NULL, NULL, -1, -1, 0, 0 }
3278 }; 3299 };
3279 3300
3280@@ -210,7 +211,7 @@ sshkey_alg_list(int certs_only, int plain_only, int include_sigonly, char sep) 3301@@ -228,7 +229,7 @@ sshkey_alg_list(int certs_only, int plain_only, int include_sigonly, char sep)
3281 const struct keytype *kt; 3302 const struct keytype *kt;
3282 3303
3283 for (kt = keytypes; kt->type != -1; kt++) { 3304 for (kt = keytypes; kt->type != -1; kt++) {
@@ -3287,7 +3308,7 @@ index 7712fba23..088872860 100644
3287 if (!include_sigonly && kt->sigonly) 3308 if (!include_sigonly && kt->sigonly)
3288 continue; 3309 continue;
3289diff --git a/sshkey.h b/sshkey.h 3310diff --git a/sshkey.h b/sshkey.h
3290index 155cd45ae..4e89049f1 100644 3311index 9060b2ecb..0cbdcfd74 100644
3291--- a/sshkey.h 3312--- a/sshkey.h
3292+++ b/sshkey.h 3313+++ b/sshkey.h
3293@@ -63,6 +63,7 @@ enum sshkey_types { 3314@@ -63,6 +63,7 @@ enum sshkey_types {
diff --git a/debian/patches/keepalive-extensions.patch b/debian/patches/keepalive-extensions.patch
index b75b82068..fc052ea73 100644
--- a/debian/patches/keepalive-extensions.patch
+++ b/debian/patches/keepalive-extensions.patch
@@ -1,4 +1,4 @@
1From a7045c36e6e072c8f9250fbe11cf2f9db9f51a08 Mon Sep 17 00:00:00 2001 1From 2c0a1fef2aaf16c5b97694139239797f0ea33d27 Mon Sep 17 00:00:00 2001
2From: Richard Kettlewell <rjk@greenend.org.uk> 2From: Richard Kettlewell <rjk@greenend.org.uk>
3Date: Sun, 9 Feb 2014 16:09:52 +0000 3Date: Sun, 9 Feb 2014 16:09:52 +0000
4Subject: Various keepalive extensions 4Subject: Various keepalive extensions
@@ -16,7 +16,7 @@ keepalives.
16Author: Ian Jackson <ian@chiark.greenend.org.uk> 16Author: Ian Jackson <ian@chiark.greenend.org.uk>
17Author: Matthew Vernon <matthew@debian.org> 17Author: Matthew Vernon <matthew@debian.org>
18Author: Colin Watson <cjwatson@debian.org> 18Author: Colin Watson <cjwatson@debian.org>
19Last-Update: 2017-10-04 19Last-Update: 2018-08-24
20 20
21Patch-Name: keepalive-extensions.patch 21Patch-Name: keepalive-extensions.patch
22--- 22---
@@ -26,10 +26,10 @@ Patch-Name: keepalive-extensions.patch
26 3 files changed, 34 insertions(+), 4 deletions(-) 26 3 files changed, 34 insertions(+), 4 deletions(-)
27 27
28diff --git a/readconf.c b/readconf.c 28diff --git a/readconf.c b/readconf.c
29index 1f1be7789..7f2b5c172 100644 29index 6e26ba32d..3fd0fe7b7 100644
30--- a/readconf.c 30--- a/readconf.c
31+++ b/readconf.c 31+++ b/readconf.c
32@@ -174,6 +174,7 @@ typedef enum { 32@@ -175,6 +175,7 @@ typedef enum {
33 oStreamLocalBindMask, oStreamLocalBindUnlink, oRevokedHostKeys, 33 oStreamLocalBindMask, oStreamLocalBindUnlink, oRevokedHostKeys,
34 oFingerprintHash, oUpdateHostkeys, oHostbasedKeyTypes, 34 oFingerprintHash, oUpdateHostkeys, oHostbasedKeyTypes,
35 oPubkeyAcceptedKeyTypes, oProxyJump, 35 oPubkeyAcceptedKeyTypes, oProxyJump,
@@ -37,7 +37,7 @@ index 1f1be7789..7f2b5c172 100644
37 oIgnore, oIgnoredUnknownOption, oDeprecated, oUnsupported 37 oIgnore, oIgnoredUnknownOption, oDeprecated, oUnsupported
38 } OpCodes; 38 } OpCodes;
39 39
40@@ -319,6 +320,8 @@ static struct { 40@@ -321,6 +322,8 @@ static struct {
41 { "pubkeyacceptedkeytypes", oPubkeyAcceptedKeyTypes }, 41 { "pubkeyacceptedkeytypes", oPubkeyAcceptedKeyTypes },
42 { "ignoreunknown", oIgnoreUnknown }, 42 { "ignoreunknown", oIgnoreUnknown },
43 { "proxyjump", oProxyJump }, 43 { "proxyjump", oProxyJump },
@@ -46,7 +46,7 @@ index 1f1be7789..7f2b5c172 100644
46 46
47 { NULL, oBadOption } 47 { NULL, oBadOption }
48 }; 48 };
49@@ -1378,6 +1381,8 @@ parse_keytypes: 49@@ -1401,6 +1404,8 @@ parse_keytypes:
50 goto parse_flag; 50 goto parse_flag;
51 51
52 case oServerAliveInterval: 52 case oServerAliveInterval:
@@ -55,7 +55,7 @@ index 1f1be7789..7f2b5c172 100644
55 intptr = &options->server_alive_interval; 55 intptr = &options->server_alive_interval;
56 goto parse_time; 56 goto parse_time;
57 57
58@@ -2019,8 +2024,13 @@ fill_default_options(Options * options) 58@@ -2075,8 +2080,13 @@ fill_default_options(Options * options)
59 options->rekey_interval = 0; 59 options->rekey_interval = 0;
60 if (options->verify_host_key_dns == -1) 60 if (options->verify_host_key_dns == -1)
61 options->verify_host_key_dns = 0; 61 options->verify_host_key_dns = 0;
@@ -72,7 +72,7 @@ index 1f1be7789..7f2b5c172 100644
72 options->server_alive_count_max = 3; 72 options->server_alive_count_max = 3;
73 if (options->control_master == -1) 73 if (options->control_master == -1)
74diff --git a/ssh_config.5 b/ssh_config.5 74diff --git a/ssh_config.5 b/ssh_config.5
75index 66826aa70..32c3632c7 100644 75index 5b99921b4..86ada128e 100644
76--- a/ssh_config.5 76--- a/ssh_config.5
77+++ b/ssh_config.5 77+++ b/ssh_config.5
78@@ -247,8 +247,12 @@ Valid arguments are 78@@ -247,8 +247,12 @@ Valid arguments are
@@ -102,10 +102,10 @@ index 66826aa70..32c3632c7 100644
102+and 102+and
103+.Cm SetupTimeOut 103+.Cm SetupTimeOut
104+are Debian-specific compatibility aliases for this option. 104+are Debian-specific compatibility aliases for this option.
105 .It Cm StreamLocalBindMask 105 .It Cm SetEnv
106 Sets the octal file creation mode mask 106 Directly specify one or more environment variables and their contents to
107 .Pq umask 107 be sent to the server.
108@@ -1537,6 +1548,12 @@ Specifies whether the system should send TCP keepalive messages to the 108@@ -1543,6 +1554,12 @@ Specifies whether the system should send TCP keepalive messages to the
109 other side. 109 other side.
110 If they are sent, death of the connection or crash of one 110 If they are sent, death of the connection or crash of one
111 of the machines will be properly noticed. 111 of the machines will be properly noticed.
@@ -119,10 +119,10 @@ index 66826aa70..32c3632c7 100644
119 connections will die if the route is down temporarily, and some people 119 connections will die if the route is down temporarily, and some people
120 find it annoying. 120 find it annoying.
121diff --git a/sshd_config.5 b/sshd_config.5 121diff --git a/sshd_config.5 b/sshd_config.5
122index c4a3f3cb2..1a1c6dd09 100644 122index a0ac717c7..0fbbccbde 100644
123--- a/sshd_config.5 123--- a/sshd_config.5
124+++ b/sshd_config.5 124+++ b/sshd_config.5
125@@ -1495,6 +1495,9 @@ This avoids infinitely hanging sessions. 125@@ -1566,6 +1566,9 @@ This avoids infinitely hanging sessions.
126 .Pp 126 .Pp
127 To disable TCP keepalive messages, the value should be set to 127 To disable TCP keepalive messages, the value should be set to
128 .Cm no . 128 .Cm no .
diff --git a/debian/patches/mention-ssh-keygen-on-keychange.patch b/debian/patches/mention-ssh-keygen-on-keychange.patch
index 95c235b32..3f0d5fba3 100644
--- a/debian/patches/mention-ssh-keygen-on-keychange.patch
+++ b/debian/patches/mention-ssh-keygen-on-keychange.patch
@@ -1,4 +1,4 @@
1From 76ab788bcf265360e1b88f8ced6085198c320fdd Mon Sep 17 00:00:00 2001 1From 0e0121b6dc0ffc2ec6a171328fea530378df2b3b Mon Sep 17 00:00:00 2001
2From: Scott Moser <smoser@ubuntu.com> 2From: Scott Moser <smoser@ubuntu.com>
3Date: Sun, 9 Feb 2014 16:10:03 +0000 3Date: Sun, 9 Feb 2014 16:10:03 +0000
4Subject: Mention ssh-keygen in ssh fingerprint changed warning 4Subject: Mention ssh-keygen in ssh fingerprint changed warning
@@ -14,10 +14,10 @@ Patch-Name: mention-ssh-keygen-on-keychange.patch
14 1 file changed, 8 insertions(+), 1 deletion(-) 14 1 file changed, 8 insertions(+), 1 deletion(-)
15 15
16diff --git a/sshconnect.c b/sshconnect.c 16diff --git a/sshconnect.c b/sshconnect.c
17index 8ab01c0ef..58f9eac8a 100644 17index a2efe6d15..ab5966066 100644
18--- a/sshconnect.c 18--- a/sshconnect.c
19+++ b/sshconnect.c 19+++ b/sshconnect.c
20@@ -1141,9 +1141,13 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port, 20@@ -1112,9 +1112,13 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port,
21 error("%s. This could either mean that", key_msg); 21 error("%s. This could either mean that", key_msg);
22 error("DNS SPOOFING is happening or the IP address for the host"); 22 error("DNS SPOOFING is happening or the IP address for the host");
23 error("and its host key have changed at the same time."); 23 error("and its host key have changed at the same time.");
@@ -32,7 +32,7 @@ index 8ab01c0ef..58f9eac8a 100644
32 } 32 }
33 /* The host key has changed. */ 33 /* The host key has changed. */
34 warn_changed_key(host_key); 34 warn_changed_key(host_key);
35@@ -1152,6 +1156,9 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port, 35@@ -1123,6 +1127,9 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port,
36 error("Offending %s key in %s:%lu", 36 error("Offending %s key in %s:%lu",
37 sshkey_type(host_found->key), 37 sshkey_type(host_found->key),
38 host_found->file, host_found->line); 38 host_found->file, host_found->line);
diff --git a/debian/patches/no-openssl-version-status.patch b/debian/patches/no-openssl-version-status.patch
index c7b57a428..9c9c664d4 100644
--- a/debian/patches/no-openssl-version-status.patch
+++ b/debian/patches/no-openssl-version-status.patch
@@ -1,4 +1,4 @@
1From 7cdc2be2d56f5f49c9f2557d056bf2c15a141a79 Mon Sep 17 00:00:00 2001 1From 4d75300bdb447824c974febd3d04331755dde3ca Mon Sep 17 00:00:00 2001
2From: Kurt Roeckx <kurt@roeckx.be> 2From: Kurt Roeckx <kurt@roeckx.be>
3Date: Sun, 9 Feb 2014 16:10:14 +0000 3Date: Sun, 9 Feb 2014 16:10:14 +0000
4Subject: Don't check the status field of the OpenSSL version 4Subject: Don't check the status field of the OpenSSL version
diff --git a/debian/patches/openbsd-docs.patch b/debian/patches/openbsd-docs.patch
index 89bd0a3bd..dacff74c3 100644
--- a/debian/patches/openbsd-docs.patch
+++ b/debian/patches/openbsd-docs.patch
@@ -1,4 +1,4 @@
1From c3d9231e598560dfe63a56a422439d263a2c3ebe Mon Sep 17 00:00:00 2001 1From f48c4fd12f8ecd275226e357454e45f10c20ac92 Mon Sep 17 00:00:00 2001
2From: Colin Watson <cjwatson@debian.org> 2From: Colin Watson <cjwatson@debian.org>
3Date: Sun, 9 Feb 2014 16:10:09 +0000 3Date: Sun, 9 Feb 2014 16:10:09 +0000
4Subject: Adjust various OpenBSD-specific references in manual pages 4Subject: Adjust various OpenBSD-specific references in manual pages
@@ -44,7 +44,7 @@ index ef0de0850..149846c8c 100644
44 .Sh SEE ALSO 44 .Sh SEE ALSO
45 .Xr ssh-keygen 1 , 45 .Xr ssh-keygen 1 ,
46diff --git a/ssh-keygen.1 b/ssh-keygen.1 46diff --git a/ssh-keygen.1 b/ssh-keygen.1
47index 3525d7d17..39767e621 100644 47index dd6e7e5a8..33e0bbcc1 100644
48--- a/ssh-keygen.1 48--- a/ssh-keygen.1
49+++ b/ssh-keygen.1 49+++ b/ssh-keygen.1
50@@ -176,9 +176,7 @@ key in 50@@ -176,9 +176,7 @@ key in
@@ -67,9 +67,9 @@ index 3525d7d17..39767e621 100644
67-to generate new host keys. 67-to generate new host keys.
68+This is used by system administration scripts to generate new host keys. 68+This is used by system administration scripts to generate new host keys.
69 .It Fl a Ar rounds 69 .It Fl a Ar rounds
70 When saving a new-format private key (i.e. an ed25519 key or when the 70 When saving a private key this option specifies the number of KDF
71 .Fl o 71 (key derivation function) rounds used.
72@@ -685,7 +681,7 @@ option. 72@@ -677,7 +673,7 @@ option.
73 Valid generator values are 2, 3, and 5. 73 Valid generator values are 2, 3, and 5.
74 .Pp 74 .Pp
75 Screened DH groups may be installed in 75 Screened DH groups may be installed in
@@ -78,7 +78,7 @@ index 3525d7d17..39767e621 100644
78 It is important that this file contains moduli of a range of bit lengths and 78 It is important that this file contains moduli of a range of bit lengths and
79 that both ends of a connection share common moduli. 79 that both ends of a connection share common moduli.
80 .Sh CERTIFICATES 80 .Sh CERTIFICATES
81@@ -872,7 +868,7 @@ on all machines 81@@ -864,7 +860,7 @@ on all machines
82 where the user wishes to log in using public key authentication. 82 where the user wishes to log in using public key authentication.
83 There is no need to keep the contents of this file secret. 83 There is no need to keep the contents of this file secret.
84 .Pp 84 .Pp
@@ -88,10 +88,10 @@ index 3525d7d17..39767e621 100644
88 The file format is described in 88 The file format is described in
89 .Xr moduli 5 . 89 .Xr moduli 5 .
90diff --git a/ssh.1 b/ssh.1 90diff --git a/ssh.1 b/ssh.1
91index 0ef7c1709..54e21d88a 100644 91index cb0fdd50e..d41426781 100644
92--- a/ssh.1 92--- a/ssh.1
93+++ b/ssh.1 93+++ b/ssh.1
94@@ -846,6 +846,10 @@ implements public key authentication protocol automatically, 94@@ -850,6 +850,10 @@ implements public key authentication protocol automatically,
95 using one of the DSA, ECDSA, Ed25519 or RSA algorithms. 95 using one of the DSA, ECDSA, Ed25519 or RSA algorithms.
96 The HISTORY section of 96 The HISTORY section of
97 .Xr ssl 8 97 .Xr ssl 8
@@ -103,7 +103,7 @@ index 0ef7c1709..54e21d88a 100644
103 .Pp 103 .Pp
104 The file 104 The file
105diff --git a/sshd.8 b/sshd.8 105diff --git a/sshd.8 b/sshd.8
106index c8299d5e5..378aeb9f5 100644 106index 57a7fd66b..4abc01d66 100644
107--- a/sshd.8 107--- a/sshd.8
108+++ b/sshd.8 108+++ b/sshd.8
109@@ -65,7 +65,7 @@ over an insecure network. 109@@ -65,7 +65,7 @@ over an insecure network.
@@ -115,7 +115,7 @@ index c8299d5e5..378aeb9f5 100644
115 It forks a new 115 It forks a new
116 daemon for each incoming connection. 116 daemon for each incoming connection.
117 The forked daemons handle 117 The forked daemons handle
118@@ -856,7 +856,7 @@ This file is for host-based authentication (see 118@@ -884,7 +884,7 @@ This file is for host-based authentication (see
119 .Xr ssh 1 ) . 119 .Xr ssh 1 ) .
120 It should only be writable by root. 120 It should only be writable by root.
121 .Pp 121 .Pp
@@ -124,7 +124,7 @@ index c8299d5e5..378aeb9f5 100644
124 Contains Diffie-Hellman groups used for the "Diffie-Hellman Group Exchange" 124 Contains Diffie-Hellman groups used for the "Diffie-Hellman Group Exchange"
125 key exchange method. 125 key exchange method.
126 The file format is described in 126 The file format is described in
127@@ -954,7 +954,6 @@ The content of this file is not sensitive; it can be world-readable. 127@@ -982,7 +982,6 @@ The content of this file is not sensitive; it can be world-readable.
128 .Xr ssh-keyscan 1 , 128 .Xr ssh-keyscan 1 ,
129 .Xr chroot 2 , 129 .Xr chroot 2 ,
130 .Xr hosts_access 5 , 130 .Xr hosts_access 5 ,
@@ -133,10 +133,10 @@ index c8299d5e5..378aeb9f5 100644
133 .Xr sshd_config 5 , 133 .Xr sshd_config 5 ,
134 .Xr inetd 8 , 134 .Xr inetd 8 ,
135diff --git a/sshd_config.5 b/sshd_config.5 135diff --git a/sshd_config.5 b/sshd_config.5
136index 45044a70f..44b918463 100644 136index 96a69ab55..9774831fe 100644
137--- a/sshd_config.5 137--- a/sshd_config.5
138+++ b/sshd_config.5 138+++ b/sshd_config.5
139@@ -383,8 +383,7 @@ then no banner is displayed. 139@@ -384,8 +384,7 @@ then no banner is displayed.
140 By default, no banner is displayed. 140 By default, no banner is displayed.
141 .It Cm ChallengeResponseAuthentication 141 .It Cm ChallengeResponseAuthentication
142 Specifies whether challenge-response authentication is allowed (e.g. via 142 Specifies whether challenge-response authentication is allowed (e.g. via
diff --git a/debian/patches/package-versioning.patch b/debian/patches/package-versioning.patch
index c95f06568..470d057b2 100644
--- a/debian/patches/package-versioning.patch
+++ b/debian/patches/package-versioning.patch
@@ -1,4 +1,4 @@
1From 52359fc0d6ee73ee6e24332b2777dc8abdaed652 Mon Sep 17 00:00:00 2001 1From 97c5d99b8d1957d5a29ca34157a9bfe2ed5c7003 Mon Sep 17 00:00:00 2001
2From: Matthew Vernon <matthew@debian.org> 2From: Matthew Vernon <matthew@debian.org>
3Date: Sun, 9 Feb 2014 16:10:05 +0000 3Date: Sun, 9 Feb 2014 16:10:05 +0000
4Subject: Include the Debian version in our identification 4Subject: Include the Debian version in our identification
@@ -19,10 +19,10 @@ Patch-Name: package-versioning.patch
19 3 files changed, 8 insertions(+), 3 deletions(-) 19 3 files changed, 8 insertions(+), 3 deletions(-)
20 20
21diff --git a/sshconnect.c b/sshconnect.c 21diff --git a/sshconnect.c b/sshconnect.c
22index 58f9eac8a..15d8b807e 100644 22index ab5966066..d3656e47a 100644
23--- a/sshconnect.c 23--- a/sshconnect.c
24+++ b/sshconnect.c 24+++ b/sshconnect.c
25@@ -638,7 +638,7 @@ send_client_banner(int connection_out, int minor1) 25@@ -609,7 +609,7 @@ send_client_banner(int connection_out, int minor1)
26 { 26 {
27 /* Send our own protocol version identification. */ 27 /* Send our own protocol version identification. */
28 xasprintf(&client_version_string, "SSH-%d.%d-%.100s\r\n", 28 xasprintf(&client_version_string, "SSH-%d.%d-%.100s\r\n",
@@ -32,7 +32,7 @@ index 58f9eac8a..15d8b807e 100644
32 strlen(client_version_string)) != strlen(client_version_string)) 32 strlen(client_version_string)) != strlen(client_version_string))
33 fatal("write: %.100s", strerror(errno)); 33 fatal("write: %.100s", strerror(errno));
34diff --git a/sshd.c b/sshd.c 34diff --git a/sshd.c b/sshd.c
35index 6d911c19a..9a7f5495c 100644 35index 92d15c82d..ffd3dad6a 100644
36--- a/sshd.c 36--- a/sshd.c
37+++ b/sshd.c 37+++ b/sshd.c
38@@ -384,7 +384,7 @@ sshd_exchange_identification(struct ssh *ssh, int sock_in, int sock_out) 38@@ -384,7 +384,7 @@ sshd_exchange_identification(struct ssh *ssh, int sock_in, int sock_out)
@@ -45,11 +45,11 @@ index 6d911c19a..9a7f5495c 100644
45 options.version_addendum); 45 options.version_addendum);
46 46
47diff --git a/version.h b/version.h 47diff --git a/version.h b/version.h
48index ea52b26f5..a3fa6e0b9 100644 48index f1bbf00f3..e7df751e1 100644
49--- a/version.h 49--- a/version.h
50+++ b/version.h 50+++ b/version.h
51@@ -3,4 +3,9 @@ 51@@ -3,4 +3,9 @@
52 #define SSH_VERSION "OpenSSH_7.7" 52 #define SSH_VERSION "OpenSSH_7.8"
53 53
54 #define SSH_PORTABLE "p1" 54 #define SSH_PORTABLE "p1"
55-#define SSH_RELEASE SSH_VERSION SSH_PORTABLE 55-#define SSH_RELEASE SSH_VERSION SSH_PORTABLE
diff --git a/debian/patches/restore-authorized_keys2.patch b/debian/patches/restore-authorized_keys2.patch
index 366c41655..6f0abc35f 100644
--- a/debian/patches/restore-authorized_keys2.patch
+++ b/debian/patches/restore-authorized_keys2.patch
@@ -1,4 +1,4 @@
1From 1e4b9d8e6cee1e15edfc12aa0294fa78639496b9 Mon Sep 17 00:00:00 2001 1From 2bc71f46ab96ec8af88a5b86786fb0835d9b65bc Mon Sep 17 00:00:00 2001
2From: Colin Watson <cjwatson@debian.org> 2From: Colin Watson <cjwatson@debian.org>
3Date: Sun, 5 Mar 2017 02:02:11 +0000 3Date: Sun, 5 Mar 2017 02:02:11 +0000
4Subject: Restore reading authorized_keys2 by default 4Subject: Restore reading authorized_keys2 by default
@@ -18,7 +18,7 @@ Patch-Name: restore-authorized_keys2.patch
18 1 file changed, 2 insertions(+), 3 deletions(-) 18 1 file changed, 2 insertions(+), 3 deletions(-)
19 19
20diff --git a/sshd_config b/sshd_config 20diff --git a/sshd_config b/sshd_config
21index de9cc9fe2..31e14a4f0 100644 21index ed8272f6d..ee9629102 100644
22--- a/sshd_config 22--- a/sshd_config
23+++ b/sshd_config 23+++ b/sshd_config
24@@ -36,9 +36,8 @@ 24@@ -36,9 +36,8 @@
diff --git a/debian/patches/restore-tcp-wrappers.patch b/debian/patches/restore-tcp-wrappers.patch
index fccd130b8..91f3377b1 100644
--- a/debian/patches/restore-tcp-wrappers.patch
+++ b/debian/patches/restore-tcp-wrappers.patch
@@ -1,4 +1,4 @@
1From 398af3d66bfe8dc7d436570026571e522a0a13a0 Mon Sep 17 00:00:00 2001 1From 84a7a1b1c767056c80add9f0e15c9f9ec23ec94d Mon Sep 17 00:00:00 2001
2From: Colin Watson <cjwatson@debian.org> 2From: Colin Watson <cjwatson@debian.org>
3Date: Tue, 7 Oct 2014 13:22:41 +0100 3Date: Tue, 7 Oct 2014 13:22:41 +0100
4Subject: Restore TCP wrappers support 4Subject: Restore TCP wrappers support
@@ -18,7 +18,7 @@ but it at least probably doesn't involve dropping this feature shortly
18before a freeze. 18before a freeze.
19 19
20Forwarded: not-needed 20Forwarded: not-needed
21Last-Update: 2014-10-07 21Last-Update: 2018-08-24
22 22
23Patch-Name: restore-tcp-wrappers.patch 23Patch-Name: restore-tcp-wrappers.patch
24--- 24---
@@ -28,12 +28,12 @@ Patch-Name: restore-tcp-wrappers.patch
28 3 files changed, 89 insertions(+) 28 3 files changed, 89 insertions(+)
29 29
30diff --git a/configure.ac b/configure.ac 30diff --git a/configure.ac b/configure.ac
31index 1cd5eab6c..3e23e60d6 100644 31index 82428b241..ebc10f51e 100644
32--- a/configure.ac 32--- a/configure.ac
33+++ b/configure.ac 33+++ b/configure.ac
34@@ -1566,6 +1566,62 @@ AC_ARG_WITH([skey], 34@@ -1526,6 +1526,62 @@ else
35 ] 35 AC_MSG_RESULT([no])
36 ) 36 fi
37 37
38+# Check whether user wants TCP wrappers support 38+# Check whether user wants TCP wrappers support
39+TCPW_MSG="no" 39+TCPW_MSG="no"
@@ -94,19 +94,19 @@ index 1cd5eab6c..3e23e60d6 100644
94 # Check whether user wants to use ldns 94 # Check whether user wants to use ldns
95 LDNS_MSG="no" 95 LDNS_MSG="no"
96 AC_ARG_WITH(ldns, 96 AC_ARG_WITH(ldns,
97@@ -5240,6 +5296,7 @@ echo " OSF SIA support: $SIA_MSG" 97@@ -5201,6 +5257,7 @@ echo " PAM support: $PAM_MSG"
98 echo " OSF SIA support: $SIA_MSG"
98 echo " KerberosV support: $KRB5_MSG" 99 echo " KerberosV support: $KRB5_MSG"
99 echo " SELinux support: $SELINUX_MSG" 100 echo " SELinux support: $SELINUX_MSG"
100 echo " S/KEY support: $SKEY_MSG"
101+echo " TCP Wrappers support: $TCPW_MSG" 101+echo " TCP Wrappers support: $TCPW_MSG"
102 echo " MD5 password support: $MD5_MSG" 102 echo " MD5 password support: $MD5_MSG"
103 echo " libedit support: $LIBEDIT_MSG" 103 echo " libedit support: $LIBEDIT_MSG"
104 echo " libldns support: $LDNS_MSG" 104 echo " libldns support: $LDNS_MSG"
105diff --git a/sshd.8 b/sshd.8 105diff --git a/sshd.8 b/sshd.8
106index 968ba66bb..c8299d5e5 100644 106index fb133c14b..57a7fd66b 100644
107--- a/sshd.8 107--- a/sshd.8
108+++ b/sshd.8 108+++ b/sshd.8
109@@ -845,6 +845,12 @@ the user's home directory becomes accessible. 109@@ -873,6 +873,12 @@ the user's home directory becomes accessible.
110 This file should be writable only by the user, and need not be 110 This file should be writable only by the user, and need not be
111 readable by anyone else. 111 readable by anyone else.
112 .Pp 112 .Pp
@@ -119,7 +119,7 @@ index 968ba66bb..c8299d5e5 100644
119 .It Pa /etc/hosts.equiv 119 .It Pa /etc/hosts.equiv
120 This file is for host-based authentication (see 120 This file is for host-based authentication (see
121 .Xr ssh 1 ) . 121 .Xr ssh 1 ) .
122@@ -947,6 +953,7 @@ The content of this file is not sensitive; it can be world-readable. 122@@ -975,6 +981,7 @@ The content of this file is not sensitive; it can be world-readable.
123 .Xr ssh-keygen 1 , 123 .Xr ssh-keygen 1 ,
124 .Xr ssh-keyscan 1 , 124 .Xr ssh-keyscan 1 ,
125 .Xr chroot 2 , 125 .Xr chroot 2 ,
@@ -128,7 +128,7 @@ index 968ba66bb..c8299d5e5 100644
128 .Xr moduli 5 , 128 .Xr moduli 5 ,
129 .Xr sshd_config 5 , 129 .Xr sshd_config 5 ,
130diff --git a/sshd.c b/sshd.c 130diff --git a/sshd.c b/sshd.c
131index e88185efa..4ed0364f2 100644 131index 2e453cdf8..71c360da0 100644
132--- a/sshd.c 132--- a/sshd.c
133+++ b/sshd.c 133+++ b/sshd.c
134@@ -127,6 +127,13 @@ 134@@ -127,6 +127,13 @@
@@ -145,7 +145,7 @@ index e88185efa..4ed0364f2 100644
145 /* Re-exec fds */ 145 /* Re-exec fds */
146 #define REEXEC_DEVCRYPTO_RESERVED_FD (STDERR_FILENO + 1) 146 #define REEXEC_DEVCRYPTO_RESERVED_FD (STDERR_FILENO + 1)
147 #define REEXEC_STARTUP_PIPE_FD (STDERR_FILENO + 2) 147 #define REEXEC_STARTUP_PIPE_FD (STDERR_FILENO + 2)
148@@ -2042,6 +2049,24 @@ main(int ac, char **av) 148@@ -2100,6 +2107,24 @@ main(int ac, char **av)
149 #ifdef SSH_AUDIT_EVENTS 149 #ifdef SSH_AUDIT_EVENTS
150 audit_connection_from(remote_ip, remote_port); 150 audit_connection_from(remote_ip, remote_port);
151 #endif 151 #endif
diff --git a/debian/patches/scp-quoting.patch b/debian/patches/scp-quoting.patch
index 18c7155e4..c52632134 100644
--- a/debian/patches/scp-quoting.patch
+++ b/debian/patches/scp-quoting.patch
@@ -1,4 +1,4 @@
1From e800454207f4d7a0c402f129029b8282209cdf74 Mon Sep 17 00:00:00 2001 1From f14447b774639c6de52f452e5a0e012939832855 Mon Sep 17 00:00:00 2001
2From: =?UTF-8?q?Nicolas=20Valc=C3=A1rcel?= <nvalcarcel@ubuntu.com> 2From: =?UTF-8?q?Nicolas=20Valc=C3=A1rcel?= <nvalcarcel@ubuntu.com>
3Date: Sun, 9 Feb 2014 16:09:59 +0000 3Date: Sun, 9 Feb 2014 16:09:59 +0000
4Subject: Adjust scp quoting in verbose mode 4Subject: Adjust scp quoting in verbose mode
@@ -17,7 +17,7 @@ Patch-Name: scp-quoting.patch
17 1 file changed, 10 insertions(+), 2 deletions(-) 17 1 file changed, 10 insertions(+), 2 deletions(-)
18 18
19diff --git a/scp.c b/scp.c 19diff --git a/scp.c b/scp.c
20index 31e6709fb..2bbf6938e 100644 20index 60682c687..ed2864250 100644
21--- a/scp.c 21--- a/scp.c
22+++ b/scp.c 22+++ b/scp.c
23@@ -198,8 +198,16 @@ do_local_cmd(arglist *a) 23@@ -198,8 +198,16 @@ do_local_cmd(arglist *a)
diff --git a/debian/patches/seccomp-getuid-geteuid.patch b/debian/patches/seccomp-getuid-geteuid.patch
deleted file mode 100644
index be4921ae4..000000000
--- a/debian/patches/seccomp-getuid-geteuid.patch
+++ /dev/null
@@ -1,44 +0,0 @@
1From 5b35741e661c6a95e39f5f897ae62c0f3686ca4f Mon Sep 17 00:00:00 2001
2From: Eduardo Barretto <ebarretto@linux.vnet.ibm.com>
3Date: Tue, 9 May 2017 13:31:05 -0300
4Subject: Allow getuid and geteuid calls
5
6getuid and geteuid are needed when using an openssl engine that calls a
7crypto card, e.g. ICA (libica).
8Those syscalls are also needed by the distros for audit code.
9
10Signed-off-by: Eduardo Barretto <ebarretto@linux.vnet.ibm.com>
11
12Origin: other, https://bugzilla.mindrot.org/show_bug.cgi?id=2752
13Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=2752
14Bug-Ubuntu: https://bugs.launchpad.net/bugs/1686618
15Last-Update: 2017-08-28
16
17Patch-Name: seccomp-getuid-geteuid.patch
18---
19 sandbox-seccomp-filter.c | 12 ++++++++++++
20 1 file changed, 12 insertions(+)
21
22diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c
23index 6e7de3114..e86aa2c91 100644
24--- a/sandbox-seccomp-filter.c
25+++ b/sandbox-seccomp-filter.c
26@@ -175,6 +175,18 @@ static const struct sock_filter preauth_insns[] = {
27 #ifdef __NR_getpid
28 SC_ALLOW(__NR_getpid),
29 #endif
30+#ifdef __NR_getuid
31+ SC_ALLOW(__NR_getuid),
32+#endif
33+#ifdef __NR_getuid32
34+ SC_ALLOW(__NR_getuid32),
35+#endif
36+#ifdef __NR_geteuid
37+ SC_ALLOW(__NR_geteuid),
38+#endif
39+#ifdef __NR_geteuid32
40+ SC_ALLOW(__NR_geteuid32),
41+#endif
42 #ifdef __NR_getrandom
43 SC_ALLOW(__NR_getrandom),
44 #endif
diff --git a/debian/patches/seccomp-s390-flock-ipc.patch b/debian/patches/seccomp-s390-flock-ipc.patch
index b62d0195c..2febc4e38 100644
--- a/debian/patches/seccomp-s390-flock-ipc.patch
+++ b/debian/patches/seccomp-s390-flock-ipc.patch
@@ -1,4 +1,4 @@
1From 8435aa5e322a4899dcb9bc68d5f0551e93d3f5a5 Mon Sep 17 00:00:00 2001 1From 04910479f7869c27065950b7deb0d69d85230927 Mon Sep 17 00:00:00 2001
2From: Eduardo Barretto <ebarretto@linux.vnet.ibm.com> 2From: Eduardo Barretto <ebarretto@linux.vnet.ibm.com>
3Date: Tue, 9 May 2017 10:53:04 -0300 3Date: Tue, 9 May 2017 10:53:04 -0300
4Subject: Allow flock and ipc syscall for s390 architecture 4Subject: Allow flock and ipc syscall for s390 architecture
@@ -14,7 +14,7 @@ Signed-off-by: Eduardo Barretto <ebarretto@linux.vnet.ibm.com>
14Origin: other, https://bugzilla.mindrot.org/show_bug.cgi?id=2752 14Origin: other, https://bugzilla.mindrot.org/show_bug.cgi?id=2752
15Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=2752 15Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=2752
16Bug-Ubuntu: https://bugs.launchpad.net/bugs/1686618 16Bug-Ubuntu: https://bugs.launchpad.net/bugs/1686618
17Last-Update: 2017-08-28 17Last-Update: 2018-08-24
18 18
19Patch-Name: seccomp-s390-flock-ipc.patch 19Patch-Name: seccomp-s390-flock-ipc.patch
20--- 20---
@@ -22,7 +22,7 @@ Patch-Name: seccomp-s390-flock-ipc.patch
22 1 file changed, 6 insertions(+) 22 1 file changed, 6 insertions(+)
23 23
24diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c 24diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c
25index ca75cc719..6e7de3114 100644 25index 12c4ee130..bcea77997 100644
26--- a/sandbox-seccomp-filter.c 26--- a/sandbox-seccomp-filter.c
27+++ b/sandbox-seccomp-filter.c 27+++ b/sandbox-seccomp-filter.c
28@@ -166,6 +166,9 @@ static const struct sock_filter preauth_insns[] = { 28@@ -166,6 +166,9 @@ static const struct sock_filter preauth_insns[] = {
@@ -32,12 +32,12 @@ index ca75cc719..6e7de3114 100644
32+#if defined(__NR_flock) && defined(__s390__) 32+#if defined(__NR_flock) && defined(__s390__)
33+ SC_ALLOW(__NR_flock), 33+ SC_ALLOW(__NR_flock),
34+#endif 34+#endif
35 #ifdef __NR_getpgid 35 #ifdef __NR_geteuid
36 SC_ALLOW(__NR_getpgid), 36 SC_ALLOW(__NR_geteuid),
37 #endif 37 #endif
38@@ -178,6 +181,9 @@ static const struct sock_filter preauth_insns[] = { 38@@ -190,6 +193,9 @@ static const struct sock_filter preauth_insns[] = {
39 #ifdef __NR_gettimeofday 39 #ifdef __NR_getuid32
40 SC_ALLOW(__NR_gettimeofday), 40 SC_ALLOW(__NR_getuid32),
41 #endif 41 #endif
42+#if defined(__NR_ipc) && defined(__s390__) 42+#if defined(__NR_ipc) && defined(__s390__)
43+ SC_ALLOW(__NR_ipc), 43+ SC_ALLOW(__NR_ipc),
diff --git a/debian/patches/seccomp-s390-ioctl-ep11-crypto.patch b/debian/patches/seccomp-s390-ioctl-ep11-crypto.patch
index dd0f6510c..fc3af3e64 100644
--- a/debian/patches/seccomp-s390-ioctl-ep11-crypto.patch
+++ b/debian/patches/seccomp-s390-ioctl-ep11-crypto.patch
@@ -1,4 +1,4 @@
1From ea67bc97339c9a507343e4a1f5fb867f678fbe1d Mon Sep 17 00:00:00 2001 1From 16a47fc4b04977a14f44dd433c8da1499fa80671 Mon Sep 17 00:00:00 2001
2From: Eduardo Barretto <ebarretto@linux.vnet.ibm.com> 2From: Eduardo Barretto <ebarretto@linux.vnet.ibm.com>
3Date: Tue, 9 May 2017 13:33:30 -0300 3Date: Tue, 9 May 2017 13:33:30 -0300
4Subject: Enable specific ioctl call for EP11 crypto card (s390) 4Subject: Enable specific ioctl call for EP11 crypto card (s390)
@@ -19,10 +19,10 @@ Patch-Name: seccomp-s390-ioctl-ep11-crypto.patch
19 1 file changed, 2 insertions(+) 19 1 file changed, 2 insertions(+)
20 20
21diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c 21diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c
22index e86aa2c91..98062f152 100644 22index bcea77997..f216ba353 100644
23--- a/sandbox-seccomp-filter.c 23--- a/sandbox-seccomp-filter.c
24+++ b/sandbox-seccomp-filter.c 24+++ b/sandbox-seccomp-filter.c
25@@ -250,6 +250,8 @@ static const struct sock_filter preauth_insns[] = { 25@@ -253,6 +253,8 @@ static const struct sock_filter preauth_insns[] = {
26 SC_ALLOW_ARG(__NR_ioctl, 1, Z90STAT_STATUS_MASK), 26 SC_ALLOW_ARG(__NR_ioctl, 1, Z90STAT_STATUS_MASK),
27 SC_ALLOW_ARG(__NR_ioctl, 1, ICARSAMODEXPO), 27 SC_ALLOW_ARG(__NR_ioctl, 1, ICARSAMODEXPO),
28 SC_ALLOW_ARG(__NR_ioctl, 1, ICARSACRT), 28 SC_ALLOW_ARG(__NR_ioctl, 1, ICARSACRT),
diff --git a/debian/patches/selinux-role.patch b/debian/patches/selinux-role.patch
index 5c0bad093..95d582067 100644
--- a/debian/patches/selinux-role.patch
+++ b/debian/patches/selinux-role.patch
@@ -1,4 +1,4 @@
1From 7da968d97beba5fb80a5488516563ea1376db907 Mon Sep 17 00:00:00 2001 1From 03979f2e0768e146d179c66f2d2e33afe61c1be3 Mon Sep 17 00:00:00 2001
2From: Manoj Srivastava <srivasta@debian.org> 2From: Manoj Srivastava <srivasta@debian.org>
3Date: Sun, 9 Feb 2014 16:09:49 +0000 3Date: Sun, 9 Feb 2014 16:09:49 +0000
4Subject: Handle SELinux authorisation roles 4Subject: Handle SELinux authorisation roles
@@ -9,17 +9,17 @@ SELinux maintainer, so we'll keep it until we have something better.
9 9
10Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1641 10Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1641
11Bug-Debian: http://bugs.debian.org/394795 11Bug-Debian: http://bugs.debian.org/394795
12Last-Update: 2017-10-04 12Last-Update: 2018-08-24
13 13
14Patch-Name: selinux-role.patch 14Patch-Name: selinux-role.patch
15--- 15---
16 auth.h | 1 + 16 auth.h | 1 +
17 auth2.c | 10 ++++++++-- 17 auth2.c | 10 ++++++++--
18 monitor.c | 32 +++++++++++++++++++++++++++++--- 18 monitor.c | 37 +++++++++++++++++++++++++++++++++----
19 monitor.h | 2 ++ 19 monitor.h | 2 ++
20 monitor_wrap.c | 22 ++++++++++++++++++++-- 20 monitor_wrap.c | 27 ++++++++++++++++++++++++---
21 monitor_wrap.h | 3 ++- 21 monitor_wrap.h | 3 ++-
22 openbsd-compat/port-linux.c | 27 ++++++++++++++++++++------- 22 openbsd-compat/port-linux.c | 21 ++++++++++++++-------
23 openbsd-compat/port-linux.h | 4 ++-- 23 openbsd-compat/port-linux.h | 4 ++--
24 platform.c | 4 ++-- 24 platform.c | 4 ++--
25 platform.h | 2 +- 25 platform.h | 2 +-
@@ -28,10 +28,10 @@ Patch-Name: selinux-role.patch
28 sshd.c | 2 +- 28 sshd.c | 2 +-
29 sshpty.c | 4 ++-- 29 sshpty.c | 4 ++--
30 sshpty.h | 2 +- 30 sshpty.h | 2 +-
31 15 files changed, 97 insertions(+), 30 deletions(-) 31 15 files changed, 99 insertions(+), 32 deletions(-)
32 32
33diff --git a/auth.h b/auth.h 33diff --git a/auth.h b/auth.h
34index 23ce67caf..15ba7073e 100644 34index 977562f0a..90802a5eb 100644
35--- a/auth.h 35--- a/auth.h
36+++ b/auth.h 36+++ b/auth.h
37@@ -65,6 +65,7 @@ struct Authctxt { 37@@ -65,6 +65,7 @@ struct Authctxt {
@@ -43,19 +43,19 @@ index 23ce67caf..15ba7073e 100644
43 /* Method lists for multiple authentication */ 43 /* Method lists for multiple authentication */
44 char **auth_methods; /* modified from server config */ 44 char **auth_methods; /* modified from server config */
45diff --git a/auth2.c b/auth2.c 45diff --git a/auth2.c b/auth2.c
46index c34f58c45..be5e9f15f 100644 46index 96efe164c..90a247c1c 100644
47--- a/auth2.c 47--- a/auth2.c
48+++ b/auth2.c 48+++ b/auth2.c
49@@ -218,7 +218,7 @@ input_userauth_request(int type, u_int32_t seq, struct ssh *ssh) 49@@ -257,7 +257,7 @@ input_userauth_request(int type, u_int32_t seq, struct ssh *ssh)
50 { 50 {
51 Authctxt *authctxt = ssh->authctxt; 51 Authctxt *authctxt = ssh->authctxt;
52 Authmethod *m = NULL; 52 Authmethod *m = NULL;
53- char *user, *service, *method, *style = NULL; 53- char *user, *service, *method, *style = NULL;
54+ char *user, *service, *method, *style = NULL, *role = NULL; 54+ char *user, *service, *method, *style = NULL, *role = NULL;
55 int authenticated = 0; 55 int authenticated = 0;
56 double tstart = monotime_double();
56 57
57 if (authctxt == NULL) 58@@ -270,8 +270,13 @@ input_userauth_request(int type, u_int32_t seq, struct ssh *ssh)
58@@ -230,8 +230,13 @@ input_userauth_request(int type, u_int32_t seq, struct ssh *ssh)
59 debug("userauth-request for user %s service %s method %s", user, service, method); 59 debug("userauth-request for user %s service %s method %s", user, service, method);
60 debug("attempt %d failures %d", authctxt->attempt, authctxt->failures); 60 debug("attempt %d failures %d", authctxt->attempt, authctxt->failures);
61 61
@@ -69,7 +69,7 @@ index c34f58c45..be5e9f15f 100644
69 69
70 if (authctxt->attempt++ == 0) { 70 if (authctxt->attempt++ == 0) {
71 /* setup auth context */ 71 /* setup auth context */
72@@ -258,8 +263,9 @@ input_userauth_request(int type, u_int32_t seq, struct ssh *ssh) 72@@ -298,8 +303,9 @@ input_userauth_request(int type, u_int32_t seq, struct ssh *ssh)
73 use_privsep ? " [net]" : ""); 73 use_privsep ? " [net]" : "");
74 authctxt->service = xstrdup(service); 74 authctxt->service = xstrdup(service);
75 authctxt->style = style ? xstrdup(style) : NULL; 75 authctxt->style = style ? xstrdup(style) : NULL;
@@ -81,18 +81,18 @@ index c34f58c45..be5e9f15f 100644
81 if (auth2_setup_methods_lists(authctxt) != 0) 81 if (auth2_setup_methods_lists(authctxt) != 0)
82 packet_disconnect("no authentication methods enabled"); 82 packet_disconnect("no authentication methods enabled");
83diff --git a/monitor.c b/monitor.c 83diff --git a/monitor.c b/monitor.c
84index 868fb0d2d..ed37458fb 100644 84index 4e574a2ae..c1e7e9b80 100644
85--- a/monitor.c 85--- a/monitor.c
86+++ b/monitor.c 86+++ b/monitor.c
87@@ -128,6 +128,7 @@ int mm_answer_sign(int, Buffer *); 87@@ -115,6 +115,7 @@ int mm_answer_sign(int, struct sshbuf *);
88 int mm_answer_pwnamallow(int, Buffer *); 88 int mm_answer_pwnamallow(int, struct sshbuf *);
89 int mm_answer_auth2_read_banner(int, Buffer *); 89 int mm_answer_auth2_read_banner(int, struct sshbuf *);
90 int mm_answer_authserv(int, Buffer *); 90 int mm_answer_authserv(int, struct sshbuf *);
91+int mm_answer_authrole(int, Buffer *); 91+int mm_answer_authrole(int, struct sshbuf *);
92 int mm_answer_authpassword(int, Buffer *); 92 int mm_answer_authpassword(int, struct sshbuf *);
93 int mm_answer_bsdauthquery(int, Buffer *); 93 int mm_answer_bsdauthquery(int, struct sshbuf *);
94 int mm_answer_bsdauthrespond(int, Buffer *); 94 int mm_answer_bsdauthrespond(int, struct sshbuf *);
95@@ -206,6 +207,7 @@ struct mon_table mon_dispatch_proto20[] = { 95@@ -191,6 +192,7 @@ struct mon_table mon_dispatch_proto20[] = {
96 {MONITOR_REQ_SIGN, MON_ONCE, mm_answer_sign}, 96 {MONITOR_REQ_SIGN, MON_ONCE, mm_answer_sign},
97 {MONITOR_REQ_PWNAM, MON_ONCE, mm_answer_pwnamallow}, 97 {MONITOR_REQ_PWNAM, MON_ONCE, mm_answer_pwnamallow},
98 {MONITOR_REQ_AUTHSERV, MON_ONCE, mm_answer_authserv}, 98 {MONITOR_REQ_AUTHSERV, MON_ONCE, mm_answer_authserv},
@@ -100,7 +100,7 @@ index 868fb0d2d..ed37458fb 100644
100 {MONITOR_REQ_AUTH2_READ_BANNER, MON_ONCE, mm_answer_auth2_read_banner}, 100 {MONITOR_REQ_AUTH2_READ_BANNER, MON_ONCE, mm_answer_auth2_read_banner},
101 {MONITOR_REQ_AUTHPASSWORD, MON_AUTH, mm_answer_authpassword}, 101 {MONITOR_REQ_AUTHPASSWORD, MON_AUTH, mm_answer_authpassword},
102 #ifdef USE_PAM 102 #ifdef USE_PAM
103@@ -806,6 +808,7 @@ mm_answer_pwnamallow(int sock, Buffer *m) 103@@ -813,6 +815,7 @@ mm_answer_pwnamallow(int sock, struct sshbuf *m)
104 104
105 /* Allow service/style information on the auth context */ 105 /* Allow service/style information on the auth context */
106 monitor_permit(mon_dispatch, MONITOR_REQ_AUTHSERV, 1); 106 monitor_permit(mon_dispatch, MONITOR_REQ_AUTHSERV, 1);
@@ -108,13 +108,16 @@ index 868fb0d2d..ed37458fb 100644
108 monitor_permit(mon_dispatch, MONITOR_REQ_AUTH2_READ_BANNER, 1); 108 monitor_permit(mon_dispatch, MONITOR_REQ_AUTH2_READ_BANNER, 1);
109 109
110 #ifdef USE_PAM 110 #ifdef USE_PAM
111@@ -836,14 +839,37 @@ mm_answer_authserv(int sock, Buffer *m) 111@@ -846,16 +849,42 @@ mm_answer_authserv(int sock, struct sshbuf *m)
112 112 monitor_permit_authentications(1);
113 authctxt->service = buffer_get_string(m, NULL); 113
114 authctxt->style = buffer_get_string(m, NULL); 114 if ((r = sshbuf_get_cstring(m, &authctxt->service, NULL)) != 0 ||
115- (r = sshbuf_get_cstring(m, &authctxt->style, NULL)) != 0)
116+ (r = sshbuf_get_cstring(m, &authctxt->style, NULL)) != 0 ||
117+ (r = sshbuf_get_cstring(m, &authctxt->role, NULL)) != 0)
118 fatal("%s: buffer error: %s", __func__, ssh_err(r));
115- debug3("%s: service=%s, style=%s", 119- debug3("%s: service=%s, style=%s",
116- __func__, authctxt->service, authctxt->style); 120- __func__, authctxt->service, authctxt->style);
117+ authctxt->role = buffer_get_string(m, NULL);
118+ debug3("%s: service=%s, style=%s, role=%s", 121+ debug3("%s: service=%s, style=%s, role=%s",
119+ __func__, authctxt->service, authctxt->style, authctxt->role); 122+ __func__, authctxt->service, authctxt->style, authctxt->role);
120 123
@@ -132,11 +135,14 @@ index 868fb0d2d..ed37458fb 100644
132+} 135+}
133+ 136+
134+int 137+int
135+mm_answer_authrole(int sock, Buffer *m) 138+mm_answer_authrole(int sock, struct sshbuf *m)
136+{ 139+{
140+ int r;
141+
137+ monitor_permit_authentications(1); 142+ monitor_permit_authentications(1);
138+ 143+
139+ authctxt->role = buffer_get_string(m, NULL); 144+ if ((r = sshbuf_get_cstring(m, &authctxt->role, NULL)) != 0)
145+ fatal("%s: buffer error: %s", __func__, ssh_err(r));
140+ debug3("%s: role=%s", 146+ debug3("%s: role=%s",
141+ __func__, authctxt->role); 147+ __func__, authctxt->role);
142+ 148+
@@ -148,20 +154,20 @@ index 868fb0d2d..ed37458fb 100644
148 return (0); 154 return (0);
149 } 155 }
150 156
151@@ -1497,7 +1523,7 @@ mm_answer_pty(int sock, Buffer *m) 157@@ -1497,7 +1526,7 @@ mm_answer_pty(int sock, struct sshbuf *m)
152 res = pty_allocate(&s->ptyfd, &s->ttyfd, s->tty, sizeof(s->tty)); 158 res = pty_allocate(&s->ptyfd, &s->ttyfd, s->tty, sizeof(s->tty));
153 if (res == 0) 159 if (res == 0)
154 goto error; 160 goto error;
155- pty_setowner(authctxt->pw, s->tty); 161- pty_setowner(authctxt->pw, s->tty);
156+ pty_setowner(authctxt->pw, s->tty, authctxt->role); 162+ pty_setowner(authctxt->pw, s->tty, authctxt->role);
157 163
158 buffer_put_int(m, 1); 164 if ((r = sshbuf_put_u32(m, 1)) != 0 ||
159 buffer_put_cstring(m, s->tty); 165 (r = sshbuf_put_cstring(m, s->tty)) != 0)
160diff --git a/monitor.h b/monitor.h 166diff --git a/monitor.h b/monitor.h
161index ec41404c7..4c7955d7a 100644 167index 44fbed589..8f65e684d 100644
162--- a/monitor.h 168--- a/monitor.h
163+++ b/monitor.h 169+++ b/monitor.h
164@@ -68,6 +68,8 @@ enum monitor_reqtype { 170@@ -66,6 +66,8 @@ enum monitor_reqtype {
165 MONITOR_REQ_GSSSIGN = 150, MONITOR_ANS_GSSSIGN = 151, 171 MONITOR_REQ_GSSSIGN = 150, MONITOR_ANS_GSSSIGN = 151,
166 MONITOR_REQ_GSSUPCREDS = 152, MONITOR_ANS_GSSUPCREDS = 153, 172 MONITOR_REQ_GSSUPCREDS = 152, MONITOR_ANS_GSSUPCREDS = 153,
167 173
@@ -171,10 +177,10 @@ index ec41404c7..4c7955d7a 100644
171 177
172 struct monitor { 178 struct monitor {
173diff --git a/monitor_wrap.c b/monitor_wrap.c 179diff --git a/monitor_wrap.c b/monitor_wrap.c
174index e749efc18..7b2d06c65 100644 180index 1865a122a..fd4d7eb3b 100644
175--- a/monitor_wrap.c 181--- a/monitor_wrap.c
176+++ b/monitor_wrap.c 182+++ b/monitor_wrap.c
177@@ -331,10 +331,10 @@ mm_auth2_read_banner(void) 183@@ -369,10 +369,10 @@ mm_auth2_read_banner(void)
178 return (banner); 184 return (banner);
179 } 185 }
180 186
@@ -185,17 +191,20 @@ index e749efc18..7b2d06c65 100644
185-mm_inform_authserv(char *service, char *style) 191-mm_inform_authserv(char *service, char *style)
186+mm_inform_authserv(char *service, char *style, char *role) 192+mm_inform_authserv(char *service, char *style, char *role)
187 { 193 {
188 Buffer m; 194 struct sshbuf *m;
189 195 int r;
190@@ -343,12 +343,30 @@ mm_inform_authserv(char *service, char *style) 196@@ -382,7 +382,8 @@ mm_inform_authserv(char *service, char *style)
191 buffer_init(&m); 197 if ((m = sshbuf_new()) == NULL)
192 buffer_put_cstring(&m, service); 198 fatal("%s: sshbuf_new failed", __func__);
193 buffer_put_cstring(&m, style ? style : ""); 199 if ((r = sshbuf_put_cstring(m, service)) != 0 ||
194+ buffer_put_cstring(&m, role ? role : ""); 200- (r = sshbuf_put_cstring(m, style ? style : "")) != 0)
195 201+ (r = sshbuf_put_cstring(m, style ? style : "")) != 0 ||
196 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUTHSERV, &m); 202+ (r = sshbuf_put_cstring(m, role ? role : "")) != 0)
197 203 fatal("%s: buffer error: %s", __func__, ssh_err(r));
198 buffer_free(&m); 204
205 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUTHSERV, m);
206@@ -390,6 +391,26 @@ mm_inform_authserv(char *service, char *style)
207 sshbuf_free(m);
199 } 208 }
200 209
201+/* Inform the privileged process about role */ 210+/* Inform the privileged process about role */
@@ -203,29 +212,32 @@ index e749efc18..7b2d06c65 100644
203+void 212+void
204+mm_inform_authrole(char *role) 213+mm_inform_authrole(char *role)
205+{ 214+{
206+ Buffer m; 215+ struct sshbuf *m;
216+ int r;
207+ 217+
208+ debug3("%s entering", __func__); 218+ debug3("%s entering", __func__);
209+ 219+
210+ buffer_init(&m); 220+ if ((m = sshbuf_new()) == NULL)
211+ buffer_put_cstring(&m, role ? role : ""); 221+ fatal("%s: sshbuf_new failed", __func__);
222+ if ((r = sshbuf_put_cstring(m, role ? role : "")) != 0)
223+ fatal("%s: buffer error: %s", __func__, ssh_err(r));
212+ 224+
213+ mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUTHROLE, &m); 225+ mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUTHROLE, m);
214+ 226+
215+ buffer_free(&m); 227+ sshbuf_free(m);
216+} 228+}
217+ 229+
218 /* Do the password authentication */ 230 /* Do the password authentication */
219 int 231 int
220 mm_auth_password(struct ssh *ssh, char *password) 232 mm_auth_password(struct ssh *ssh, char *password)
221diff --git a/monitor_wrap.h b/monitor_wrap.h 233diff --git a/monitor_wrap.h b/monitor_wrap.h
222index 0970d1f87..492de5c85 100644 234index 7f93144ff..79e78cc90 100644
223--- a/monitor_wrap.h 235--- a/monitor_wrap.h
224+++ b/monitor_wrap.h 236+++ b/monitor_wrap.h
225@@ -43,7 +43,8 @@ int mm_is_monitor(void); 237@@ -43,7 +43,8 @@ int mm_is_monitor(void);
226 DH *mm_choose_dh(int, int, int); 238 DH *mm_choose_dh(int, int, int);
227 int mm_key_sign(struct sshkey *, u_char **, u_int *, const u_char *, u_int, 239 int mm_sshkey_sign(struct sshkey *, u_char **, size_t *, const u_char *, size_t,
228 const char *); 240 const char *, u_int compat);
229-void mm_inform_authserv(char *, char *); 241-void mm_inform_authserv(char *, char *);
230+void mm_inform_authserv(char *, char *, char *); 242+void mm_inform_authserv(char *, char *, char *);
231+void mm_inform_authrole(char *); 243+void mm_inform_authrole(char *);
@@ -233,23 +245,10 @@ index 0970d1f87..492de5c85 100644
233 char *mm_auth2_read_banner(void); 245 char *mm_auth2_read_banner(void);
234 int mm_auth_password(struct ssh *, char *); 246 int mm_auth_password(struct ssh *, char *);
235diff --git a/openbsd-compat/port-linux.c b/openbsd-compat/port-linux.c 247diff --git a/openbsd-compat/port-linux.c b/openbsd-compat/port-linux.c
236index 8c5325cc3..8a3e5c68d 100644 248index 8c5325cc3..9fdda664f 100644
237--- a/openbsd-compat/port-linux.c 249--- a/openbsd-compat/port-linux.c
238+++ b/openbsd-compat/port-linux.c 250+++ b/openbsd-compat/port-linux.c
239@@ -27,6 +27,12 @@ 251@@ -55,7 +55,7 @@ ssh_selinux_enabled(void)
240 #include <string.h>
241 #include <stdio.h>
242
243+#ifdef WITH_SELINUX
244+#include "key.h"
245+#include "hostfile.h"
246+#include "auth.h"
247+#endif
248+
249 #include "log.h"
250 #include "xmalloc.h"
251 #include "port-linux.h"
252@@ -55,7 +61,7 @@ ssh_selinux_enabled(void)
253 252
254 /* Return the default security context for the given username */ 253 /* Return the default security context for the given username */
255 static security_context_t 254 static security_context_t
@@ -258,7 +257,7 @@ index 8c5325cc3..8a3e5c68d 100644
258 { 257 {
259 security_context_t sc = NULL; 258 security_context_t sc = NULL;
260 char *sename = NULL, *lvl = NULL; 259 char *sename = NULL, *lvl = NULL;
261@@ -70,9 +76,16 @@ ssh_selinux_getctxbyname(char *pwname) 260@@ -70,9 +70,16 @@ ssh_selinux_getctxbyname(char *pwname)
262 #endif 261 #endif
263 262
264 #ifdef HAVE_GET_DEFAULT_CONTEXT_WITH_LEVEL 263 #ifdef HAVE_GET_DEFAULT_CONTEXT_WITH_LEVEL
@@ -277,7 +276,7 @@ index 8c5325cc3..8a3e5c68d 100644
277 #endif 276 #endif
278 277
279 if (r != 0) { 278 if (r != 0) {
280@@ -102,7 +115,7 @@ ssh_selinux_getctxbyname(char *pwname) 279@@ -102,7 +109,7 @@ ssh_selinux_getctxbyname(char *pwname)
281 280
282 /* Set the execution context to the default for the specified user */ 281 /* Set the execution context to the default for the specified user */
283 void 282 void
@@ -286,7 +285,7 @@ index 8c5325cc3..8a3e5c68d 100644
286 { 285 {
287 security_context_t user_ctx = NULL; 286 security_context_t user_ctx = NULL;
288 287
289@@ -111,7 +124,7 @@ ssh_selinux_setup_exec_context(char *pwname) 288@@ -111,7 +118,7 @@ ssh_selinux_setup_exec_context(char *pwname)
290 289
291 debug3("%s: setting execution context", __func__); 290 debug3("%s: setting execution context", __func__);
292 291
@@ -295,7 +294,7 @@ index 8c5325cc3..8a3e5c68d 100644
295 if (setexeccon(user_ctx) != 0) { 294 if (setexeccon(user_ctx) != 0) {
296 switch (security_getenforce()) { 295 switch (security_getenforce()) {
297 case -1: 296 case -1:
298@@ -133,7 +146,7 @@ ssh_selinux_setup_exec_context(char *pwname) 297@@ -133,7 +140,7 @@ ssh_selinux_setup_exec_context(char *pwname)
299 298
300 /* Set the TTY context for the specified user */ 299 /* Set the TTY context for the specified user */
301 void 300 void
@@ -304,7 +303,7 @@ index 8c5325cc3..8a3e5c68d 100644
304 { 303 {
305 security_context_t new_tty_ctx = NULL; 304 security_context_t new_tty_ctx = NULL;
306 security_context_t user_ctx = NULL; 305 security_context_t user_ctx = NULL;
307@@ -145,7 +158,7 @@ ssh_selinux_setup_pty(char *pwname, const char *tty) 306@@ -145,7 +152,7 @@ ssh_selinux_setup_pty(char *pwname, const char *tty)
308 307
309 debug3("%s: setting TTY context on %s", __func__, tty); 308 debug3("%s: setting TTY context on %s", __func__, tty);
310 309
@@ -329,10 +328,10 @@ index 3c22a854d..c88129428 100644
329 void ssh_selinux_setfscreatecon(const char *); 328 void ssh_selinux_setfscreatecon(const char *);
330 #endif 329 #endif
331diff --git a/platform.c b/platform.c 330diff --git a/platform.c b/platform.c
332index 18c7751de..380ee3a41 100644 331index 41acc9370..35654ea51 100644
333--- a/platform.c 332--- a/platform.c
334+++ b/platform.c 333+++ b/platform.c
335@@ -143,7 +143,7 @@ platform_setusercontext(struct passwd *pw) 334@@ -142,7 +142,7 @@ platform_setusercontext(struct passwd *pw)
336 * called if sshd is running as root. 335 * called if sshd is running as root.
337 */ 336 */
338 void 337 void
@@ -341,7 +340,7 @@ index 18c7751de..380ee3a41 100644
341 { 340 {
342 #if !defined(HAVE_LOGIN_CAP) && defined(USE_PAM) 341 #if !defined(HAVE_LOGIN_CAP) && defined(USE_PAM)
343 /* 342 /*
344@@ -184,7 +184,7 @@ platform_setusercontext_post_groups(struct passwd *pw) 343@@ -183,7 +183,7 @@ platform_setusercontext_post_groups(struct passwd *pw)
345 } 344 }
346 #endif /* HAVE_SETPCRED */ 345 #endif /* HAVE_SETPCRED */
347 #ifdef WITH_SELINUX 346 #ifdef WITH_SELINUX
@@ -364,19 +363,19 @@ index ea4f9c584..60d72ffe7 100644
364 char *platform_krb5_get_principal_name(const char *); 363 char *platform_krb5_get_principal_name(const char *);
365 int platform_sys_dir_uid(uid_t); 364 int platform_sys_dir_uid(uid_t);
366diff --git a/session.c b/session.c 365diff --git a/session.c b/session.c
367index 58826db16..ff301c983 100644 366index f2cf52006..d5d2e94b0 100644
368--- a/session.c 367--- a/session.c
369+++ b/session.c 368+++ b/session.c
370@@ -1322,7 +1322,7 @@ safely_chroot(const char *path, uid_t uid) 369@@ -1378,7 +1378,7 @@ safely_chroot(const char *path, uid_t uid)
371 370
372 /* Set login name, uid, gid, and groups. */ 371 /* Set login name, uid, gid, and groups. */
373 void 372 void
374-do_setusercontext(struct passwd *pw) 373-do_setusercontext(struct passwd *pw)
375+do_setusercontext(struct passwd *pw, const char *role) 374+do_setusercontext(struct passwd *pw, const char *role)
376 { 375 {
377 char *chroot_path, *tmp; 376 char uidstr[32], *chroot_path, *tmp;
378 377
379@@ -1350,7 +1350,7 @@ do_setusercontext(struct passwd *pw) 378@@ -1406,7 +1406,7 @@ do_setusercontext(struct passwd *pw)
380 endgrent(); 379 endgrent();
381 #endif 380 #endif
382 381
@@ -385,7 +384,7 @@ index 58826db16..ff301c983 100644
385 384
386 if (!in_chroot && options.chroot_directory != NULL && 385 if (!in_chroot && options.chroot_directory != NULL &&
387 strcasecmp(options.chroot_directory, "none") != 0) { 386 strcasecmp(options.chroot_directory, "none") != 0) {
388@@ -1487,7 +1487,7 @@ do_child(struct ssh *ssh, Session *s, const char *command) 387@@ -1545,7 +1545,7 @@ do_child(struct ssh *ssh, Session *s, const char *command)
389 388
390 /* Force a password change */ 389 /* Force a password change */
391 if (s->authctxt->force_pwchange) { 390 if (s->authctxt->force_pwchange) {
@@ -394,7 +393,7 @@ index 58826db16..ff301c983 100644
394 child_close_fds(ssh); 393 child_close_fds(ssh);
395 do_pwchange(s); 394 do_pwchange(s);
396 exit(1); 395 exit(1);
397@@ -1505,7 +1505,7 @@ do_child(struct ssh *ssh, Session *s, const char *command) 396@@ -1563,7 +1563,7 @@ do_child(struct ssh *ssh, Session *s, const char *command)
398 /* When PAM is enabled we rely on it to do the nologin check */ 397 /* When PAM is enabled we rely on it to do the nologin check */
399 if (!options.use_pam) 398 if (!options.use_pam)
400 do_nologin(pw); 399 do_nologin(pw);
@@ -403,8 +402,8 @@ index 58826db16..ff301c983 100644
403 /* 402 /*
404 * PAM session modules in do_setusercontext may have 403 * PAM session modules in do_setusercontext may have
405 * generated messages, so if this in an interactive 404 * generated messages, so if this in an interactive
406@@ -1897,7 +1897,7 @@ session_pty_req(struct ssh *ssh, Session *s) 405@@ -1953,7 +1953,7 @@ session_pty_req(struct ssh *ssh, Session *s)
407 tty_parse_modes(s->ttyfd, &n_bytes); 406 ssh_tty_parse_modes(ssh, s->ttyfd);
408 407
409 if (!use_privsep) 408 if (!use_privsep)
410- pty_setowner(s->pw, s->tty); 409- pty_setowner(s->pw, s->tty);
@@ -426,10 +425,10 @@ index 54dd1f0ca..8535ebcef 100644
426 const char *session_get_remote_name_or_ip(struct ssh *, u_int, int); 425 const char *session_get_remote_name_or_ip(struct ssh *, u_int, int);
427 426
428diff --git a/sshd.c b/sshd.c 427diff --git a/sshd.c b/sshd.c
429index 4ed0364f2..6d911c19a 100644 428index 71c360da0..92d15c82d 100644
430--- a/sshd.c 429--- a/sshd.c
431+++ b/sshd.c 430+++ b/sshd.c
432@@ -679,7 +679,7 @@ privsep_postauth(Authctxt *authctxt) 431@@ -684,7 +684,7 @@ privsep_postauth(Authctxt *authctxt)
433 reseed_prngs(); 432 reseed_prngs();
434 433
435 /* Drop privileges */ 434 /* Drop privileges */
diff --git a/debian/patches/series b/debian/patches/series
index e1eb16773..1f82bea11 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -22,7 +22,4 @@ systemd-readiness.patch
22debian-config.patch 22debian-config.patch
23restore-authorized_keys2.patch 23restore-authorized_keys2.patch
24seccomp-s390-flock-ipc.patch 24seccomp-s390-flock-ipc.patch
25seccomp-getuid-geteuid.patch
26seccomp-s390-ioctl-ep11-crypto.patch 25seccomp-s390-ioctl-ep11-crypto.patch
27upstream-relax-checking-of-authorized_keys-environme.patch
28upstream-delay-bailout-for-invalid-authenticating-user.patch
diff --git a/debian/patches/shell-path.patch b/debian/patches/shell-path.patch
index 92fc0026a..7e91b9b14 100644
--- a/debian/patches/shell-path.patch
+++ b/debian/patches/shell-path.patch
@@ -1,4 +1,4 @@
1From 72fead7f622b074c9b92dbdb8ae745faf2702b3d Mon Sep 17 00:00:00 2001 1From 0e7d3495f758a4ecccc14eda31845ea0efc89251 Mon Sep 17 00:00:00 2001
2From: Colin Watson <cjwatson@debian.org> 2From: Colin Watson <cjwatson@debian.org>
3Date: Sun, 9 Feb 2014 16:10:00 +0000 3Date: Sun, 9 Feb 2014 16:10:00 +0000
4Subject: Look for $SHELL on the path for ProxyCommand/LocalCommand 4Subject: Look for $SHELL on the path for ProxyCommand/LocalCommand
@@ -16,10 +16,10 @@ Patch-Name: shell-path.patch
16 1 file changed, 2 insertions(+), 2 deletions(-) 16 1 file changed, 2 insertions(+), 2 deletions(-)
17 17
18diff --git a/sshconnect.c b/sshconnect.c 18diff --git a/sshconnect.c b/sshconnect.c
19index 3805d35d9..8ab01c0ef 100644 19index 78813c164..a2efe6d15 100644
20--- a/sshconnect.c 20--- a/sshconnect.c
21+++ b/sshconnect.c 21+++ b/sshconnect.c
22@@ -239,7 +239,7 @@ ssh_proxy_connect(struct ssh *ssh, const char *host, u_short port, 22@@ -229,7 +229,7 @@ ssh_proxy_connect(struct ssh *ssh, const char *host, u_short port,
23 /* Execute the proxy command. Note that we gave up any 23 /* Execute the proxy command. Note that we gave up any
24 extra privileges above. */ 24 extra privileges above. */
25 signal(SIGPIPE, SIG_DFL); 25 signal(SIGPIPE, SIG_DFL);
@@ -28,7 +28,7 @@ index 3805d35d9..8ab01c0ef 100644
28 perror(argv[0]); 28 perror(argv[0]);
29 exit(1); 29 exit(1);
30 } 30 }
31@@ -1554,7 +1554,7 @@ ssh_local_cmd(const char *args) 31@@ -1525,7 +1525,7 @@ ssh_local_cmd(const char *args)
32 if (pid == 0) { 32 if (pid == 0) {
33 signal(SIGPIPE, SIG_DFL); 33 signal(SIGPIPE, SIG_DFL);
34 debug3("Executing %s -c \"%s\"", shell, args); 34 debug3("Executing %s -c \"%s\"", shell, args);
diff --git a/debian/patches/ssh-agent-setgid.patch b/debian/patches/ssh-agent-setgid.patch
index add4d5115..ae29c2afb 100644
--- a/debian/patches/ssh-agent-setgid.patch
+++ b/debian/patches/ssh-agent-setgid.patch
@@ -1,4 +1,4 @@
1From 9155e0368189860345a5f4b52a756266704447af Mon Sep 17 00:00:00 2001 1From 67414e1884f4ac0eb391988b932af2dd9b2ab5ae Mon Sep 17 00:00:00 2001
2From: Colin Watson <cjwatson@debian.org> 2From: Colin Watson <cjwatson@debian.org>
3Date: Sun, 9 Feb 2014 16:10:13 +0000 3Date: Sun, 9 Feb 2014 16:10:13 +0000
4Subject: Document consequences of ssh-agent being setgid in ssh-agent(1) 4Subject: Document consequences of ssh-agent being setgid in ssh-agent(1)
diff --git a/debian/patches/ssh-argv0.patch b/debian/patches/ssh-argv0.patch
index eb830e4cb..5f9e9bbc8 100644
--- a/debian/patches/ssh-argv0.patch
+++ b/debian/patches/ssh-argv0.patch
@@ -1,4 +1,4 @@
1From 77113aa5aacb35d773268411edbe3bca4255703d Mon Sep 17 00:00:00 2001 1From 0d0221146dc61545ca1dba099f669d5d6a37504e Mon Sep 17 00:00:00 2001
2From: Colin Watson <cjwatson@debian.org> 2From: Colin Watson <cjwatson@debian.org>
3Date: Sun, 9 Feb 2014 16:10:10 +0000 3Date: Sun, 9 Feb 2014 16:10:10 +0000
4Subject: ssh(1): Refer to ssh-argv0(1) 4Subject: ssh(1): Refer to ssh-argv0(1)
@@ -18,10 +18,10 @@ Patch-Name: ssh-argv0.patch
18 1 file changed, 1 insertion(+) 18 1 file changed, 1 insertion(+)
19 19
20diff --git a/ssh.1 b/ssh.1 20diff --git a/ssh.1 b/ssh.1
21index 54e21d88a..f8fc26d2a 100644 21index d41426781..0a8e63f51 100644
22--- a/ssh.1 22--- a/ssh.1
23+++ b/ssh.1 23+++ b/ssh.1
24@@ -1571,6 +1571,7 @@ if an error occurred. 24@@ -1575,6 +1575,7 @@ if an error occurred.
25 .Xr sftp 1 , 25 .Xr sftp 1 ,
26 .Xr ssh-add 1 , 26 .Xr ssh-add 1 ,
27 .Xr ssh-agent 1 , 27 .Xr ssh-agent 1 ,
diff --git a/debian/patches/ssh-vulnkey-compat.patch b/debian/patches/ssh-vulnkey-compat.patch
index 4d6f3e151..da0f358d8 100644
--- a/debian/patches/ssh-vulnkey-compat.patch
+++ b/debian/patches/ssh-vulnkey-compat.patch
@@ -1,4 +1,4 @@
1From 4fb99d4eb8936b6ffae3749717abfc2dccbaa162 Mon Sep 17 00:00:00 2001 1From 80ef33d2e2559a2fcb71940f0ef0de18f426dab4 Mon Sep 17 00:00:00 2001
2From: Colin Watson <cjwatson@ubuntu.com> 2From: Colin Watson <cjwatson@ubuntu.com>
3Date: Sun, 9 Feb 2014 16:09:50 +0000 3Date: Sun, 9 Feb 2014 16:09:50 +0000
4Subject: Accept obsolete ssh-vulnkey configuration options 4Subject: Accept obsolete ssh-vulnkey configuration options
@@ -17,10 +17,10 @@ Patch-Name: ssh-vulnkey-compat.patch
17 2 files changed, 2 insertions(+) 17 2 files changed, 2 insertions(+)
18 18
19diff --git a/readconf.c b/readconf.c 19diff --git a/readconf.c b/readconf.c
20index c8e792991..1f1be7789 100644 20index 4ad3c75fe..6e26ba32d 100644
21--- a/readconf.c 21--- a/readconf.c
22+++ b/readconf.c 22+++ b/readconf.c
23@@ -189,6 +189,7 @@ static struct { 23@@ -190,6 +190,7 @@ static struct {
24 { "fallbacktorsh", oDeprecated }, 24 { "fallbacktorsh", oDeprecated },
25 { "globalknownhostsfile2", oDeprecated }, 25 { "globalknownhostsfile2", oDeprecated },
26 { "rhostsauthentication", oDeprecated }, 26 { "rhostsauthentication", oDeprecated },
@@ -29,10 +29,10 @@ index c8e792991..1f1be7789 100644
29 { "useroaming", oDeprecated }, 29 { "useroaming", oDeprecated },
30 { "usersh", oDeprecated }, 30 { "usersh", oDeprecated },
31diff --git a/servconf.c b/servconf.c 31diff --git a/servconf.c b/servconf.c
32index cbbea05bf..3fff3d531 100644 32index e1ae07fb7..e49984a81 100644
33--- a/servconf.c 33--- a/servconf.c
34+++ b/servconf.c 34+++ b/servconf.c
35@@ -576,6 +576,7 @@ static struct { 35@@ -596,6 +596,7 @@ static struct {
36 { "x11uselocalhost", sX11UseLocalhost, SSHCFG_ALL }, 36 { "x11uselocalhost", sX11UseLocalhost, SSHCFG_ALL },
37 { "xauthlocation", sXAuthLocation, SSHCFG_GLOBAL }, 37 { "xauthlocation", sXAuthLocation, SSHCFG_GLOBAL },
38 { "strictmodes", sStrictModes, SSHCFG_GLOBAL }, 38 { "strictmodes", sStrictModes, SSHCFG_GLOBAL },
diff --git a/debian/patches/syslog-level-silent.patch b/debian/patches/syslog-level-silent.patch
index 1b41b0801..1610d40d1 100644
--- a/debian/patches/syslog-level-silent.patch
+++ b/debian/patches/syslog-level-silent.patch
@@ -1,4 +1,4 @@
1From 027619c6b05713e3f08a51e7232389383900e5d8 Mon Sep 17 00:00:00 2001 1From d47fa6fefb418c6d8f5a6d3dd49fd9dc7fce0c74 Mon Sep 17 00:00:00 2001
2From: Jonathan David Amery <jdamery@ysolde.ucam.org> 2From: Jonathan David Amery <jdamery@ysolde.ucam.org>
3Date: Sun, 9 Feb 2014 16:09:54 +0000 3Date: Sun, 9 Feb 2014 16:09:54 +0000
4Subject: "LogLevel SILENT" compatibility 4Subject: "LogLevel SILENT" compatibility
@@ -21,7 +21,7 @@ Patch-Name: syslog-level-silent.patch
21 2 files changed, 2 insertions(+), 1 deletion(-) 21 2 files changed, 2 insertions(+), 1 deletion(-)
22 22
23diff --git a/log.c b/log.c 23diff --git a/log.c b/log.c
24index 99450dd12..1559091da 100644 24index d9c2d136c..1749af6d1 100644
25--- a/log.c 25--- a/log.c
26+++ b/log.c 26+++ b/log.c
27@@ -93,6 +93,7 @@ static struct { 27@@ -93,6 +93,7 @@ static struct {
@@ -33,7 +33,7 @@ index 99450dd12..1559091da 100644
33 { "FATAL", SYSLOG_LEVEL_FATAL }, 33 { "FATAL", SYSLOG_LEVEL_FATAL },
34 { "ERROR", SYSLOG_LEVEL_ERROR }, 34 { "ERROR", SYSLOG_LEVEL_ERROR },
35diff --git a/ssh.c b/ssh.c 35diff --git a/ssh.c b/ssh.c
36index d3619fe29..e36debf6a 100644 36index ce628848c..6ee0f8c68 100644
37--- a/ssh.c 37--- a/ssh.c
38+++ b/ssh.c 38+++ b/ssh.c
39@@ -1252,7 +1252,7 @@ main(int ac, char **av) 39@@ -1252,7 +1252,7 @@ main(int ac, char **av)
diff --git a/debian/patches/systemd-readiness.patch b/debian/patches/systemd-readiness.patch
index 982085c4c..95753542e 100644
--- a/debian/patches/systemd-readiness.patch
+++ b/debian/patches/systemd-readiness.patch
@@ -1,4 +1,4 @@
1From 4acdde3e5b206718774fa162763058155fe572bf Mon Sep 17 00:00:00 2001 1From ba2be368348f9f411377f494e209faedf53903de Mon Sep 17 00:00:00 2001
2From: Michael Biebl <biebl@debian.org> 2From: Michael Biebl <biebl@debian.org>
3Date: Mon, 21 Dec 2015 16:08:47 +0000 3Date: Mon, 21 Dec 2015 16:08:47 +0000
4Subject: Add systemd readiness notification support 4Subject: Add systemd readiness notification support
@@ -14,10 +14,10 @@ Patch-Name: systemd-readiness.patch
14 2 files changed, 33 insertions(+) 14 2 files changed, 33 insertions(+)
15 15
16diff --git a/configure.ac b/configure.ac 16diff --git a/configure.ac b/configure.ac
17index 3e23e60d6..eac143b4d 100644 17index ebc10f51e..dab138640 100644
18--- a/configure.ac 18--- a/configure.ac
19+++ b/configure.ac 19+++ b/configure.ac
20@@ -4496,6 +4496,29 @@ AC_ARG_WITH([kerberos5], 20@@ -4458,6 +4458,29 @@ AC_ARG_WITH([kerberos5],
21 AC_SUBST([GSSLIBS]) 21 AC_SUBST([GSSLIBS])
22 AC_SUBST([K5LIBS]) 22 AC_SUBST([K5LIBS])
23 23
@@ -47,7 +47,7 @@ index 3e23e60d6..eac143b4d 100644
47 # Looking for programs, paths and files 47 # Looking for programs, paths and files
48 48
49 PRIVSEP_PATH=/var/empty 49 PRIVSEP_PATH=/var/empty
50@@ -5303,6 +5326,7 @@ echo " libldns support: $LDNS_MSG" 50@@ -5264,6 +5287,7 @@ echo " libldns support: $LDNS_MSG"
51 echo " Solaris process contract support: $SPC_MSG" 51 echo " Solaris process contract support: $SPC_MSG"
52 echo " Solaris project support: $SP_MSG" 52 echo " Solaris project support: $SP_MSG"
53 echo " Solaris privilege support: $SPP_MSG" 53 echo " Solaris privilege support: $SPP_MSG"
@@ -56,7 +56,7 @@ index 3e23e60d6..eac143b4d 100644
56 echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG" 56 echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
57 echo " BSD Auth support: $BSD_AUTH_MSG" 57 echo " BSD Auth support: $BSD_AUTH_MSG"
58diff --git a/sshd.c b/sshd.c 58diff --git a/sshd.c b/sshd.c
59index 1d645a170..3a86e66e7 100644 59index 698593605..7ff109175 100644
60--- a/sshd.c 60--- a/sshd.c
61+++ b/sshd.c 61+++ b/sshd.c
62@@ -85,6 +85,10 @@ 62@@ -85,6 +85,10 @@
@@ -70,7 +70,7 @@ index 1d645a170..3a86e66e7 100644
70 #include "xmalloc.h" 70 #include "xmalloc.h"
71 #include "ssh.h" 71 #include "ssh.h"
72 #include "ssh2.h" 72 #include "ssh2.h"
73@@ -1933,6 +1937,11 @@ main(int ac, char **av) 73@@ -1991,6 +1995,11 @@ main(int ac, char **av)
74 } 74 }
75 } 75 }
76 76
diff --git a/debian/patches/upstream-delay-bailout-for-invalid-authenticating-user.patch b/debian/patches/upstream-delay-bailout-for-invalid-authenticating-user.patch
deleted file mode 100644
index 737a9f48d..000000000
--- a/debian/patches/upstream-delay-bailout-for-invalid-authenticating-user.patch
+++ /dev/null
@@ -1,153 +0,0 @@
1From c4ca1497658e0508e8595ad74978c07bc92a18e3 Mon Sep 17 00:00:00 2001
2From: "djm@openbsd.org" <djm@openbsd.org>
3Date: Tue, 31 Jul 2018 03:10:27 +0000
4Subject: upstream: delay bailout for invalid authenticating user
5MIME-Version: 1.0
6Content-Type: text/plain; charset=UTF-8
7Content-Transfer-Encoding: 8bit
8
9... until after the packet containing the request has been fully parsed.
10Reported by Dariusz Tytko and Michał Sajdak; ok deraadt
11
12OpenBSD-Commit-ID: b4891882fbe413f230fe8ac8a37349b03bd0b70d
13
14Origin: backport, http://anongit.mindrot.org/openssh.git/commit/?id=74287f5df9966a0648b4a68417451dd18f079ab8
15Bug-Debian: https://bugs.debian.org/906236
16Last-Update: 2018-08-17
17
18Patch-Name: upstream-delay-bailout-for-invalid-authenticating-user.patch
19---
20 auth2-gss.c | 9 ++++++---
21 auth2-hostbased.c | 9 +++++----
22 auth2-pubkey.c | 23 ++++++++++++++---------
23 3 files changed, 25 insertions(+), 16 deletions(-)
24
25diff --git a/auth2-gss.c b/auth2-gss.c
26index fd411d3a7..88bc3ae7b 100644
27--- a/auth2-gss.c
28+++ b/auth2-gss.c
29@@ -104,9 +104,6 @@ userauth_gssapi(struct ssh *ssh)
30 u_int len;
31 u_char *doid = NULL;
32
33- if (!authctxt->valid || authctxt->user == NULL)
34- return (0);
35-
36 mechs = packet_get_int();
37 if (mechs == 0) {
38 debug("Mechanism negotiation is not supported");
39@@ -137,6 +134,12 @@ userauth_gssapi(struct ssh *ssh)
40 return (0);
41 }
42
43+ if (!authctxt->valid || authctxt->user == NULL) {
44+ debug2("%s: disabled because of invalid user", __func__);
45+ free(doid);
46+ return (0);
47+ }
48+
49 if (GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&ctxt, &goid)))) {
50 if (ctxt != NULL)
51 ssh_gssapi_delete_ctx(&ctxt);
52diff --git a/auth2-hostbased.c b/auth2-hostbased.c
53index 8996f7e05..82a7dcdae 100644
54--- a/auth2-hostbased.c
55+++ b/auth2-hostbased.c
56@@ -67,10 +67,6 @@ userauth_hostbased(struct ssh *ssh)
57 size_t alen, blen, slen;
58 int r, pktype, authenticated = 0;
59
60- if (!authctxt->valid) {
61- debug2("%s: disabled because of invalid user", __func__);
62- return 0;
63- }
64 /* XXX use sshkey_froms() */
65 if ((r = sshpkt_get_cstring(ssh, &pkalg, &alen)) != 0 ||
66 (r = sshpkt_get_string(ssh, &pkblob, &blen)) != 0 ||
67@@ -118,6 +114,11 @@ userauth_hostbased(struct ssh *ssh)
68 goto done;
69 }
70
71+ if (!authctxt->valid || authctxt->user == NULL) {
72+ debug2("%s: disabled because of invalid user", __func__);
73+ goto done;
74+ }
75+
76 if ((b = sshbuf_new()) == NULL)
77 fatal("%s: sshbuf_new failed", __func__);
78 /* reconstruct packet */
79diff --git a/auth2-pubkey.c b/auth2-pubkey.c
80index 8024b1d6a..a9272b97f 100644
81--- a/auth2-pubkey.c
82+++ b/auth2-pubkey.c
83@@ -89,19 +89,15 @@ userauth_pubkey(struct ssh *ssh)
84 {
85 Authctxt *authctxt = ssh->authctxt;
86 struct passwd *pw = authctxt->pw;
87- struct sshbuf *b;
88+ struct sshbuf *b = NULL;
89 struct sshkey *key = NULL;
90- char *pkalg, *userstyle = NULL, *key_s = NULL, *ca_s = NULL;
91- u_char *pkblob, *sig, have_sig;
92+ char *pkalg = NULL, *userstyle = NULL, *key_s = NULL, *ca_s = NULL;
93+ u_char *pkblob = NULL, *sig = NULL, have_sig;
94 size_t blen, slen;
95 int r, pktype;
96 int authenticated = 0;
97 struct sshauthopt *authopts = NULL;
98
99- if (!authctxt->valid) {
100- debug2("%s: disabled because of invalid user", __func__);
101- return 0;
102- }
103 if ((r = sshpkt_get_u8(ssh, &have_sig)) != 0 ||
104 (r = sshpkt_get_cstring(ssh, &pkalg, NULL)) != 0 ||
105 (r = sshpkt_get_string(ssh, &pkblob, &blen)) != 0)
106@@ -168,6 +164,11 @@ userauth_pubkey(struct ssh *ssh)
107 fatal("%s: sshbuf_put_string session id: %s",
108 __func__, ssh_err(r));
109 }
110+ if (!authctxt->valid || authctxt->user == NULL) {
111+ debug2("%s: disabled because of invalid user",
112+ __func__);
113+ goto done;
114+ }
115 /* reconstruct packet */
116 xasprintf(&userstyle, "%s%s%s", authctxt->user,
117 authctxt->style ? ":" : "",
118@@ -184,7 +185,6 @@ userauth_pubkey(struct ssh *ssh)
119 #ifdef DEBUG_PK
120 sshbuf_dump(b, stderr);
121 #endif
122-
123 /* test for correct signature */
124 authenticated = 0;
125 if (PRIVSEP(user_key_allowed(ssh, pw, key, 1, &authopts)) &&
126@@ -193,7 +193,6 @@ userauth_pubkey(struct ssh *ssh)
127 authenticated = 1;
128 }
129 sshbuf_free(b);
130- free(sig);
131 auth2_record_key(authctxt, authenticated, key);
132 } else {
133 debug("%s: test pkalg %s pkblob %s%s%s",
134@@ -204,6 +203,11 @@ userauth_pubkey(struct ssh *ssh)
135 if ((r = sshpkt_get_end(ssh)) != 0)
136 fatal("%s: %s", __func__, ssh_err(r));
137
138+ if (!authctxt->valid || authctxt->user == NULL) {
139+ debug2("%s: disabled because of invalid user",
140+ __func__);
141+ goto done;
142+ }
143 /* XXX fake reply and always send PK_OK ? */
144 /*
145 * XXX this allows testing whether a user is allowed
146@@ -237,6 +241,7 @@ done:
147 free(pkblob);
148 free(key_s);
149 free(ca_s);
150+ free(sig);
151 return authenticated;
152 }
153
diff --git a/debian/patches/upstream-relax-checking-of-authorized_keys-environme.patch b/debian/patches/upstream-relax-checking-of-authorized_keys-environme.patch
deleted file mode 100644
index 251b9a3ca..000000000
--- a/debian/patches/upstream-relax-checking-of-authorized_keys-environme.patch
+++ /dev/null
@@ -1,40 +0,0 @@
1From 60256f28189c3d0650a78e737eb0ca4753478a4b Mon Sep 17 00:00:00 2001
2From: "djm@openbsd.org" <djm@openbsd.org>
3Date: Fri, 6 Apr 2018 04:15:45 +0000
4Subject: upstream: relax checking of authorized_keys environment="..."
5
6options to allow underscores in variable names (regression introduced in
77.7). bz2851, ok deraadt@
8
9OpenBSD-Commit-ID: 69690ffe0c97ff393f2c76d25b4b3d2ed4e4ac9c
10
11Original-Author: Damien Miller <djm@mindrot.org>
12Origin: backport, http://anongit.mindrot.org/openssh.git/commit/?id=40f5f03544a07ebd2003b443d42e85cb51d94d59
13Bug-Ubuntu: https://bugs.launchpad.net/bugs/1771011
14Last-Update: 2018-06-28
15Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
16
17Patch-Name: upstream-relax-checking-of-authorized_keys-environme.patch
18---
19 auth-options.c | 4 ++--
20 1 file changed, 2 insertions(+), 2 deletions(-)
21
22diff --git a/auth-options.c b/auth-options.c
23index b528c197a..ef57ebf43 100644
24--- a/auth-options.c
25+++ b/auth-options.c
26@@ -1,4 +1,4 @@
27-/* $OpenBSD: auth-options.c,v 1.78 2018/03/14 05:35:40 djm Exp $ */
28+/* $OpenBSD: auth-options.c,v 1.79 2018/04/06 04:15:45 djm Exp $ */
29 /*
30 * Copyright (c) 2018 Damien Miller <djm@mindrot.org>
31 *
32@@ -394,7 +394,7 @@ sshauthopt_parse(const char *opts, const char **errstrp)
33 goto fail;
34 }
35 for (cp = opt; cp < tmp; cp++) {
36- if (!isalnum((u_char)*cp)) {
37+ if (!isalnum((u_char)*cp) && *cp != '_') {
38 free(opt);
39 errstr = "invalid environment string";
40 goto fail;
diff --git a/debian/patches/user-group-modes.patch b/debian/patches/user-group-modes.patch
index 712620843..cc9cbacad 100644
--- a/debian/patches/user-group-modes.patch
+++ b/debian/patches/user-group-modes.patch
@@ -1,4 +1,4 @@
1From 9e45701c5d6105444cc2f4f5d6c44b0f69969479 Mon Sep 17 00:00:00 2001 1From 840f43066f9cdf5f6bb07992aca1c5f43be8eb80 Mon Sep 17 00:00:00 2001
2From: Colin Watson <cjwatson@debian.org> 2From: Colin Watson <cjwatson@debian.org>
3Date: Sun, 9 Feb 2014 16:09:58 +0000 3Date: Sun, 9 Feb 2014 16:09:58 +0000
4Subject: Allow harmless group-writability 4Subject: Allow harmless group-writability
@@ -27,7 +27,7 @@ Patch-Name: user-group-modes.patch
27 7 files changed, 63 insertions(+), 13 deletions(-) 27 7 files changed, 63 insertions(+), 13 deletions(-)
28 28
29diff --git a/auth-rhosts.c b/auth-rhosts.c 29diff --git a/auth-rhosts.c b/auth-rhosts.c
30index ecf956f06..4dccd5e6a 100644 30index 57296e1f6..546aa0495 100644
31--- a/auth-rhosts.c 31--- a/auth-rhosts.c
32+++ b/auth-rhosts.c 32+++ b/auth-rhosts.c
33@@ -261,8 +261,7 @@ auth_rhosts2(struct passwd *pw, const char *client_user, const char *hostname, 33@@ -261,8 +261,7 @@ auth_rhosts2(struct passwd *pw, const char *client_user, const char *hostname,
@@ -51,10 +51,10 @@ index ecf956f06..4dccd5e6a 100644
51 pw->pw_name, buf); 51 pw->pw_name, buf);
52 auth_debug_add("Bad file modes for %.200s", buf); 52 auth_debug_add("Bad file modes for %.200s", buf);
53diff --git a/auth.c b/auth.c 53diff --git a/auth.c b/auth.c
54index 76d586e31..68b9fe795 100644 54index 80eb78c48..ad25631a5 100644
55--- a/auth.c 55--- a/auth.c
56+++ b/auth.c 56+++ b/auth.c
57@@ -468,8 +468,7 @@ check_key_in_hostfiles(struct passwd *pw, struct sshkey *key, const char *host, 57@@ -469,8 +469,7 @@ check_key_in_hostfiles(struct passwd *pw, struct sshkey *key, const char *host,
58 user_hostfile = tilde_expand_filename(userfile, pw->pw_uid); 58 user_hostfile = tilde_expand_filename(userfile, pw->pw_uid);
59 if (options.strict_modes && 59 if (options.strict_modes &&
60 (stat(user_hostfile, &st) == 0) && 60 (stat(user_hostfile, &st) == 0) &&
@@ -65,7 +65,7 @@ index 76d586e31..68b9fe795 100644
65 "bad owner or modes for %.200s", 65 "bad owner or modes for %.200s",
66 pw->pw_name, user_hostfile); 66 pw->pw_name, user_hostfile);
67diff --git a/misc.c b/misc.c 67diff --git a/misc.c b/misc.c
68index 874dcc8a2..75c4113f0 100644 68index ae4d29b84..2f3dbda0c 100644
69--- a/misc.c 69--- a/misc.c
70+++ b/misc.c 70+++ b/misc.c
71@@ -57,8 +57,9 @@ 71@@ -57,8 +57,9 @@
@@ -79,8 +79,8 @@ index 874dcc8a2..75c4113f0 100644
79 #ifdef SSH_TUN_OPENBSD 79 #ifdef SSH_TUN_OPENBSD
80 #include <net/if.h> 80 #include <net/if.h>
81 #endif 81 #endif
82@@ -1030,6 +1031,55 @@ read_keyfile_line(FILE *f, const char *filename, char *buf, size_t bufsz, 82@@ -1024,6 +1025,55 @@ percent_expand(const char *string, ...)
83 return -1; 83 #undef EXPAND_MAX_KEYS
84 } 84 }
85 85
86+int 86+int
@@ -135,7 +135,7 @@ index 874dcc8a2..75c4113f0 100644
135 int 135 int
136 tun_open(int tun, int mode, char **ifname) 136 tun_open(int tun, int mode, char **ifname)
137 { 137 {
138@@ -1797,8 +1847,7 @@ safe_path(const char *name, struct stat *stp, const char *pw_dir, 138@@ -1782,8 +1832,7 @@ safe_path(const char *name, struct stat *stp, const char *pw_dir,
139 snprintf(err, errlen, "%s is not a regular file", buf); 139 snprintf(err, errlen, "%s is not a regular file", buf);
140 return -1; 140 return -1;
141 } 141 }
@@ -145,7 +145,7 @@ index 874dcc8a2..75c4113f0 100644
145 snprintf(err, errlen, "bad ownership or modes for file %s", 145 snprintf(err, errlen, "bad ownership or modes for file %s",
146 buf); 146 buf);
147 return -1; 147 return -1;
148@@ -1813,8 +1862,7 @@ safe_path(const char *name, struct stat *stp, const char *pw_dir, 148@@ -1798,8 +1847,7 @@ safe_path(const char *name, struct stat *stp, const char *pw_dir,
149 strlcpy(buf, cp, sizeof(buf)); 149 strlcpy(buf, cp, sizeof(buf));
150 150
151 if (stat(buf, &st) < 0 || 151 if (stat(buf, &st) < 0 ||
@@ -156,12 +156,12 @@ index 874dcc8a2..75c4113f0 100644
156 "bad ownership or modes for directory %s", buf); 156 "bad ownership or modes for directory %s", buf);
157 return -1; 157 return -1;
158diff --git a/misc.h b/misc.h 158diff --git a/misc.h b/misc.h
159index cdafea735..51943db90 100644 159index 6be289fd2..213c3abb7 100644
160--- a/misc.h 160--- a/misc.h
161+++ b/misc.h 161+++ b/misc.h
162@@ -168,6 +168,8 @@ char *read_passphrase(const char *, int); 162@@ -167,6 +167,8 @@ int safe_path_fd(int, const char *, struct passwd *,
163 char *read_passphrase(const char *, int);
163 int ask_permission(const char *, ...) __attribute__((format(printf, 1, 2))); 164 int ask_permission(const char *, ...) __attribute__((format(printf, 1, 2)));
164 int read_keyfile_line(FILE *, const char *, char *, size_t, u_long *);
165 165
166+int secure_permissions(struct stat *st, uid_t uid); 166+int secure_permissions(struct stat *st, uid_t uid);
167+ 167+
@@ -169,10 +169,10 @@ index cdafea735..51943db90 100644
169 #define MAXIMUM(a, b) (((a) > (b)) ? (a) : (b)) 169 #define MAXIMUM(a, b) (((a) > (b)) ? (a) : (b))
170 #define ROUNDUP(x, y) ((((x)+((y)-1))/(y))*(y)) 170 #define ROUNDUP(x, y) ((((x)+((y)-1))/(y))*(y))
171diff --git a/readconf.c b/readconf.c 171diff --git a/readconf.c b/readconf.c
172index 7f2b5c172..50349e238 100644 172index 3fd0fe7b7..3ed6dfb54 100644
173--- a/readconf.c 173--- a/readconf.c
174+++ b/readconf.c 174+++ b/readconf.c
175@@ -1741,8 +1741,7 @@ read_config_file_depth(const char *filename, struct passwd *pw, 175@@ -1795,8 +1795,7 @@ read_config_file_depth(const char *filename, struct passwd *pw,
176 176
177 if (fstat(fileno(f), &sb) == -1) 177 if (fstat(fileno(f), &sb) == -1)
178 fatal("fstat %s: %s", filename, strerror(errno)); 178 fatal("fstat %s: %s", filename, strerror(errno));
@@ -183,10 +183,10 @@ index 7f2b5c172..50349e238 100644
183 } 183 }
184 184
185diff --git a/ssh.1 b/ssh.1 185diff --git a/ssh.1 b/ssh.1
186index b4078525b..0ef7c1709 100644 186index b20908a5e..cb0fdd50e 100644
187--- a/ssh.1 187--- a/ssh.1
188+++ b/ssh.1 188+++ b/ssh.1
189@@ -1471,6 +1471,8 @@ The file format and configuration options are described in 189@@ -1475,6 +1475,8 @@ The file format and configuration options are described in
190 .Xr ssh_config 5 . 190 .Xr ssh_config 5 .
191 Because of the potential for abuse, this file must have strict permissions: 191 Because of the potential for abuse, this file must have strict permissions:
192 read/write for the user, and not writable by others. 192 read/write for the user, and not writable by others.
@@ -196,10 +196,10 @@ index b4078525b..0ef7c1709 100644
196 .It Pa ~/.ssh/environment 196 .It Pa ~/.ssh/environment
197 Contains additional definitions for environment variables; see 197 Contains additional definitions for environment variables; see
198diff --git a/ssh_config.5 b/ssh_config.5 198diff --git a/ssh_config.5 b/ssh_config.5
199index 32c3632c7..84dcd52cc 100644 199index 86ada128e..03341a229 100644
200--- a/ssh_config.5 200--- a/ssh_config.5
201+++ b/ssh_config.5 201+++ b/ssh_config.5
202@@ -1818,6 +1818,8 @@ The format of this file is described above. 202@@ -1813,6 +1813,8 @@ The format of this file is described above.
203 This file is used by the SSH client. 203 This file is used by the SSH client.
204 Because of the potential for abuse, this file must have strict permissions: 204 Because of the potential for abuse, this file must have strict permissions:
205 read/write for the user, and not accessible by others. 205 read/write for the user, and not accessible by others.
diff --git a/defines.h b/defines.h
index 3fa5ec5a9..8f4213062 100644
--- a/defines.h
+++ b/defines.h
@@ -660,12 +660,6 @@ struct winsize {
660# define krb5_get_err_text(context,code) error_message(code) 660# define krb5_get_err_text(context,code) error_message(code)
661#endif 661#endif
662 662
663#if defined(SKEYCHALLENGE_4ARG)
664# define _compat_skeychallenge(a,b,c,d) skeychallenge(a,b,c,d)
665#else
666# define _compat_skeychallenge(a,b,c,d) skeychallenge(a,b,c)
667#endif
668
669/* Maximum number of file descriptors available */ 663/* Maximum number of file descriptors available */
670#ifdef HAVE_SYSCONF 664#ifdef HAVE_SYSCONF
671# define SSH_SYSFDMAX sysconf(_SC_OPEN_MAX) 665# define SSH_SYSFDMAX sysconf(_SC_OPEN_MAX)
diff --git a/dh.c b/dh.c
index 46afba033..ac8d5a0ae 100644
--- a/dh.c
+++ b/dh.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: dh.c,v 1.63 2018/02/07 02:06:50 jsing Exp $ */ 1/* $OpenBSD: dh.c,v 1.66 2018/08/04 00:55:06 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2000 Niels Provos. All rights reserved. 3 * Copyright (c) 2000 Niels Provos. All rights reserved.
4 * 4 *
@@ -145,9 +145,9 @@ DH *
145choose_dh(int min, int wantbits, int max) 145choose_dh(int min, int wantbits, int max)
146{ 146{
147 FILE *f; 147 FILE *f;
148 char line[4096]; 148 char *line = NULL;
149 int best, bestcount, which; 149 size_t linesize = 0;
150 int linenum; 150 int best, bestcount, which, linenum;
151 struct dhgroup dhg; 151 struct dhgroup dhg;
152 152
153 if ((f = fopen(_PATH_DH_MODULI, "r")) == NULL) { 153 if ((f = fopen(_PATH_DH_MODULI, "r")) == NULL) {
@@ -158,7 +158,7 @@ choose_dh(int min, int wantbits, int max)
158 158
159 linenum = 0; 159 linenum = 0;
160 best = bestcount = 0; 160 best = bestcount = 0;
161 while (fgets(line, sizeof(line), f)) { 161 while (getline(&line, &linesize, f) != -1) {
162 linenum++; 162 linenum++;
163 if (!parse_prime(linenum, line, &dhg)) 163 if (!parse_prime(linenum, line, &dhg))
164 continue; 164 continue;
@@ -176,6 +176,9 @@ choose_dh(int min, int wantbits, int max)
176 if (dhg.size == best) 176 if (dhg.size == best)
177 bestcount++; 177 bestcount++;
178 } 178 }
179 free(line);
180 line = NULL;
181 linesize = 0;
179 rewind(f); 182 rewind(f);
180 183
181 if (bestcount == 0) { 184 if (bestcount == 0) {
@@ -186,7 +189,7 @@ choose_dh(int min, int wantbits, int max)
186 189
187 linenum = 0; 190 linenum = 0;
188 which = arc4random_uniform(bestcount); 191 which = arc4random_uniform(bestcount);
189 while (fgets(line, sizeof(line), f)) { 192 while (getline(&line, &linesize, f) != -1) {
190 if (!parse_prime(linenum, line, &dhg)) 193 if (!parse_prime(linenum, line, &dhg))
191 continue; 194 continue;
192 if ((dhg.size > max || dhg.size < min) || 195 if ((dhg.size > max || dhg.size < min) ||
@@ -198,6 +201,8 @@ choose_dh(int min, int wantbits, int max)
198 } 201 }
199 break; 202 break;
200 } 203 }
204 free(line);
205 line = NULL;
201 fclose(f); 206 fclose(f);
202 if (linenum != which+1) { 207 if (linenum != which+1) {
203 logit("WARNING: line %d disappeared in %s, giving up", 208 logit("WARNING: line %d disappeared in %s, giving up",
@@ -274,6 +279,7 @@ dh_gen_key(DH *dh, int need)
274 if (DH_generate_key(dh) == 0 || 279 if (DH_generate_key(dh) == 0 ||
275 !dh_pub_is_valid(dh, dh->pub_key)) { 280 !dh_pub_is_valid(dh, dh->pub_key)) {
276 BN_clear_free(dh->priv_key); 281 BN_clear_free(dh->priv_key);
282 dh->priv_key = NULL;
277 return SSH_ERR_LIBCRYPTO_ERROR; 283 return SSH_ERR_LIBCRYPTO_ERROR;
278 } 284 }
279 return 0; 285 return 0;
diff --git a/entropy.c b/entropy.c
index 14b98f188..c178c00cf 100644
--- a/entropy.c
+++ b/entropy.c
@@ -53,7 +53,8 @@
53#include "atomicio.h" 53#include "atomicio.h"
54#include "pathnames.h" 54#include "pathnames.h"
55#include "log.h" 55#include "log.h"
56#include "buffer.h" 56#include "sshbuf.h"
57#include "ssherr.h"
57 58
58/* 59/*
59 * Portable OpenSSH PRNG seeding: 60 * Portable OpenSSH PRNG seeding:
@@ -181,29 +182,34 @@ seed_from_prngd(unsigned char *buf, size_t bytes)
181} 182}
182 183
183void 184void
184rexec_send_rng_seed(Buffer *m) 185rexec_send_rng_seed(struct sshbuf *m)
185{ 186{
186 u_char buf[RANDOM_SEED_SIZE]; 187 u_char buf[RANDOM_SEED_SIZE];
188 size_t len = sizeof(buf);
189 int r;
187 190
188 if (RAND_bytes(buf, sizeof(buf)) <= 0) { 191 if (RAND_bytes(buf, sizeof(buf)) <= 0) {
189 error("Couldn't obtain random bytes (error %ld)", 192 error("Couldn't obtain random bytes (error %ld)",
190 ERR_get_error()); 193 ERR_get_error());
191 buffer_put_string(m, "", 0); 194 len = 0;
192 } else 195 }
193 buffer_put_string(m, buf, sizeof(buf)); 196 if ((r = sshbuf_put_string(m, buf, len)) != 0)
197 fatal("%s: buffer error: %s", __func__, ssh_err(r));
198 explicit_bzero(buf, sizeof(buf));
194} 199}
195 200
196void 201void
197rexec_recv_rng_seed(Buffer *m) 202rexec_recv_rng_seed(struct sshbuf *m)
198{ 203{
199 u_char *buf; 204 u_char *buf = NULL;
200 u_int len; 205 size_t len = 0;
206 int r;
201 207
202 buf = buffer_get_string_ret(m, &len); 208 if ((r = sshbuf_get_string_direct(m, &buf, &len)) != 0
203 if (buf != NULL) { 209 fatal("%s: buffer error: %s", __func__, ssh_err(r));
204 debug3("rexec_recv_rng_seed: seeding rng with %u bytes", len); 210
205 RAND_add(buf, len, len); 211 debug3("rexec_recv_rng_seed: seeding rng with %u bytes", len);
206 } 212 RAND_add(buf, len, len);
207} 213}
208#endif /* OPENSSL_PRNG_ONLY */ 214#endif /* OPENSSL_PRNG_ONLY */
209 215
diff --git a/entropy.h b/entropy.h
index 9d5285b29..870164d30 100644
--- a/entropy.h
+++ b/entropy.h
@@ -25,11 +25,10 @@
25#ifndef _RANDOMS_H 25#ifndef _RANDOMS_H
26#define _RANDOMS_H 26#define _RANDOMS_H
27 27
28#include "buffer.h" 28struct sshbuf;
29 29
30void seed_rng(void); 30void seed_rng(void);
31 31void rexec_send_rng_seed(struct sshbuf *);
32void rexec_send_rng_seed(Buffer *); 32void rexec_recv_rng_seed(struct sshbuf *);
33void rexec_recv_rng_seed(Buffer *);
34 33
35#endif /* _RANDOMS_H */ 34#endif /* _RANDOMS_H */
diff --git a/gss-genr.c b/gss-genr.c
index 0b3ae073c..285fc29a5 100644
--- a/gss-genr.c
+++ b/gss-genr.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: gss-genr.c,v 1.24 2016/09/12 01:22:38 deraadt Exp $ */ 1/* $OpenBSD: gss-genr.c,v 1.26 2018/07/10 09:13:30 djm Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved. 4 * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved.
@@ -37,11 +37,11 @@
37#include <unistd.h> 37#include <unistd.h>
38 38
39#include "xmalloc.h" 39#include "xmalloc.h"
40#include "buffer.h" 40#include "ssherr.h"
41#include "sshbuf.h"
41#include "log.h" 42#include "log.h"
42#include "ssh2.h" 43#include "ssh2.h"
43#include "cipher.h" 44#include "cipher.h"
44#include "key.h"
45#include "kex.h" 45#include "kex.h"
46#include <openssl/evp.h> 46#include <openssl/evp.h>
47 47
@@ -69,6 +69,21 @@ ssh_gssapi_oid_table_ok(void) {
69 return (gss_enc2oid != NULL); 69 return (gss_enc2oid != NULL);
70} 70}
71 71
72/* sshbuf_get for gss_buffer_desc */
73int
74ssh_gssapi_get_buffer_desc(struct sshbuf *b, gss_buffer_desc *g)
75{
76 int r;
77 u_char *p;
78 size_t len;
79
80 if ((r = sshbuf_get_string(b, &p, &len)) != 0)
81 return r;
82 g->value = p;
83 g->length = len;
84 return 0;
85}
86
72/* 87/*
73 * Return a list of the gss-group1-sha1 mechanisms supported by this program 88 * Return a list of the gss-group1-sha1 mechanisms supported by this program
74 * 89 *
@@ -91,9 +106,9 @@ ssh_gssapi_client_mechanisms(const char *host, const char *client) {
91char * 106char *
92ssh_gssapi_kex_mechs(gss_OID_set gss_supported, ssh_gssapi_check_fn *check, 107ssh_gssapi_kex_mechs(gss_OID_set gss_supported, ssh_gssapi_check_fn *check,
93 const char *host, const char *client) { 108 const char *host, const char *client) {
94 Buffer buf; 109 struct sshbuf *buf;
95 size_t i; 110 size_t i;
96 int oidpos, enclen; 111 int r, oidpos, enclen;
97 char *mechs, *encoded; 112 char *mechs, *encoded;
98 u_char digest[EVP_MAX_MD_SIZE]; 113 u_char digest[EVP_MAX_MD_SIZE];
99 char deroid[2]; 114 char deroid[2];
@@ -109,7 +124,8 @@ ssh_gssapi_kex_mechs(gss_OID_set gss_supported, ssh_gssapi_check_fn *check,
109 gss_enc2oid = xmalloc(sizeof(ssh_gss_kex_mapping) * 124 gss_enc2oid = xmalloc(sizeof(ssh_gss_kex_mapping) *
110 (gss_supported->count + 1)); 125 (gss_supported->count + 1));
111 126
112 buffer_init(&buf); 127 if ((buf = sshbuf_new()) == NULL)
128 fatal("%s: sshbuf_new failed", __func__);
113 129
114 oidpos = 0; 130 oidpos = 0;
115 for (i = 0; i < gss_supported->count; i++) { 131 for (i = 0; i < gss_supported->count; i++) {
@@ -130,20 +146,25 @@ ssh_gssapi_kex_mechs(gss_OID_set gss_supported, ssh_gssapi_check_fn *check,
130 enclen = __b64_ntop(digest, EVP_MD_size(evp_md), 146 enclen = __b64_ntop(digest, EVP_MD_size(evp_md),
131 encoded, EVP_MD_size(evp_md) * 2); 147 encoded, EVP_MD_size(evp_md) * 2);
132 148
133 if (oidpos != 0) 149 if (oidpos != 0) {
134 buffer_put_char(&buf, ','); 150 if ((r = sshbuf_put_u8(buf, ',')) != 0)
135 151 fatal("%s: buffer error: %s",
136 buffer_append(&buf, KEX_GSS_GEX_SHA1_ID, 152 __func__, ssh_err(r));
137 sizeof(KEX_GSS_GEX_SHA1_ID) - 1); 153 }
138 buffer_append(&buf, encoded, enclen); 154
139 buffer_put_char(&buf, ','); 155 if ((r = sshbuf_put(buf, KEX_GSS_GEX_SHA1_ID,
140 buffer_append(&buf, KEX_GSS_GRP1_SHA1_ID, 156 sizeof(KEX_GSS_GEX_SHA1_ID) - 1)) != 0 ||
141 sizeof(KEX_GSS_GRP1_SHA1_ID) - 1); 157 (r = sshbuf_put(buf, encoded, enclen)) != 0 ||
142 buffer_append(&buf, encoded, enclen); 158 (r = sshbuf_put_u8(buf, ',')) != 0 ||
143 buffer_put_char(&buf, ','); 159 (r = sshbuf_put(buf, KEX_GSS_GRP1_SHA1_ID,
144 buffer_append(&buf, KEX_GSS_GRP14_SHA1_ID, 160 sizeof(KEX_GSS_GRP1_SHA1_ID) - 1)) != 0 ||
145 sizeof(KEX_GSS_GRP14_SHA1_ID) - 1); 161 (r = sshbuf_put(buf, encoded, enclen)) != 0 ||
146 buffer_append(&buf, encoded, enclen); 162 (r = sshbuf_put_u8(buf, ',')) != 0 ||
163 (r = sshbuf_put(buf, KEX_GSS_GRP14_SHA1_ID,
164 sizeof(KEX_GSS_GRP14_SHA1_ID) - 1)) != 0 ||
165 (r = sshbuf_put(buf, encoded, enclen)) != 0)
166 fatal("%s: buffer error: %s",
167 __func__, ssh_err(r));
147 168
148 gss_enc2oid[oidpos].oid = &(gss_supported->elements[i]); 169 gss_enc2oid[oidpos].oid = &(gss_supported->elements[i]);
149 gss_enc2oid[oidpos].encoded = encoded; 170 gss_enc2oid[oidpos].encoded = encoded;
@@ -153,11 +174,8 @@ ssh_gssapi_kex_mechs(gss_OID_set gss_supported, ssh_gssapi_check_fn *check,
153 gss_enc2oid[oidpos].oid = NULL; 174 gss_enc2oid[oidpos].oid = NULL;
154 gss_enc2oid[oidpos].encoded = NULL; 175 gss_enc2oid[oidpos].encoded = NULL;
155 176
156 buffer_put_char(&buf, '\0'); 177 if ((mechs = sshbuf_dup_string(buf)) == NULL)
157 178 fatal("%s: sshbuf_dup_string failed", __func__);
158 mechs = xmalloc(buffer_len(&buf));
159 buffer_get(&buf, mechs, buffer_len(&buf));
160 buffer_free(&buf);
161 179
162 if (strlen(mechs) == 0) { 180 if (strlen(mechs) == 0) {
163 free(mechs); 181 free(mechs);
@@ -249,10 +267,12 @@ ssh_gssapi_last_error(Gssctxt *ctxt, OM_uint32 *major_status,
249 OM_uint32 lmin; 267 OM_uint32 lmin;
250 gss_buffer_desc msg = GSS_C_EMPTY_BUFFER; 268 gss_buffer_desc msg = GSS_C_EMPTY_BUFFER;
251 OM_uint32 ctx; 269 OM_uint32 ctx;
252 Buffer b; 270 struct sshbuf *b;
253 char *ret; 271 char *ret;
272 int r;
254 273
255 buffer_init(&b); 274 if ((b = sshbuf_new()) == NULL)
275 fatal("%s: sshbuf_new failed", __func__);
256 276
257 if (major_status != NULL) 277 if (major_status != NULL)
258 *major_status = ctxt->major; 278 *major_status = ctxt->major;
@@ -265,8 +285,9 @@ ssh_gssapi_last_error(Gssctxt *ctxt, OM_uint32 *major_status,
265 gss_display_status(&lmin, ctxt->major, 285 gss_display_status(&lmin, ctxt->major,
266 GSS_C_GSS_CODE, ctxt->oid, &ctx, &msg); 286 GSS_C_GSS_CODE, ctxt->oid, &ctx, &msg);
267 287
268 buffer_append(&b, msg.value, msg.length); 288 if ((r = sshbuf_put(b, msg.value, msg.length)) != 0 ||
269 buffer_put_char(&b, '\n'); 289 (r = sshbuf_put_u8(b, '\n')) != 0)
290 fatal("%s: buffer error: %s", __func__, ssh_err(r));
270 291
271 gss_release_buffer(&lmin, &msg); 292 gss_release_buffer(&lmin, &msg);
272 } while (ctx != 0); 293 } while (ctx != 0);
@@ -276,16 +297,17 @@ ssh_gssapi_last_error(Gssctxt *ctxt, OM_uint32 *major_status,
276 gss_display_status(&lmin, ctxt->minor, 297 gss_display_status(&lmin, ctxt->minor,
277 GSS_C_MECH_CODE, ctxt->oid, &ctx, &msg); 298 GSS_C_MECH_CODE, ctxt->oid, &ctx, &msg);
278 299
279 buffer_append(&b, msg.value, msg.length); 300 if ((r = sshbuf_put(b, msg.value, msg.length)) != 0 ||
280 buffer_put_char(&b, '\n'); 301 (r = sshbuf_put_u8(b, '\n')) != 0)
302 fatal("%s: buffer error: %s", __func__, ssh_err(r));
281 303
282 gss_release_buffer(&lmin, &msg); 304 gss_release_buffer(&lmin, &msg);
283 } while (ctx != 0); 305 } while (ctx != 0);
284 306
285 buffer_put_char(&b, '\0'); 307 if ((r = sshbuf_put_u8(b, '\n')) != 0)
286 ret = xmalloc(buffer_len(&b)); 308 fatal("%s: buffer error: %s", __func__, ssh_err(r));
287 buffer_get(&b, ret, buffer_len(&b)); 309 ret = xstrdup((const char *)sshbuf_ptr(b));
288 buffer_free(&b); 310 sshbuf_free(b);
289 return (ret); 311 return (ret);
290} 312}
291 313
@@ -440,15 +462,18 @@ ssh_gssapi_checkmic(Gssctxt *ctx, gss_buffer_t gssbuf, gss_buffer_t gssmic)
440} 462}
441 463
442void 464void
443ssh_gssapi_buildmic(Buffer *b, const char *user, const char *service, 465ssh_gssapi_buildmic(struct sshbuf *b, const char *user, const char *service,
444 const char *context) 466 const char *context)
445{ 467{
446 buffer_init(b); 468 int r;
447 buffer_put_string(b, session_id2, session_id2_len); 469
448 buffer_put_char(b, SSH2_MSG_USERAUTH_REQUEST); 470 sshbuf_reset(b);
449 buffer_put_cstring(b, user); 471 if ((r = sshbuf_put_string(b, session_id2, session_id2_len)) != 0 ||
450 buffer_put_cstring(b, service); 472 (r = sshbuf_put_u8(b, SSH2_MSG_USERAUTH_REQUEST)) != 0 ||
451 buffer_put_cstring(b, context); 473 (r = sshbuf_put_cstring(b, user)) != 0 ||
474 (r = sshbuf_put_cstring(b, service)) != 0 ||
475 (r = sshbuf_put_cstring(b, context)) != 0)
476 fatal("%s: buffer error: %s", __func__, ssh_err(r));
452} 477}
453 478
454int 479int
diff --git a/gss-serv-krb5.c b/gss-serv-krb5.c
index fd8b37183..90f8692f5 100644
--- a/gss-serv-krb5.c
+++ b/gss-serv-krb5.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: gss-serv-krb5.c,v 1.8 2013/07/20 01:55:13 djm Exp $ */ 1/* $OpenBSD: gss-serv-krb5.c,v 1.9 2018/07/09 21:37:55 markus Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2001-2007 Simon Wilkinson. All rights reserved. 4 * Copyright (c) 2001-2007 Simon Wilkinson. All rights reserved.
@@ -35,14 +35,13 @@
35#include <string.h> 35#include <string.h>
36 36
37#include "xmalloc.h" 37#include "xmalloc.h"
38#include "key.h" 38#include "sshkey.h"
39#include "hostfile.h" 39#include "hostfile.h"
40#include "auth.h" 40#include "auth.h"
41#include "log.h" 41#include "log.h"
42#include "misc.h" 42#include "misc.h"
43#include "servconf.h" 43#include "servconf.h"
44 44
45#include "buffer.h"
46#include "ssh-gss.h" 45#include "ssh-gss.h"
47 46
48extern ServerOptions options; 47extern ServerOptions options;
diff --git a/gss-serv.c b/gss-serv.c
index 967c6cfbc..6c087a1b1 100644
--- a/gss-serv.c
+++ b/gss-serv.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: gss-serv.c,v 1.30 2017/06/24 06:34:38 djm Exp $ */ 1/* $OpenBSD: gss-serv.c,v 1.31 2018/07/09 21:37:55 markus Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved. 4 * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved.
@@ -36,8 +36,7 @@
36 36
37#include "openbsd-compat/sys-queue.h" 37#include "openbsd-compat/sys-queue.h"
38#include "xmalloc.h" 38#include "xmalloc.h"
39#include "buffer.h" 39#include "sshkey.h"
40#include "key.h"
41#include "hostfile.h" 40#include "hostfile.h"
42#include "auth.h" 41#include "auth.h"
43#include "log.h" 42#include "log.h"
diff --git a/hostfile.c b/hostfile.c
index 12f174ff9..e1f826bdd 100644
--- a/hostfile.c
+++ b/hostfile.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: hostfile.c,v 1.71 2017/05/31 09:15:42 deraadt Exp $ */ 1/* $OpenBSD: hostfile.c,v 1.73 2018/07/16 03:09:13 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -663,14 +663,14 @@ hostkeys_foreach(const char *path, hostkeys_foreach_fn *callback, void *ctx,
663 const char *host, const char *ip, u_int options) 663 const char *host, const char *ip, u_int options)
664{ 664{
665 FILE *f; 665 FILE *f;
666 char line[8192], oline[8192], ktype[128]; 666 char *line = NULL, ktype[128];
667 u_long linenum = 0; 667 u_long linenum = 0;
668 char *cp, *cp2; 668 char *cp, *cp2;
669 u_int kbits; 669 u_int kbits;
670 int hashed; 670 int hashed;
671 int s, r = 0; 671 int s, r = 0;
672 struct hostkey_foreach_line lineinfo; 672 struct hostkey_foreach_line lineinfo;
673 size_t l; 673 size_t linesize = 0, l;
674 674
675 memset(&lineinfo, 0, sizeof(lineinfo)); 675 memset(&lineinfo, 0, sizeof(lineinfo));
676 if (host == NULL && (options & HKF_WANT_MATCH) != 0) 676 if (host == NULL && (options & HKF_WANT_MATCH) != 0)
@@ -679,15 +679,16 @@ hostkeys_foreach(const char *path, hostkeys_foreach_fn *callback, void *ctx,
679 return SSH_ERR_SYSTEM_ERROR; 679 return SSH_ERR_SYSTEM_ERROR;
680 680
681 debug3("%s: reading file \"%s\"", __func__, path); 681 debug3("%s: reading file \"%s\"", __func__, path);
682 while (read_keyfile_line(f, path, line, sizeof(line), &linenum) == 0) { 682 while (getline(&line, &linesize, f) != -1) {
683 linenum++;
683 line[strcspn(line, "\n")] = '\0'; 684 line[strcspn(line, "\n")] = '\0';
684 strlcpy(oline, line, sizeof(oline));
685 685
686 free(lineinfo.line);
686 sshkey_free(lineinfo.key); 687 sshkey_free(lineinfo.key);
687 memset(&lineinfo, 0, sizeof(lineinfo)); 688 memset(&lineinfo, 0, sizeof(lineinfo));
688 lineinfo.path = path; 689 lineinfo.path = path;
689 lineinfo.linenum = linenum; 690 lineinfo.linenum = linenum;
690 lineinfo.line = oline; 691 lineinfo.line = xstrdup(line);
691 lineinfo.marker = MRK_NONE; 692 lineinfo.marker = MRK_NONE;
692 lineinfo.status = HKF_STATUS_OK; 693 lineinfo.status = HKF_STATUS_OK;
693 lineinfo.keytype = KEY_UNSPEC; 694 lineinfo.keytype = KEY_UNSPEC;
@@ -826,6 +827,8 @@ hostkeys_foreach(const char *path, hostkeys_foreach_fn *callback, void *ctx,
826 break; 827 break;
827 } 828 }
828 sshkey_free(lineinfo.key); 829 sshkey_free(lineinfo.key);
830 free(lineinfo.line);
831 free(line);
829 fclose(f); 832 fclose(f);
830 return r; 833 return r;
831} 834}
diff --git a/kex.c b/kex.c
index 6cc2935fe..fb5bfaea5 100644
--- a/kex.c
+++ b/kex.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: kex.c,v 1.136 2018/02/07 02:06:50 jsing Exp $ */ 1/* $OpenBSD: kex.c,v 1.141 2018/07/09 13:37:10 sf Exp $ */
2/* 2/*
3 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
4 * 4 *
@@ -190,7 +190,7 @@ kex_names_cat(const char *a, const char *b)
190 size_t len; 190 size_t len;
191 191
192 if (a == NULL || *a == '\0') 192 if (a == NULL || *a == '\0')
193 return NULL; 193 return strdup(b);
194 if (b == NULL || *b == '\0') 194 if (b == NULL || *b == '\0')
195 return strdup(a); 195 return strdup(a);
196 if (strlen(b) > 1024*1024) 196 if (strlen(b) > 1024*1024)
@@ -225,27 +225,88 @@ kex_names_cat(const char *a, const char *b)
225 * specified names should be removed. 225 * specified names should be removed.
226 */ 226 */
227int 227int
228kex_assemble_names(const char *def, char **list) 228kex_assemble_names(char **listp, const char *def, const char *all)
229{ 229{
230 char *ret; 230 char *cp, *tmp, *patterns;
231 char *list = NULL, *ret = NULL, *matching = NULL, *opatterns = NULL;
232 int r = SSH_ERR_INTERNAL_ERROR;
231 233
232 if (list == NULL || *list == NULL || **list == '\0') { 234 if (listp == NULL || *listp == NULL || **listp == '\0') {
233 *list = strdup(def); 235 if ((*listp = strdup(def)) == NULL)
236 return SSH_ERR_ALLOC_FAIL;
234 return 0; 237 return 0;
235 } 238 }
236 if (**list == '+') { 239
237 if ((ret = kex_names_cat(def, *list + 1)) == NULL) 240 list = *listp;
238 return SSH_ERR_ALLOC_FAIL; 241 *listp = NULL;
239 free(*list); 242 if (*list == '+') {
240 *list = ret; 243 /* Append names to default list */
241 } else if (**list == '-') { 244 if ((tmp = kex_names_cat(def, list + 1)) == NULL) {
242 if ((ret = match_filter_list(def, *list + 1)) == NULL) 245 r = SSH_ERR_ALLOC_FAIL;
243 return SSH_ERR_ALLOC_FAIL; 246 goto fail;
244 free(*list); 247 }
245 *list = ret; 248 free(list);
249 list = tmp;
250 } else if (*list == '-') {
251 /* Remove names from default list */
252 if ((*listp = match_filter_blacklist(def, list + 1)) == NULL) {
253 r = SSH_ERR_ALLOC_FAIL;
254 goto fail;
255 }
256 free(list);
257 /* filtering has already been done */
258 return 0;
259 } else {
260 /* Explicit list, overrides default - just use "list" as is */
246 } 261 }
247 262
248 return 0; 263 /*
264 * The supplied names may be a pattern-list. For the -list case,
265 * the patterns are applied above. For the +list and explicit list
266 * cases we need to do it now.
267 */
268 ret = NULL;
269 if ((patterns = opatterns = strdup(list)) == NULL) {
270 r = SSH_ERR_ALLOC_FAIL;
271 goto fail;
272 }
273 /* Apply positive (i.e. non-negated) patterns from the list */
274 while ((cp = strsep(&patterns, ",")) != NULL) {
275 if (*cp == '!') {
276 /* negated matches are not supported here */
277 r = SSH_ERR_INVALID_ARGUMENT;
278 goto fail;
279 }
280 free(matching);
281 if ((matching = match_filter_whitelist(all, cp)) == NULL) {
282 r = SSH_ERR_ALLOC_FAIL;
283 goto fail;
284 }
285 if ((tmp = kex_names_cat(ret, matching)) == NULL) {
286 r = SSH_ERR_ALLOC_FAIL;
287 goto fail;
288 }
289 free(ret);
290 ret = tmp;
291 }
292 if (ret == NULL || *ret == '\0') {
293 /* An empty name-list is an error */
294 /* XXX better error code? */
295 r = SSH_ERR_INVALID_ARGUMENT;
296 goto fail;
297 }
298
299 /* success */
300 *listp = ret;
301 ret = NULL;
302 r = 0;
303
304 fail:
305 free(matching);
306 free(opatterns);
307 free(list);
308 free(ret);
309 return r;
249} 310}
250 311
251/* put algorithm proposal into buffer */ 312/* put algorithm proposal into buffer */
@@ -358,6 +419,7 @@ kex_send_ext_info(struct ssh *ssh)
358 419
359 if ((algs = sshkey_alg_list(0, 1, 1, ',')) == NULL) 420 if ((algs = sshkey_alg_list(0, 1, 1, ',')) == NULL)
360 return SSH_ERR_ALLOC_FAIL; 421 return SSH_ERR_ALLOC_FAIL;
422 /* XXX filter algs list by allowed pubkey/hostbased types */
361 if ((r = sshpkt_start(ssh, SSH2_MSG_EXT_INFO)) != 0 || 423 if ((r = sshpkt_start(ssh, SSH2_MSG_EXT_INFO)) != 0 ||
362 (r = sshpkt_put_u32(ssh, 1)) != 0 || 424 (r = sshpkt_put_u32(ssh, 1)) != 0 ||
363 (r = sshpkt_put_cstring(ssh, "server-sig-algs")) != 0 || 425 (r = sshpkt_put_cstring(ssh, "server-sig-algs")) != 0 ||
@@ -394,7 +456,7 @@ kex_input_ext_info(int type, u_int32_t seq, struct ssh *ssh)
394{ 456{
395 struct kex *kex = ssh->kex; 457 struct kex *kex = ssh->kex;
396 u_int32_t i, ninfo; 458 u_int32_t i, ninfo;
397 char *name, *found; 459 char *name;
398 u_char *val; 460 u_char *val;
399 size_t vlen; 461 size_t vlen;
400 int r; 462 int r;
@@ -417,16 +479,8 @@ kex_input_ext_info(int type, u_int32_t seq, struct ssh *ssh)
417 return SSH_ERR_INVALID_FORMAT; 479 return SSH_ERR_INVALID_FORMAT;
418 } 480 }
419 debug("%s: %s=<%s>", __func__, name, val); 481 debug("%s: %s=<%s>", __func__, name, val);
420 found = match_list("rsa-sha2-256", val, NULL); 482 kex->server_sig_algs = val;
421 if (found) { 483 val = NULL;
422 kex->rsa_sha2 = 256;
423 free(found);
424 }
425 found = match_list("rsa-sha2-512", val, NULL);
426 if (found) {
427 kex->rsa_sha2 = 512;
428 free(found);
429 }
430 } else 484 } else
431 debug("%s: %s (unrecognised)", __func__, name); 485 debug("%s: %s (unrecognised)", __func__, name);
432 free(name); 486 free(name);
diff --git a/kex.h b/kex.h
index a708e4868..4e5ead839 100644
--- a/kex.h
+++ b/kex.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: kex.h,v 1.83 2017/05/30 14:23:52 markus Exp $ */ 1/* $OpenBSD: kex.h,v 1.91 2018/07/11 18:53:29 markus Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. 4 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
@@ -27,8 +27,6 @@
27#define KEX_H 27#define KEX_H
28 28
29#include "mac.h" 29#include "mac.h"
30#include "buffer.h" /* XXX for typedef */
31#include "key.h" /* XXX for typedef */
32 30
33#ifdef WITH_LEAKMALLOC 31#ifdef WITH_LEAKMALLOC
34#include "leakmalloc.h" 32#include "leakmalloc.h"
@@ -43,6 +41,8 @@
43# define EC_POINT void 41# define EC_POINT void
44# endif /* OPENSSL_HAS_ECC */ 42# endif /* OPENSSL_HAS_ECC */
45#else /* WITH_OPENSSL */ 43#else /* WITH_OPENSSL */
44# define DH void
45# define BIGNUM void
46# define EC_KEY void 46# define EC_KEY void
47# define EC_GROUP void 47# define EC_GROUP void
48# define EC_POINT void 48# define EC_POINT void
@@ -64,6 +64,7 @@
64#define KEX_CURVE25519_SHA256_OLD "curve25519-sha256@libssh.org" 64#define KEX_CURVE25519_SHA256_OLD "curve25519-sha256@libssh.org"
65 65
66#define COMP_NONE 0 66#define COMP_NONE 0
67/* pre-auth compression (COMP_ZLIB) is only supported in the client */
67#define COMP_ZLIB 1 68#define COMP_ZLIB 1
68#define COMP_DELAYED 2 69#define COMP_DELAYED 2
69 70
@@ -142,7 +143,7 @@ struct kex {
142 int hostkey_type; 143 int hostkey_type;
143 int hostkey_nid; 144 int hostkey_nid;
144 u_int kex_type; 145 u_int kex_type;
145 int rsa_sha2; 146 char *server_sig_algs;
146 int ext_info_c; 147 int ext_info_c;
147 struct sshbuf *my; 148 struct sshbuf *my;
148 struct sshbuf *peer; 149 struct sshbuf *peer;
@@ -178,7 +179,7 @@ struct kex {
178int kex_names_valid(const char *); 179int kex_names_valid(const char *);
179char *kex_alg_list(char); 180char *kex_alg_list(char);
180char *kex_names_cat(const char *, const char *); 181char *kex_names_cat(const char *, const char *);
181int kex_assemble_names(const char *, char **); 182int kex_assemble_names(char **, const char *, const char *);
182 183
183int kex_new(struct ssh *, char *[PROPOSAL_MAX], struct kex **); 184int kex_new(struct ssh *, char *[PROPOSAL_MAX], struct kex **);
184int kex_setup(struct ssh *, char *[PROPOSAL_MAX]); 185int kex_setup(struct ssh *, char *[PROPOSAL_MAX]);
diff --git a/kexdhs.c b/kexdhs.c
index da8f4c439..5dfca0a24 100644
--- a/kexdhs.c
+++ b/kexdhs.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: kexdhs.c,v 1.26 2018/02/07 02:06:51 jsing Exp $ */ 1/* $OpenBSD: kexdhs.c,v 1.27 2018/04/10 00:10:49 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2001 Markus Friedl. All rights reserved. 3 * Copyright (c) 2001 Markus Friedl. All rights reserved.
4 * 4 *
@@ -194,7 +194,7 @@ input_kex_dh_init(int type, u_int32_t seq, struct ssh *ssh)
194 194
195 /* destroy_sensitive_data(); */ 195 /* destroy_sensitive_data(); */
196 196
197 /* send server hostkey, DH pubkey 'f' and singed H */ 197 /* send server hostkey, DH pubkey 'f' and signed H */
198 if ((r = sshpkt_start(ssh, SSH2_MSG_KEXDH_REPLY)) != 0 || 198 if ((r = sshpkt_start(ssh, SSH2_MSG_KEXDH_REPLY)) != 0 ||
199 (r = sshpkt_put_string(ssh, server_host_key_blob, sbloblen)) != 0 || 199 (r = sshpkt_put_string(ssh, server_host_key_blob, sbloblen)) != 0 ||
200 (r = sshpkt_put_bignum2(ssh, kex->dh->pub_key)) != 0 || /* f */ 200 (r = sshpkt_put_bignum2(ssh, kex->dh->pub_key)) != 0 || /* f */
diff --git a/kexgexs.c b/kexgexs.c
index d7b48ea88..f6983fd69 100644
--- a/kexgexs.c
+++ b/kexgexs.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: kexgexs.c,v 1.32 2018/02/07 02:06:51 jsing Exp $ */ 1/* $OpenBSD: kexgexs.c,v 1.33 2018/04/10 00:10:49 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2000 Niels Provos. All rights reserved. 3 * Copyright (c) 2000 Niels Provos. All rights reserved.
4 * Copyright (c) 2001 Markus Friedl. All rights reserved. 4 * Copyright (c) 2001 Markus Friedl. All rights reserved.
@@ -224,7 +224,7 @@ input_kex_dh_gex_init(int type, u_int32_t seq, struct ssh *ssh)
224 224
225 /* destroy_sensitive_data(); */ 225 /* destroy_sensitive_data(); */
226 226
227 /* send server hostkey, DH pubkey 'f' and singed H */ 227 /* send server hostkey, DH pubkey 'f' and signed H */
228 if ((r = sshpkt_start(ssh, SSH2_MSG_KEX_DH_GEX_REPLY)) != 0 || 228 if ((r = sshpkt_start(ssh, SSH2_MSG_KEX_DH_GEX_REPLY)) != 0 ||
229 (r = sshpkt_put_string(ssh, server_host_key_blob, sbloblen)) != 0 || 229 (r = sshpkt_put_string(ssh, server_host_key_blob, sbloblen)) != 0 ||
230 (r = sshpkt_put_bignum2(ssh, kex->dh->pub_key)) != 0 || /* f */ 230 (r = sshpkt_put_bignum2(ssh, kex->dh->pub_key)) != 0 || /* f */
diff --git a/kexgssc.c b/kexgssc.c
index 10447f2b0..953c0a248 100644
--- a/kexgssc.c
+++ b/kexgssc.c
@@ -34,9 +34,9 @@
34#include <string.h> 34#include <string.h>
35 35
36#include "xmalloc.h" 36#include "xmalloc.h"
37#include "buffer.h" 37#include "sshbuf.h"
38#include "ssh2.h" 38#include "ssh2.h"
39#include "key.h" 39#include "sshkey.h"
40#include "cipher.h" 40#include "cipher.h"
41#include "kex.h" 41#include "kex.h"
42#include "log.h" 42#include "log.h"
@@ -273,8 +273,8 @@ kexgss_client(struct ssh *ssh) {
273 ssh->kex->hash_alg, 273 ssh->kex->hash_alg,
274 ssh->kex->client_version_string, 274 ssh->kex->client_version_string,
275 ssh->kex->server_version_string, 275 ssh->kex->server_version_string,
276 buffer_ptr(ssh->kex->my), buffer_len(ssh->kex->my), 276 sshbuf_ptr(ssh->kex->my), sshbuf_len(ssh->kex->my),
277 buffer_ptr(ssh->kex->peer), buffer_len(ssh->kex->peer), 277 sshbuf_ptr(ssh->kex->peer), sshbuf_len(ssh->kex->peer),
278 (serverhostkey ? serverhostkey : empty), slen, 278 (serverhostkey ? serverhostkey : empty), slen,
279 dh->pub_key, /* e */ 279 dh->pub_key, /* e */
280 dh_server_pub, /* f */ 280 dh_server_pub, /* f */
@@ -287,8 +287,8 @@ kexgss_client(struct ssh *ssh) {
287 ssh->kex->hash_alg, 287 ssh->kex->hash_alg,
288 ssh->kex->client_version_string, 288 ssh->kex->client_version_string,
289 ssh->kex->server_version_string, 289 ssh->kex->server_version_string,
290 buffer_ptr(ssh->kex->my), buffer_len(ssh->kex->my), 290 sshbuf_ptr(ssh->kex->my), sshbuf_len(ssh->kex->my),
291 buffer_ptr(ssh->kex->peer), buffer_len(ssh->kex->peer), 291 sshbuf_ptr(ssh->kex->peer), sshbuf_len(ssh->kex->peer),
292 (serverhostkey ? serverhostkey : empty), slen, 292 (serverhostkey ? serverhostkey : empty), slen,
293 min, nbits, max, 293 min, nbits, max,
294 dh->p, dh->g, 294 dh->p, dh->g,
diff --git a/kexgsss.c b/kexgsss.c
index 38ca082ba..31ec6a890 100644
--- a/kexgsss.c
+++ b/kexgsss.c
@@ -32,9 +32,9 @@
32#include <openssl/bn.h> 32#include <openssl/bn.h>
33 33
34#include "xmalloc.h" 34#include "xmalloc.h"
35#include "buffer.h" 35#include "sshbuf.h"
36#include "ssh2.h" 36#include "ssh2.h"
37#include "key.h" 37#include "sshkey.h"
38#include "cipher.h" 38#include "cipher.h"
39#include "kex.h" 39#include "kex.h"
40#include "log.h" 40#include "log.h"
@@ -220,8 +220,8 @@ kexgss_server(struct ssh *ssh)
220 kex_dh_hash( 220 kex_dh_hash(
221 ssh->kex->hash_alg, 221 ssh->kex->hash_alg,
222 ssh->kex->client_version_string, ssh->kex->server_version_string, 222 ssh->kex->client_version_string, ssh->kex->server_version_string,
223 buffer_ptr(ssh->kex->peer), buffer_len(ssh->kex->peer), 223 sshbuf_ptr(ssh->kex->peer), sshbuf_len(ssh->kex->peer),
224 buffer_ptr(ssh->kex->my), buffer_len(ssh->kex->my), 224 sshbuf_ptr(ssh->kex->my), sshbuf_len(ssh->kex->my),
225 NULL, 0, /* Change this if we start sending host keys */ 225 NULL, 0, /* Change this if we start sending host keys */
226 dh_client_pub, dh->pub_key, shared_secret, 226 dh_client_pub, dh->pub_key, shared_secret,
227 hash, &hashlen 227 hash, &hashlen
@@ -231,8 +231,8 @@ kexgss_server(struct ssh *ssh)
231 kexgex_hash( 231 kexgex_hash(
232 ssh->kex->hash_alg, 232 ssh->kex->hash_alg,
233 ssh->kex->client_version_string, ssh->kex->server_version_string, 233 ssh->kex->client_version_string, ssh->kex->server_version_string,
234 buffer_ptr(ssh->kex->peer), buffer_len(ssh->kex->peer), 234 sshbuf_ptr(ssh->kex->peer), sshbuf_len(ssh->kex->peer),
235 buffer_ptr(ssh->kex->my), buffer_len(ssh->kex->my), 235 sshbuf_ptr(ssh->kex->my), sshbuf_len(ssh->kex->my),
236 NULL, 0, 236 NULL, 0,
237 min, nbits, max, 237 min, nbits, max,
238 dh->p, dh->g, 238 dh->p, dh->g,
diff --git a/key.c b/key.c
deleted file mode 100644
index a05fdd3c0..000000000
--- a/key.c
+++ /dev/null
@@ -1,236 +0,0 @@
1/* $OpenBSD: key.c,v 1.132 2017/12/18 02:25:15 djm Exp $ */
2/*
3 * placed in the public domain
4 */
5
6#include "includes.h"
7
8#include <sys/types.h>
9#include <errno.h>
10#include <stdarg.h>
11#include <stdio.h>
12#include <limits.h>
13
14#define SSH_KEY_NO_DEFINE
15#include "key.h"
16
17#include "compat.h"
18#include "sshkey.h"
19#include "ssherr.h"
20#include "log.h"
21#include "authfile.h"
22
23static void
24fatal_on_fatal_errors(int r, const char *func, int extra_fatal)
25{
26 if (r == SSH_ERR_INTERNAL_ERROR ||
27 r == SSH_ERR_ALLOC_FAIL ||
28 (extra_fatal != 0 && r == extra_fatal))
29 fatal("%s: %s", func, ssh_err(r));
30}
31
32Key *
33key_from_blob(const u_char *blob, u_int blen)
34{
35 int r;
36 Key *ret = NULL;
37
38 if ((r = sshkey_from_blob(blob, blen, &ret)) != 0) {
39 fatal_on_fatal_errors(r, __func__, 0);
40 error("%s: %s", __func__, ssh_err(r));
41 return NULL;
42 }
43 return ret;
44}
45
46int
47key_to_blob(const Key *key, u_char **blobp, u_int *lenp)
48{
49 u_char *blob;
50 size_t blen;
51 int r;
52
53 if (blobp != NULL)
54 *blobp = NULL;
55 if (lenp != NULL)
56 *lenp = 0;
57 if ((r = sshkey_to_blob(key, &blob, &blen)) != 0) {
58 fatal_on_fatal_errors(r, __func__, 0);
59 error("%s: %s", __func__, ssh_err(r));
60 return 0;
61 }
62 if (blen > INT_MAX)
63 fatal("%s: giant len %zu", __func__, blen);
64 if (blobp != NULL)
65 *blobp = blob;
66 if (lenp != NULL)
67 *lenp = blen;
68 return blen;
69}
70
71int
72key_sign(const Key *key, u_char **sigp, u_int *lenp,
73 const u_char *data, u_int datalen, const char *alg)
74{
75 int r;
76 u_char *sig;
77 size_t siglen;
78
79 if (sigp != NULL)
80 *sigp = NULL;
81 if (lenp != NULL)
82 *lenp = 0;
83 if ((r = sshkey_sign(key, &sig, &siglen,
84 data, datalen, alg, datafellows)) != 0) {
85 fatal_on_fatal_errors(r, __func__, 0);
86 error("%s: %s", __func__, ssh_err(r));
87 return -1;
88 }
89 if (siglen > INT_MAX)
90 fatal("%s: giant len %zu", __func__, siglen);
91 if (sigp != NULL)
92 *sigp = sig;
93 if (lenp != NULL)
94 *lenp = siglen;
95 return 0;
96}
97
98Key *
99key_demote(const Key *k)
100{
101 int r;
102 Key *ret = NULL;
103
104 if ((r = sshkey_demote(k, &ret)) != 0)
105 fatal("%s: %s", __func__, ssh_err(r));
106 return ret;
107}
108
109int
110key_drop_cert(Key *k)
111{
112 int r;
113
114 if ((r = sshkey_drop_cert(k)) != 0) {
115 fatal_on_fatal_errors(r, __func__, 0);
116 error("%s: %s", __func__, ssh_err(r));
117 return -1;
118 }
119 return 0;
120}
121
122int
123key_cert_check_authority(const Key *k, int want_host, int require_principal,
124 const char *name, const char **reason)
125{
126 int r;
127
128 if ((r = sshkey_cert_check_authority(k, want_host, require_principal,
129 name, reason)) != 0) {
130 fatal_on_fatal_errors(r, __func__, 0);
131 error("%s: %s", __func__, ssh_err(r));
132 return -1;
133 }
134 return 0;
135}
136
137/* authfile.c */
138
139Key *
140key_load_cert(const char *filename)
141{
142 int r;
143 Key *ret = NULL;
144
145 if ((r = sshkey_load_cert(filename, &ret)) != 0) {
146 fatal_on_fatal_errors(r, __func__, SSH_ERR_LIBCRYPTO_ERROR);
147 /* Old authfile.c ignored all file errors. */
148 if (r == SSH_ERR_SYSTEM_ERROR)
149 debug("%s: %s", __func__, ssh_err(r));
150 else
151 error("%s: %s", __func__, ssh_err(r));
152 return NULL;
153 }
154 return ret;
155
156}
157
158Key *
159key_load_public(const char *filename, char **commentp)
160{
161 int r;
162 Key *ret = NULL;
163
164 if ((r = sshkey_load_public(filename, &ret, commentp)) != 0) {
165 fatal_on_fatal_errors(r, __func__, SSH_ERR_LIBCRYPTO_ERROR);
166 /* Old authfile.c ignored all file errors. */
167 if (r == SSH_ERR_SYSTEM_ERROR)
168 debug("%s: %s", __func__, ssh_err(r));
169 else
170 error("%s: %s", __func__, ssh_err(r));
171 return NULL;
172 }
173 return ret;
174}
175
176Key *
177key_load_private(const char *path, const char *passphrase,
178 char **commentp)
179{
180 int r;
181 Key *ret = NULL;
182
183 if ((r = sshkey_load_private(path, passphrase, &ret, commentp)) != 0) {
184 fatal_on_fatal_errors(r, __func__, SSH_ERR_LIBCRYPTO_ERROR);
185 /* Old authfile.c ignored all file errors. */
186 if (r == SSH_ERR_SYSTEM_ERROR ||
187 r == SSH_ERR_KEY_WRONG_PASSPHRASE)
188 debug("%s: %s", __func__, ssh_err(r));
189 else
190 error("%s: %s", __func__, ssh_err(r));
191 return NULL;
192 }
193 return ret;
194}
195
196Key *
197key_load_private_cert(int type, const char *filename, const char *passphrase,
198 int *perm_ok)
199{
200 int r;
201 Key *ret = NULL;
202
203 if ((r = sshkey_load_private_cert(type, filename, passphrase,
204 &ret, perm_ok)) != 0) {
205 fatal_on_fatal_errors(r, __func__, SSH_ERR_LIBCRYPTO_ERROR);
206 /* Old authfile.c ignored all file errors. */
207 if (r == SSH_ERR_SYSTEM_ERROR ||
208 r == SSH_ERR_KEY_WRONG_PASSPHRASE)
209 debug("%s: %s", __func__, ssh_err(r));
210 else
211 error("%s: %s", __func__, ssh_err(r));
212 return NULL;
213 }
214 return ret;
215}
216
217Key *
218key_load_private_type(int type, const char *filename, const char *passphrase,
219 char **commentp, int *perm_ok)
220{
221 int r;
222 Key *ret = NULL;
223
224 if ((r = sshkey_load_private_type(type, filename, passphrase,
225 &ret, commentp, perm_ok)) != 0) {
226 fatal_on_fatal_errors(r, __func__, SSH_ERR_LIBCRYPTO_ERROR);
227 /* Old authfile.c ignored all file errors. */
228 if (r == SSH_ERR_SYSTEM_ERROR ||
229 (r == SSH_ERR_KEY_WRONG_PASSPHRASE))
230 debug("%s: %s", __func__, ssh_err(r));
231 else
232 error("%s: %s", __func__, ssh_err(r));
233 return NULL;
234 }
235 return ret;
236}
diff --git a/key.h b/key.h
deleted file mode 100644
index fd59cbf54..000000000
--- a/key.h
+++ /dev/null
@@ -1,69 +0,0 @@
1/* $OpenBSD: key.h,v 1.52 2017/12/18 02:25:15 djm Exp $ */
2
3/*
4 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
14 *
15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
16 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
17 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
18 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
19 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
20 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
21 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
22 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
23 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
24 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
25 */
26#ifndef KEY_H
27#define KEY_H
28
29#include "sshkey.h"
30
31typedef struct sshkey Key;
32
33#define types sshkey_types
34#define fp_type sshkey_fp_type
35#define fp_rep sshkey_fp_rep
36
37#ifndef SSH_KEY_NO_DEFINE
38#define key_free sshkey_free
39#define key_equal_public sshkey_equal_public
40#define key_equal sshkey_equal
41#define key_type sshkey_type
42#define key_ssh_name sshkey_ssh_name
43#define key_ssh_name_plain sshkey_ssh_name_plain
44#define key_type_from_name sshkey_type_from_name
45#define key_is_cert sshkey_is_cert
46#define key_type_plain sshkey_type_plain
47#endif
48
49void key_free(Key *);
50Key *key_demote(const Key *);
51
52int key_drop_cert(Key *);
53int key_cert_check_authority(const Key *, int, int, const char *,
54 const char **);
55
56Key *key_from_blob(const u_char *, u_int);
57int key_to_blob(const Key *, u_char **, u_int *);
58
59int key_sign(const Key *, u_char **, u_int *, const u_char *, u_int,
60 const char *);
61
62/* authfile.c */
63Key *key_load_cert(const char *);
64Key *key_load_public(const char *, char **);
65Key *key_load_private(const char *, const char *, char **);
66Key *key_load_private_cert(int, const char *, const char *, int *);
67Key *key_load_private_type(int, const char *, const char *, char **, int *);
68
69#endif
diff --git a/log.c b/log.c
index 1559091da..1749af6d1 100644
--- a/log.c
+++ b/log.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: log.c,v 1.50 2017/05/17 01:24:17 djm Exp $ */ 1/* $OpenBSD: log.c,v 1.51 2018/07/27 12:03:17 markus Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -106,6 +106,12 @@ static struct {
106 { NULL, SYSLOG_LEVEL_NOT_SET } 106 { NULL, SYSLOG_LEVEL_NOT_SET }
107}; 107};
108 108
109LogLevel
110log_level_get(void)
111{
112 return log_level;
113}
114
109SyslogFacility 115SyslogFacility
110log_facility_number(char *name) 116log_facility_number(char *name)
111{ 117{
diff --git a/log.h b/log.h
index 78221046c..ef7bea7e1 100644
--- a/log.h
+++ b/log.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: log.h,v 1.22 2017/05/17 01:24:17 djm Exp $ */ 1/* $OpenBSD: log.h,v 1.23 2018/07/27 12:03:17 markus Exp $ */
2 2
3/* 3/*
4 * Author: Tatu Ylonen <ylo@cs.hut.fi> 4 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -49,6 +49,7 @@ typedef enum {
49typedef void (log_handler_fn)(LogLevel, const char *, void *); 49typedef void (log_handler_fn)(LogLevel, const char *, void *);
50 50
51void log_init(char *, LogLevel, SyslogFacility, int); 51void log_init(char *, LogLevel, SyslogFacility, int);
52LogLevel log_level_get(void);
52int log_change_level(LogLevel); 53int log_change_level(LogLevel);
53int log_is_on_stderr(void); 54int log_is_on_stderr(void);
54void log_redirect_stderr_to(const char *); 55void log_redirect_stderr_to(const char *);
diff --git a/loginrec.c b/loginrec.c
index bdbc9bbf4..9a427dec4 100644
--- a/loginrec.c
+++ b/loginrec.c
@@ -168,7 +168,7 @@
168#include <unistd.h> 168#include <unistd.h>
169 169
170#include "xmalloc.h" 170#include "xmalloc.h"
171#include "key.h" 171#include "sshkey.h"
172#include "hostfile.h" 172#include "hostfile.h"
173#include "ssh.h" 173#include "ssh.h"
174#include "loginrec.h" 174#include "loginrec.h"
@@ -177,7 +177,8 @@
177#include "packet.h" 177#include "packet.h"
178#include "canohost.h" 178#include "canohost.h"
179#include "auth.h" 179#include "auth.h"
180#include "buffer.h" 180#include "sshbuf.h"
181#include "ssherr.h"
181 182
182#ifdef HAVE_UTIL_H 183#ifdef HAVE_UTIL_H
183# include <util.h> 184# include <util.h>
@@ -210,7 +211,7 @@ int utmpx_get_entry(struct logininfo *li);
210int wtmp_get_entry(struct logininfo *li); 211int wtmp_get_entry(struct logininfo *li);
211int wtmpx_get_entry(struct logininfo *li); 212int wtmpx_get_entry(struct logininfo *li);
212 213
213extern Buffer loginmsg; 214extern struct sshbuf *loginmsg;
214 215
215/* pick the shortest string */ 216/* pick the shortest string */
216#define MIN_SIZEOF(s1,s2) (sizeof(s1) < sizeof(s2) ? sizeof(s1) : sizeof(s2)) 217#define MIN_SIZEOF(s1,s2) (sizeof(s1) < sizeof(s2) ? sizeof(s1) : sizeof(s2))
diff --git a/match.c b/match.c
index 3cf40306b..bb3e95f67 100644
--- a/match.c
+++ b/match.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: match.c,v 1.37 2017/03/10 04:24:55 djm Exp $ */ 1/* $OpenBSD: match.c,v 1.38 2018/07/04 13:49:31 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -294,16 +294,20 @@ match_list(const char *client, const char *server, u_int *next)
294} 294}
295 295
296/* 296/*
297 * Filters a comma-separated list of strings, excluding any entry matching 297 * Filter proposal using pattern-list filter.
298 * the 'filter' pattern list. Caller must free returned string. 298 * "blacklist" determines sense of filter:
299 * non-zero indicates that items matching filter should be excluded.
300 * zero indicates that only items matching filter should be included.
301 * returns NULL on allocation error, otherwise caller must free result.
299 */ 302 */
300char * 303static char *
301match_filter_list(const char *proposal, const char *filter) 304filter_list(const char *proposal, const char *filter, int blacklist)
302{ 305{
303 size_t len = strlen(proposal) + 1; 306 size_t len = strlen(proposal) + 1;
304 char *fix_prop = malloc(len); 307 char *fix_prop = malloc(len);
305 char *orig_prop = strdup(proposal); 308 char *orig_prop = strdup(proposal);
306 char *cp, *tmp; 309 char *cp, *tmp;
310 int r;
307 311
308 if (fix_prop == NULL || orig_prop == NULL) { 312 if (fix_prop == NULL || orig_prop == NULL) {
309 free(orig_prop); 313 free(orig_prop);
@@ -314,7 +318,8 @@ match_filter_list(const char *proposal, const char *filter)
314 tmp = orig_prop; 318 tmp = orig_prop;
315 *fix_prop = '\0'; 319 *fix_prop = '\0';
316 while ((cp = strsep(&tmp, ",")) != NULL) { 320 while ((cp = strsep(&tmp, ",")) != NULL) {
317 if (match_pattern_list(cp, filter, 0) != 1) { 321 r = match_pattern_list(cp, filter, 0);
322 if ((blacklist && r != 1) || (!blacklist && r == 1)) {
318 if (*fix_prop != '\0') 323 if (*fix_prop != '\0')
319 strlcat(fix_prop, ",", len); 324 strlcat(fix_prop, ",", len);
320 strlcat(fix_prop, cp, len); 325 strlcat(fix_prop, cp, len);
@@ -324,3 +329,22 @@ match_filter_list(const char *proposal, const char *filter)
324 return fix_prop; 329 return fix_prop;
325} 330}
326 331
332/*
333 * Filters a comma-separated list of strings, excluding any entry matching
334 * the 'filter' pattern list. Caller must free returned string.
335 */
336char *
337match_filter_blacklist(const char *proposal, const char *filter)
338{
339 return filter_list(proposal, filter, 1);
340}
341
342/*
343 * Filters a comma-separated list of strings, including only entries matching
344 * the 'filter' pattern list. Caller must free returned string.
345 */
346char *
347match_filter_whitelist(const char *proposal, const char *filter)
348{
349 return filter_list(proposal, filter, 0);
350}
diff --git a/match.h b/match.h
index 937ba0412..852b1a5cb 100644
--- a/match.h
+++ b/match.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: match.h,v 1.17 2017/02/03 23:01:19 djm Exp $ */ 1/* $OpenBSD: match.h,v 1.18 2018/07/04 13:49:31 djm Exp $ */
2 2
3/* 3/*
4 * Author: Tatu Ylonen <ylo@cs.hut.fi> 4 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -20,7 +20,8 @@ int match_hostname(const char *, const char *);
20int match_host_and_ip(const char *, const char *, const char *); 20int match_host_and_ip(const char *, const char *, const char *);
21int match_user(const char *, const char *, const char *, const char *); 21int match_user(const char *, const char *, const char *, const char *);
22char *match_list(const char *, const char *, u_int *); 22char *match_list(const char *, const char *, u_int *);
23char *match_filter_list(const char *, const char *); 23char *match_filter_blacklist(const char *, const char *);
24char *match_filter_whitelist(const char *, const char *);
24 25
25/* addrmatch.c */ 26/* addrmatch.c */
26int addr_match_list(const char *, const char *); 27int addr_match_list(const char *, const char *);
diff --git a/misc.c b/misc.c
index 75c4113f0..2f3dbda0c 100644
--- a/misc.c
+++ b/misc.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: misc.c,v 1.127 2018/03/12 00:52:01 djm Exp $ */ 1/* $OpenBSD: misc.c,v 1.131 2018/07/27 05:13:02 dtucker Exp $ */
2/* 2/*
3 * Copyright (c) 2000 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000 Markus Friedl. All rights reserved.
4 * Copyright (c) 2005,2006 Damien Miller. All rights reserved. 4 * Copyright (c) 2005,2006 Damien Miller. All rights reserved.
@@ -70,7 +70,6 @@
70#include "ssh.h" 70#include "ssh.h"
71#include "sshbuf.h" 71#include "sshbuf.h"
72#include "ssherr.h" 72#include "ssherr.h"
73#include "uidswap.h"
74#include "platform.h" 73#include "platform.h"
75 74
76/* remove newline at end of string */ 75/* remove newline at end of string */
@@ -240,8 +239,8 @@ set_rdomain(int fd, const char *name)
240#define QUOTE "\"" 239#define QUOTE "\""
241 240
242/* return next token in configuration line */ 241/* return next token in configuration line */
243char * 242static char *
244strdelim(char **s) 243strdelim_internal(char **s, int split_equals)
245{ 244{
246 char *old; 245 char *old;
247 int wspace = 0; 246 int wspace = 0;
@@ -251,7 +250,8 @@ strdelim(char **s)
251 250
252 old = *s; 251 old = *s;
253 252
254 *s = strpbrk(*s, WHITESPACE QUOTE "="); 253 *s = strpbrk(*s,
254 split_equals ? WHITESPACE QUOTE "=" : WHITESPACE QUOTE);
255 if (*s == NULL) 255 if (*s == NULL)
256 return (old); 256 return (old);
257 257
@@ -268,18 +268,37 @@ strdelim(char **s)
268 } 268 }
269 269
270 /* Allow only one '=' to be skipped */ 270 /* Allow only one '=' to be skipped */
271 if (*s[0] == '=') 271 if (split_equals && *s[0] == '=')
272 wspace = 1; 272 wspace = 1;
273 *s[0] = '\0'; 273 *s[0] = '\0';
274 274
275 /* Skip any extra whitespace after first token */ 275 /* Skip any extra whitespace after first token */
276 *s += strspn(*s + 1, WHITESPACE) + 1; 276 *s += strspn(*s + 1, WHITESPACE) + 1;
277 if (*s[0] == '=' && !wspace) 277 if (split_equals && *s[0] == '=' && !wspace)
278 *s += strspn(*s + 1, WHITESPACE) + 1; 278 *s += strspn(*s + 1, WHITESPACE) + 1;
279 279
280 return (old); 280 return (old);
281} 281}
282 282
283/*
284 * Return next token in configuration line; splts on whitespace or a
285 * single '=' character.
286 */
287char *
288strdelim(char **s)
289{
290 return strdelim_internal(s, 1);
291}
292
293/*
294 * Return next token in configuration line; splts on whitespace only.
295 */
296char *
297strdelimw(char **s)
298{
299 return strdelim_internal(s, 0);
300}
301
283struct passwd * 302struct passwd *
284pwcopy(struct passwd *pw) 303pwcopy(struct passwd *pw)
285{ 304{
@@ -1006,31 +1025,6 @@ percent_expand(const char *string, ...)
1006#undef EXPAND_MAX_KEYS 1025#undef EXPAND_MAX_KEYS
1007} 1026}
1008 1027
1009/*
1010 * Read an entire line from a public key file into a static buffer, discarding
1011 * lines that exceed the buffer size. Returns 0 on success, -1 on failure.
1012 */
1013int
1014read_keyfile_line(FILE *f, const char *filename, char *buf, size_t bufsz,
1015 u_long *lineno)
1016{
1017 while (fgets(buf, bufsz, f) != NULL) {
1018 if (buf[0] == '\0')
1019 continue;
1020 (*lineno)++;
1021 if (buf[strlen(buf) - 1] == '\n' || feof(f)) {
1022 return 0;
1023 } else {
1024 debug("%s: %s line %lu exceeds size limit", __func__,
1025 filename, *lineno);
1026 /* discard remainder of line */
1027 while (fgetc(f) != '\n' && !feof(f))
1028 ; /* nothing */
1029 }
1030 }
1031 return -1;
1032}
1033
1034int 1028int
1035secure_permissions(struct stat *st, uid_t uid) 1029secure_permissions(struct stat *st, uid_t uid)
1036{ 1030{
@@ -1632,15 +1626,6 @@ forward_equals(const struct Forward *a, const struct Forward *b)
1632 return 1; 1626 return 1;
1633} 1627}
1634 1628
1635/* returns 1 if bind to specified port by specified user is permitted */
1636int
1637bind_permitted(int port, uid_t uid)
1638{
1639 if (port < IPPORT_RESERVED && uid != 0)
1640 return 0;
1641 return 1;
1642}
1643
1644/* returns 1 if process is already daemonized, 0 otherwise */ 1629/* returns 1 if process is already daemonized, 0 otherwise */
1645int 1630int
1646daemonized(void) 1631daemonized(void)
diff --git a/misc.h b/misc.h
index 51943db90..213c3abb7 100644
--- a/misc.h
+++ b/misc.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: misc.h,v 1.71 2018/03/12 00:52:01 djm Exp $ */ 1/* $OpenBSD: misc.h,v 1.74 2018/07/27 05:13:02 dtucker Exp $ */
2 2
3/* 3/*
4 * Author: Tatu Ylonen <ylo@cs.hut.fi> 4 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -31,7 +31,6 @@ struct Forward {
31}; 31};
32 32
33int forward_equals(const struct Forward *, const struct Forward *); 33int forward_equals(const struct Forward *, const struct Forward *);
34int bind_permitted(int, uid_t);
35int daemonized(void); 34int daemonized(void);
36 35
37/* Common server and client forwarding options. */ 36/* Common server and client forwarding options. */
@@ -45,6 +44,7 @@ struct ForwardOptions {
45 44
46char *chop(char *); 45char *chop(char *);
47char *strdelim(char **); 46char *strdelim(char **);
47char *strdelimw(char **);
48int set_nonblock(int); 48int set_nonblock(int);
49int unset_nonblock(int); 49int unset_nonblock(int);
50void set_nodelay(int); 50void set_nodelay(int);
@@ -166,7 +166,6 @@ int safe_path_fd(int, const char *, struct passwd *,
166 166
167char *read_passphrase(const char *, int); 167char *read_passphrase(const char *, int);
168int ask_permission(const char *, ...) __attribute__((format(printf, 1, 2))); 168int ask_permission(const char *, ...) __attribute__((format(printf, 1, 2)));
169int read_keyfile_line(FILE *, const char *, char *, size_t, u_long *);
170 169
171int secure_permissions(struct stat *st, uid_t uid); 170int secure_permissions(struct stat *st, uid_t uid);
172 171
diff --git a/moduli b/moduli
index cf28bd36b..780b2b975 100644
--- a/moduli
+++ b/moduli
@@ -1,407 +1,438 @@
1# $OpenBSD: moduli,v 1.20 2017/11/29 05:49:54 dtucker Exp $ 1# $OpenBSD: moduli,v 1.21 2018/04/03 02:14:08 dtucker Exp $
2# Time Type Tests Tries Size Generator Modulus 2# Time Type Tests Tries Size Generator Modulus
320170623034823 2 6 100 2047 2 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EAE4E76CB 320171129060817 2 6 100 2047 2 F6A83AA30FCC5A1FED886CF60BFAD561F8558C07EC39F7972F8BD034F16AE485A25E223E609D18CBA60DFB74F85637DC6A55E38BA145746B5C2EFC007E1B36B0B179A7756B160A90E6C7AA8D42DC5EF9F96EB654D37EAA3BC2A96CA6F9F60A47E340873B6131B9013ACDB75EBB189B671B8D48BD60D36D2BD4B9D2F5FC828F9989F2E9FEDE3AF8E10343C458CAEC77EBCDD113C75D4F190EFA489835725FD7A0CB3E3A9C30DE03BC5D3991D53A86A25A3F3601171130DBE5F2E6F844F6AE9565261F9110A264A1C61EA0CDDF6DB06F28F9E3B70A482C849E5523932B4F2343E90AC140AC06AB027E293CE2B81BA61021B1B15DDCA48B721AED9AC65210B1E863
420170623034906 2 6 100 2047 2 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EAEB63283 420171129060830 2 6 100 2047 5 F6A83AA30FCC5A1FED886CF60BFAD561F8558C07EC39F7972F8BD034F16AE485A25E223E609D18CBA60DFB74F85637DC6A55E38BA145746B5C2EFC007E1B36B0B179A7756B160A90E6C7AA8D42DC5EF9F96EB654D37EAA3BC2A96CA6F9F60A47E340873B6131B9013ACDB75EBB189B671B8D48BD60D36D2BD4B9D2F5FC828F9989F2E9FEDE3AF8E10343C458CAEC77EBCDD113C75D4F190EFA489835725FD7A0CB3E3A9C30DE03BC5D3991D53A86A25A3F3601171130DBE5F2E6F844F6AE9565261F9110A264A1C61EA0CDDF6DB06F28F9E3B70A482C849E5523932B4F2343E90AC140AC06AB027E293CE2B81BA61021B1B15DDCA48B721AED9AC65210C3D8AF
520170623034928 2 6 100 2047 5 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EAEE49C27 520171129060835 2 6 100 2047 2 F6A83AA30FCC5A1FED886CF60BFAD561F8558C07EC39F7972F8BD034F16AE485A25E223E609D18CBA60DFB74F85637DC6A55E38BA145746B5C2EFC007E1B36B0B179A7756B160A90E6C7AA8D42DC5EF9F96EB654D37EAA3BC2A96CA6F9F60A47E340873B6131B9013ACDB75EBB189B671B8D48BD60D36D2BD4B9D2F5FC828F9989F2E9FEDE3AF8E10343C458CAEC77EBCDD113C75D4F190EFA489835725FD7A0CB3E3A9C30DE03BC5D3991D53A86A25A3F3601171130DBE5F2E6F844F6AE9565261F9110A264A1C61EA0CDDF6DB06F28F9E3B70A482C849E5523932B4F2343E90AC140AC06AB027E293CE2B81BA61021B1B15DDCA48B721AED9AC65210C56383
620170623034936 2 6 100 2047 2 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EAEF2BE1B 620171129060853 2 6 100 2047 5 F6A83AA30FCC5A1FED886CF60BFAD561F8558C07EC39F7972F8BD034F16AE485A25E223E609D18CBA60DFB74F85637DC6A55E38BA145746B5C2EFC007E1B36B0B179A7756B160A90E6C7AA8D42DC5EF9F96EB654D37EAA3BC2A96CA6F9F60A47E340873B6131B9013ACDB75EBB189B671B8D48BD60D36D2BD4B9D2F5FC828F9989F2E9FEDE3AF8E10343C458CAEC77EBCDD113C75D4F190EFA489835725FD7A0CB3E3A9C30DE03BC5D3991D53A86A25A3F3601171130DBE5F2E6F844F6AE9565261F9110A264A1C61EA0CDDF6DB06F28F9E3B70A482C849E5523932B4F2343E90AC140AC06AB027E293CE2B81BA61021B1B15DDCA48B721AED9AC65210E2A407
720170623034957 2 6 100 2047 5 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EAF22F2D7 720171129060928 2 6 100 2047 2 F6A83AA30FCC5A1FED886CF60BFAD561F8558C07EC39F7972F8BD034F16AE485A25E223E609D18CBA60DFB74F85637DC6A55E38BA145746B5C2EFC007E1B36B0B179A7756B160A90E6C7AA8D42DC5EF9F96EB654D37EAA3BC2A96CA6F9F60A47E340873B6131B9013ACDB75EBB189B671B8D48BD60D36D2BD4B9D2F5FC828F9989F2E9FEDE3AF8E10343C458CAEC77EBCDD113C75D4F190EFA489835725FD7A0CB3E3A9C30DE03BC5D3991D53A86A25A3F3601171130DBE5F2E6F844F6AE9565261F9110A264A1C61EA0CDDF6DB06F28F9E3B70A482C849E5523932B4F2343E90AC140AC06AB027E293CE2B81BA61021B1B15DDCA48B721AED9AC652112864BB
820170623035029 2 6 100 2047 5 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EAF68D3A7 820171129060940 2 6 100 2047 5 F6A83AA30FCC5A1FED886CF60BFAD561F8558C07EC39F7972F8BD034F16AE485A25E223E609D18CBA60DFB74F85637DC6A55E38BA145746B5C2EFC007E1B36B0B179A7756B160A90E6C7AA8D42DC5EF9F96EB654D37EAA3BC2A96CA6F9F60A47E340873B6131B9013ACDB75EBB189B671B8D48BD60D36D2BD4B9D2F5FC828F9989F2E9FEDE3AF8E10343C458CAEC77EBCDD113C75D4F190EFA489835725FD7A0CB3E3A9C30DE03BC5D3991D53A86A25A3F3601171130DBE5F2E6F844F6AE9565261F9110A264A1C61EA0CDDF6DB06F28F9E3B70A482C849E5523932B4F2343E90AC140AC06AB027E293CE2B81BA61021B1B15DDCA48B721AED9AC652113A4B2F
920170623035052 2 6 100 2047 2 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EAF9A9793 920171129061019 2 6 100 2047 2 F6A83AA30FCC5A1FED886CF60BFAD561F8558C07EC39F7972F8BD034F16AE485A25E223E609D18CBA60DFB74F85637DC6A55E38BA145746B5C2EFC007E1B36B0B179A7756B160A90E6C7AA8D42DC5EF9F96EB654D37EAA3BC2A96CA6F9F60A47E340873B6131B9013ACDB75EBB189B671B8D48BD60D36D2BD4B9D2F5FC828F9989F2E9FEDE3AF8E10343C458CAEC77EBCDD113C75D4F190EFA489835725FD7A0CB3E3A9C30DE03BC5D3991D53A86A25A3F3601171130DBE5F2E6F844F6AE9565261F9110A264A1C61EA0CDDF6DB06F28F9E3B70A482C849E5523932B4F2343E90AC140AC06AB027E293CE2B81BA61021B1B15DDCA48B721AED9AC652118756EB
1020170623035228 2 6 100 2047 2 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EB085C01B 1020171129061110 2 6 100 2047 2 F6A83AA30FCC5A1FED886CF60BFAD561F8558C07EC39F7972F8BD034F16AE485A25E223E609D18CBA60DFB74F85637DC6A55E38BA145746B5C2EFC007E1B36B0B179A7756B160A90E6C7AA8D42DC5EF9F96EB654D37EAA3BC2A96CA6F9F60A47E340873B6131B9013ACDB75EBB189B671B8D48BD60D36D2BD4B9D2F5FC828F9989F2E9FEDE3AF8E10343C458CAEC77EBCDD113C75D4F190EFA489835725FD7A0CB3E3A9C30DE03BC5D3991D53A86A25A3F3601171130DBE5F2E6F844F6AE9565261F9110A264A1C61EA0CDDF6DB06F28F9E3B70A482C849E5523932B4F2343E90AC140AC06AB027E293CE2B81BA61021B1B15DDCA48B721AED9AC65211ECF08B
1120170623035326 2 6 100 2047 5 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EB1140217 1120171129061125 2 6 100 2047 5 F6A83AA30FCC5A1FED886CF60BFAD561F8558C07EC39F7972F8BD034F16AE485A25E223E609D18CBA60DFB74F85637DC6A55E38BA145746B5C2EFC007E1B36B0B179A7756B160A90E6C7AA8D42DC5EF9F96EB654D37EAA3BC2A96CA6F9F60A47E340873B6131B9013ACDB75EBB189B671B8D48BD60D36D2BD4B9D2F5FC828F9989F2E9FEDE3AF8E10343C458CAEC77EBCDD113C75D4F190EFA489835725FD7A0CB3E3A9C30DE03BC5D3991D53A86A25A3F3601171130DBE5F2E6F844F6AE9565261F9110A264A1C61EA0CDDF6DB06F28F9E3B70A482C849E5523932B4F2343E90AC140AC06AB027E293CE2B81BA61021B1B15DDCA48B721AED9AC6521205BFC7
1220170623035332 2 6 100 2047 5 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EB11ACBD7 1220171129061139 2 6 100 2047 2 F6A83AA30FCC5A1FED886CF60BFAD561F8558C07EC39F7972F8BD034F16AE485A25E223E609D18CBA60DFB74F85637DC6A55E38BA145746B5C2EFC007E1B36B0B179A7756B160A90E6C7AA8D42DC5EF9F96EB654D37EAA3BC2A96CA6F9F60A47E340873B6131B9013ACDB75EBB189B671B8D48BD60D36D2BD4B9D2F5FC828F9989F2E9FEDE3AF8E10343C458CAEC77EBCDD113C75D4F190EFA489835725FD7A0CB3E3A9C30DE03BC5D3991D53A86A25A3F3601171130DBE5F2E6F844F6AE9565261F9110A264A1C61EA0CDDF6DB06F28F9E3B70A482C849E5523932B4F2343E90AC140AC06AB027E293CE2B81BA61021B1B15DDCA48B721AED9AC652121B156B
1320170623035408 2 6 100 2047 5 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EB16AD187 1320171129061144 2 6 100 2047 5 F6A83AA30FCC5A1FED886CF60BFAD561F8558C07EC39F7972F8BD034F16AE485A25E223E609D18CBA60DFB74F85637DC6A55E38BA145746B5C2EFC007E1B36B0B179A7756B160A90E6C7AA8D42DC5EF9F96EB654D37EAA3BC2A96CA6F9F60A47E340873B6131B9013ACDB75EBB189B671B8D48BD60D36D2BD4B9D2F5FC828F9989F2E9FEDE3AF8E10343C458CAEC77EBCDD113C75D4F190EFA489835725FD7A0CB3E3A9C30DE03BC5D3991D53A86A25A3F3601171130DBE5F2E6F844F6AE9565261F9110A264A1C61EA0CDDF6DB06F28F9E3B70A482C849E5523932B4F2343E90AC140AC06AB027E293CE2B81BA61021B1B15DDCA48B721AED9AC652121DB6C7
1420170623035414 2 6 100 2047 2 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EB1737B53 1420171129061155 2 6 100 2047 2 F6A83AA30FCC5A1FED886CF60BFAD561F8558C07EC39F7972F8BD034F16AE485A25E223E609D18CBA60DFB74F85637DC6A55E38BA145746B5C2EFC007E1B36B0B179A7756B160A90E6C7AA8D42DC5EF9F96EB654D37EAA3BC2A96CA6F9F60A47E340873B6131B9013ACDB75EBB189B671B8D48BD60D36D2BD4B9D2F5FC828F9989F2E9FEDE3AF8E10343C458CAEC77EBCDD113C75D4F190EFA489835725FD7A0CB3E3A9C30DE03BC5D3991D53A86A25A3F3601171130DBE5F2E6F844F6AE9565261F9110A264A1C61EA0CDDF6DB06F28F9E3B70A482C849E5523932B4F2343E90AC140AC06AB027E293CE2B81BA61021B1B15DDCA48B721AED9AC652122E3A4B
1520170623035442 2 6 100 2047 2 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EB1B1C483 1520171129061219 2 6 100 2047 2 F6A83AA30FCC5A1FED886CF60BFAD561F8558C07EC39F7972F8BD034F16AE485A25E223E609D18CBA60DFB74F85637DC6A55E38BA145746B5C2EFC007E1B36B0B179A7756B160A90E6C7AA8D42DC5EF9F96EB654D37EAA3BC2A96CA6F9F60A47E340873B6131B9013ACDB75EBB189B671B8D48BD60D36D2BD4B9D2F5FC828F9989F2E9FEDE3AF8E10343C458CAEC77EBCDD113C75D4F190EFA489835725FD7A0CB3E3A9C30DE03BC5D3991D53A86A25A3F3601171130DBE5F2E6F844F6AE9565261F9110A264A1C61EA0CDDF6DB06F28F9E3B70A482C849E5523932B4F2343E90AC140AC06AB027E293CE2B81BA61021B1B15DDCA48B721AED9AC6521258E75B
1620170623035454 2 6 100 2047 2 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EB1C8B93B 1620171129061248 2 6 100 2047 2 F6A83AA30FCC5A1FED886CF60BFAD561F8558C07EC39F7972F8BD034F16AE485A25E223E609D18CBA60DFB74F85637DC6A55E38BA145746B5C2EFC007E1B36B0B179A7756B160A90E6C7AA8D42DC5EF9F96EB654D37EAA3BC2A96CA6F9F60A47E340873B6131B9013ACDB75EBB189B671B8D48BD60D36D2BD4B9D2F5FC828F9989F2E9FEDE3AF8E10343C458CAEC77EBCDD113C75D4F190EFA489835725FD7A0CB3E3A9C30DE03BC5D3991D53A86A25A3F3601171130DBE5F2E6F844F6AE9565261F9110A264A1C61EA0CDDF6DB06F28F9E3B70A482C849E5523932B4F2343E90AC140AC06AB027E293CE2B81BA61021B1B15DDCA48B721AED9AC652128E21EB
1720170623035510 2 6 100 2047 2 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EB1EAD06B 1720171129061255 2 6 100 2047 2 F6A83AA30FCC5A1FED886CF60BFAD561F8558C07EC39F7972F8BD034F16AE485A25E223E609D18CBA60DFB74F85637DC6A55E38BA145746B5C2EFC007E1B36B0B179A7756B160A90E6C7AA8D42DC5EF9F96EB654D37EAA3BC2A96CA6F9F60A47E340873B6131B9013ACDB75EBB189B671B8D48BD60D36D2BD4B9D2F5FC828F9989F2E9FEDE3AF8E10343C458CAEC77EBCDD113C75D4F190EFA489835725FD7A0CB3E3A9C30DE03BC5D3991D53A86A25A3F3601171130DBE5F2E6F844F6AE9565261F9110A264A1C61EA0CDDF6DB06F28F9E3B70A482C849E5523932B4F2343E90AC140AC06AB027E293CE2B81BA61021B1B15DDCA48B721AED9AC6521294FDC3
1820170623035525 2 6 100 2047 2 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EB208DA8B 1820171129061331 2 6 100 2047 2 F6A83AA30FCC5A1FED886CF60BFAD561F8558C07EC39F7972F8BD034F16AE485A25E223E609D18CBA60DFB74F85637DC6A55E38BA145746B5C2EFC007E1B36B0B179A7756B160A90E6C7AA8D42DC5EF9F96EB654D37EAA3BC2A96CA6F9F60A47E340873B6131B9013ACDB75EBB189B671B8D48BD60D36D2BD4B9D2F5FC828F9989F2E9FEDE3AF8E10343C458CAEC77EBCDD113C75D4F190EFA489835725FD7A0CB3E3A9C30DE03BC5D3991D53A86A25A3F3601171130DBE5F2E6F844F6AE9565261F9110A264A1C61EA0CDDF6DB06F28F9E3B70A482C849E5523932B4F2343E90AC140AC06AB027E293CE2B81BA61021B1B15DDCA48B721AED9AC65212DB195B
1920170623035553 2 6 100 2047 5 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EB2498F17 1920171129061336 2 6 100 2047 2 F6A83AA30FCC5A1FED886CF60BFAD561F8558C07EC39F7972F8BD034F16AE485A25E223E609D18CBA60DFB74F85637DC6A55E38BA145746B5C2EFC007E1B36B0B179A7756B160A90E6C7AA8D42DC5EF9F96EB654D37EAA3BC2A96CA6F9F60A47E340873B6131B9013ACDB75EBB189B671B8D48BD60D36D2BD4B9D2F5FC828F9989F2E9FEDE3AF8E10343C458CAEC77EBCDD113C75D4F190EFA489835725FD7A0CB3E3A9C30DE03BC5D3991D53A86A25A3F3601171130DBE5F2E6F844F6AE9565261F9110A264A1C61EA0CDDF6DB06F28F9E3B70A482C849E5523932B4F2343E90AC140AC06AB027E293CE2B81BA61021B1B15DDCA48B721AED9AC65212DD4653
2020170623035604 2 6 100 2047 2 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EB25D82D3 2020171129061427 2 6 100 2047 5 F6A83AA30FCC5A1FED886CF60BFAD561F8558C07EC39F7972F8BD034F16AE485A25E223E609D18CBA60DFB74F85637DC6A55E38BA145746B5C2EFC007E1B36B0B179A7756B160A90E6C7AA8D42DC5EF9F96EB654D37EAA3BC2A96CA6F9F60A47E340873B6131B9013ACDB75EBB189B671B8D48BD60D36D2BD4B9D2F5FC828F9989F2E9FEDE3AF8E10343C458CAEC77EBCDD113C75D4F190EFA489835725FD7A0CB3E3A9C30DE03BC5D3991D53A86A25A3F3601171130DBE5F2E6F844F6AE9565261F9110A264A1C61EA0CDDF6DB06F28F9E3B70A482C849E5523932B4F2343E90AC140AC06AB027E293CE2B81BA61021B1B15DDCA48B721AED9AC6521341B5DF
2120170623035609 2 6 100 2047 5 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EB262420F 2120171129061437 2 6 100 2047 2 F6A83AA30FCC5A1FED886CF60BFAD561F8558C07EC39F7972F8BD034F16AE485A25E223E609D18CBA60DFB74F85637DC6A55E38BA145746B5C2EFC007E1B36B0B179A7756B160A90E6C7AA8D42DC5EF9F96EB654D37EAA3BC2A96CA6F9F60A47E340873B6131B9013ACDB75EBB189B671B8D48BD60D36D2BD4B9D2F5FC828F9989F2E9FEDE3AF8E10343C458CAEC77EBCDD113C75D4F190EFA489835725FD7A0CB3E3A9C30DE03BC5D3991D53A86A25A3F3601171130DBE5F2E6F844F6AE9565261F9110A264A1C61EA0CDDF6DB06F28F9E3B70A482C849E5523932B4F2343E90AC140AC06AB027E293CE2B81BA61021B1B15DDCA48B721AED9AC652134DD68B
2220170623035735 2 6 100 2047 5 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EB3376DEF 2220171129061446 2 6 100 2047 2 F6A83AA30FCC5A1FED886CF60BFAD561F8558C07EC39F7972F8BD034F16AE485A25E223E609D18CBA60DFB74F85637DC6A55E38BA145746B5C2EFC007E1B36B0B179A7756B160A90E6C7AA8D42DC5EF9F96EB654D37EAA3BC2A96CA6F9F60A47E340873B6131B9013ACDB75EBB189B671B8D48BD60D36D2BD4B9D2F5FC828F9989F2E9FEDE3AF8E10343C458CAEC77EBCDD113C75D4F190EFA489835725FD7A0CB3E3A9C30DE03BC5D3991D53A86A25A3F3601171130DBE5F2E6F844F6AE9565261F9110A264A1C61EA0CDDF6DB06F28F9E3B70A482C849E5523932B4F2343E90AC140AC06AB027E293CE2B81BA61021B1B15DDCA48B721AED9AC652135A0283
2320170623035801 2 6 100 2047 2 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EB370E193 2320171129061500 2 6 100 2047 5 F6A83AA30FCC5A1FED886CF60BFAD561F8558C07EC39F7972F8BD034F16AE485A25E223E609D18CBA60DFB74F85637DC6A55E38BA145746B5C2EFC007E1B36B0B179A7756B160A90E6C7AA8D42DC5EF9F96EB654D37EAA3BC2A96CA6F9F60A47E340873B6131B9013ACDB75EBB189B671B8D48BD60D36D2BD4B9D2F5FC828F9989F2E9FEDE3AF8E10343C458CAEC77EBCDD113C75D4F190EFA489835725FD7A0CB3E3A9C30DE03BC5D3991D53A86A25A3F3601171130DBE5F2E6F844F6AE9565261F9110A264A1C61EA0CDDF6DB06F28F9E3B70A482C849E5523932B4F2343E90AC140AC06AB027E293CE2B81BA61021B1B15DDCA48B721AED9AC652136FF967
2420170623035916 2 6 100 2047 5 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EB426D9CF 2420171129061601 2 6 100 2047 5 F6A83AA30FCC5A1FED886CF60BFAD561F8558C07EC39F7972F8BD034F16AE485A25E223E609D18CBA60DFB74F85637DC6A55E38BA145746B5C2EFC007E1B36B0B179A7756B160A90E6C7AA8D42DC5EF9F96EB654D37EAA3BC2A96CA6F9F60A47E340873B6131B9013ACDB75EBB189B671B8D48BD60D36D2BD4B9D2F5FC828F9989F2E9FEDE3AF8E10343C458CAEC77EBCDD113C75D4F190EFA489835725FD7A0CB3E3A9C30DE03BC5D3991D53A86A25A3F3601171130DBE5F2E6F844F6AE9565261F9110A264A1C61EA0CDDF6DB06F28F9E3B70A482C849E5523932B4F2343E90AC140AC06AB027E293CE2B81BA61021B1B15DDCA48B721AED9AC65213E379AF
2520170623035935 2 6 100 2047 2 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EB44E559B 2520171129061606 2 6 100 2047 2 F6A83AA30FCC5A1FED886CF60BFAD561F8558C07EC39F7972F8BD034F16AE485A25E223E609D18CBA60DFB74F85637DC6A55E38BA145746B5C2EFC007E1B36B0B179A7756B160A90E6C7AA8D42DC5EF9F96EB654D37EAA3BC2A96CA6F9F60A47E340873B6131B9013ACDB75EBB189B671B8D48BD60D36D2BD4B9D2F5FC828F9989F2E9FEDE3AF8E10343C458CAEC77EBCDD113C75D4F190EFA489835725FD7A0CB3E3A9C30DE03BC5D3991D53A86A25A3F3601171130DBE5F2E6F844F6AE9565261F9110A264A1C61EA0CDDF6DB06F28F9E3B70A482C849E5523932B4F2343E90AC140AC06AB027E293CE2B81BA61021B1B15DDCA48B721AED9AC65213E53213
2620170623035955 2 6 100 2047 5 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EB4777177 2620171129061704 2 6 100 2047 2 F6A83AA30FCC5A1FED886CF60BFAD561F8558C07EC39F7972F8BD034F16AE485A25E223E609D18CBA60DFB74F85637DC6A55E38BA145746B5C2EFC007E1B36B0B179A7756B160A90E6C7AA8D42DC5EF9F96EB654D37EAA3BC2A96CA6F9F60A47E340873B6131B9013ACDB75EBB189B671B8D48BD60D36D2BD4B9D2F5FC828F9989F2E9FEDE3AF8E10343C458CAEC77EBCDD113C75D4F190EFA489835725FD7A0CB3E3A9C30DE03BC5D3991D53A86A25A3F3601171130DBE5F2E6F844F6AE9565261F9110A264A1C61EA0CDDF6DB06F28F9E3B70A482C849E5523932B4F2343E90AC140AC06AB027E293CE2B81BA61021B1B15DDCA48B721AED9AC6521459419B
2720170623040012 2 6 100 2047 5 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EB4995E77 2720171129061720 2 6 100 2047 5 F6A83AA30FCC5A1FED886CF60BFAD561F8558C07EC39F7972F8BD034F16AE485A25E223E609D18CBA60DFB74F85637DC6A55E38BA145746B5C2EFC007E1B36B0B179A7756B160A90E6C7AA8D42DC5EF9F96EB654D37EAA3BC2A96CA6F9F60A47E340873B6131B9013ACDB75EBB189B671B8D48BD60D36D2BD4B9D2F5FC828F9989F2E9FEDE3AF8E10343C458CAEC77EBCDD113C75D4F190EFA489835725FD7A0CB3E3A9C30DE03BC5D3991D53A86A25A3F3601171130DBE5F2E6F844F6AE9565261F9110A264A1C61EA0CDDF6DB06F28F9E3B70A482C849E5523932B4F2343E90AC140AC06AB027E293CE2B81BA61021B1B15DDCA48B721AED9AC6521471A4D7
2820170623040023 2 6 100 2047 2 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EB4ACAF8B 2820171129061822 2 6 100 2047 5 F6A83AA30FCC5A1FED886CF60BFAD561F8558C07EC39F7972F8BD034F16AE485A25E223E609D18CBA60DFB74F85637DC6A55E38BA145746B5C2EFC007E1B36B0B179A7756B160A90E6C7AA8D42DC5EF9F96EB654D37EAA3BC2A96CA6F9F60A47E340873B6131B9013ACDB75EBB189B671B8D48BD60D36D2BD4B9D2F5FC828F9989F2E9FEDE3AF8E10343C458CAEC77EBCDD113C75D4F190EFA489835725FD7A0CB3E3A9C30DE03BC5D3991D53A86A25A3F3601171130DBE5F2E6F844F6AE9565261F9110A264A1C61EA0CDDF6DB06F28F9E3B70A482C849E5523932B4F2343E90AC140AC06AB027E293CE2B81BA61021B1B15DDCA48B721AED9AC65214F0057F
2920170623040032 2 6 100 2047 2 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EB4BB1ADB 2920171129061829 2 6 100 2047 5 F6A83AA30FCC5A1FED886CF60BFAD561F8558C07EC39F7972F8BD034F16AE485A25E223E609D18CBA60DFB74F85637DC6A55E38BA145746B5C2EFC007E1B36B0B179A7756B160A90E6C7AA8D42DC5EF9F96EB654D37EAA3BC2A96CA6F9F60A47E340873B6131B9013ACDB75EBB189B671B8D48BD60D36D2BD4B9D2F5FC828F9989F2E9FEDE3AF8E10343C458CAEC77EBCDD113C75D4F190EFA489835725FD7A0CB3E3A9C30DE03BC5D3991D53A86A25A3F3601171130DBE5F2E6F844F6AE9565261F9110A264A1C61EA0CDDF6DB06F28F9E3B70A482C849E5523932B4F2343E90AC140AC06AB027E293CE2B81BA61021B1B15DDCA48B721AED9AC65214F60057
3020170623040120 2 6 100 2047 5 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EB52D4F1F 3020171129061843 2 6 100 2047 2 F6A83AA30FCC5A1FED886CF60BFAD561F8558C07EC39F7972F8BD034F16AE485A25E223E609D18CBA60DFB74F85637DC6A55E38BA145746B5C2EFC007E1B36B0B179A7756B160A90E6C7AA8D42DC5EF9F96EB654D37EAA3BC2A96CA6F9F60A47E340873B6131B9013ACDB75EBB189B671B8D48BD60D36D2BD4B9D2F5FC828F9989F2E9FEDE3AF8E10343C458CAEC77EBCDD113C75D4F190EFA489835725FD7A0CB3E3A9C30DE03BC5D3991D53A86A25A3F3601171130DBE5F2E6F844F6AE9565261F9110A264A1C61EA0CDDF6DB06F28F9E3B70A482C849E5523932B4F2343E90AC140AC06AB027E293CE2B81BA61021B1B15DDCA48B721AED9AC652150D5E63
3120170623040131 2 6 100 2047 2 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EB542306B 3120171129061855 2 6 100 2047 5 F6A83AA30FCC5A1FED886CF60BFAD561F8558C07EC39F7972F8BD034F16AE485A25E223E609D18CBA60DFB74F85637DC6A55E38BA145746B5C2EFC007E1B36B0B179A7756B160A90E6C7AA8D42DC5EF9F96EB654D37EAA3BC2A96CA6F9F60A47E340873B6131B9013ACDB75EBB189B671B8D48BD60D36D2BD4B9D2F5FC828F9989F2E9FEDE3AF8E10343C458CAEC77EBCDD113C75D4F190EFA489835725FD7A0CB3E3A9C30DE03BC5D3991D53A86A25A3F3601171130DBE5F2E6F844F6AE9565261F9110A264A1C61EA0CDDF6DB06F28F9E3B70A482C849E5523932B4F2343E90AC140AC06AB027E293CE2B81BA61021B1B15DDCA48B721AED9AC65215200027
3220170623040202 2 6 100 2047 5 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EB5899CB7 3220171129061901 2 6 100 2047 5 F6A83AA30FCC5A1FED886CF60BFAD561F8558C07EC39F7972F8BD034F16AE485A25E223E609D18CBA60DFB74F85637DC6A55E38BA145746B5C2EFC007E1B36B0B179A7756B160A90E6C7AA8D42DC5EF9F96EB654D37EAA3BC2A96CA6F9F60A47E340873B6131B9013ACDB75EBB189B671B8D48BD60D36D2BD4B9D2F5FC828F9989F2E9FEDE3AF8E10343C458CAEC77EBCDD113C75D4F190EFA489835725FD7A0CB3E3A9C30DE03BC5D3991D53A86A25A3F3601171130DBE5F2E6F844F6AE9565261F9110A264A1C61EA0CDDF6DB06F28F9E3B70A482C849E5523932B4F2343E90AC140AC06AB027E293CE2B81BA61021B1B15DDCA48B721AED9AC6521525622F
3320170623040216 2 6 100 2047 2 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EB5A317FB 3320171129061942 2 6 100 2047 5 F6A83AA30FCC5A1FED886CF60BFAD561F8558C07EC39F7972F8BD034F16AE485A25E223E609D18CBA60DFB74F85637DC6A55E38BA145746B5C2EFC007E1B36B0B179A7756B160A90E6C7AA8D42DC5EF9F96EB654D37EAA3BC2A96CA6F9F60A47E340873B6131B9013ACDB75EBB189B671B8D48BD60D36D2BD4B9D2F5FC828F9989F2E9FEDE3AF8E10343C458CAEC77EBCDD113C75D4F190EFA489835725FD7A0CB3E3A9C30DE03BC5D3991D53A86A25A3F3601171130DBE5F2E6F844F6AE9565261F9110A264A1C61EA0CDDF6DB06F28F9E3B70A482C849E5523932B4F2343E90AC140AC06AB027E293CE2B81BA61021B1B15DDCA48B721AED9AC6521578C59F
3420170623040224 2 6 100 2047 2 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EB5AEBE43 3420171129061951 2 6 100 2047 2 F6A83AA30FCC5A1FED886CF60BFAD561F8558C07EC39F7972F8BD034F16AE485A25E223E609D18CBA60DFB74F85637DC6A55E38BA145746B5C2EFC007E1B36B0B179A7756B160A90E6C7AA8D42DC5EF9F96EB654D37EAA3BC2A96CA6F9F60A47E340873B6131B9013ACDB75EBB189B671B8D48BD60D36D2BD4B9D2F5FC828F9989F2E9FEDE3AF8E10343C458CAEC77EBCDD113C75D4F190EFA489835725FD7A0CB3E3A9C30DE03BC5D3991D53A86A25A3F3601171130DBE5F2E6F844F6AE9565261F9110A264A1C61EA0CDDF6DB06F28F9E3B70A482C849E5523932B4F2343E90AC140AC06AB027E293CE2B81BA61021B1B15DDCA48B721AED9AC6521582692B
3520170623040246 2 6 100 2047 5 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EB5E190BF 3520171129062008 2 6 100 2047 5 F6A83AA30FCC5A1FED886CF60BFAD561F8558C07EC39F7972F8BD034F16AE485A25E223E609D18CBA60DFB74F85637DC6A55E38BA145746B5C2EFC007E1B36B0B179A7756B160A90E6C7AA8D42DC5EF9F96EB654D37EAA3BC2A96CA6F9F60A47E340873B6131B9013ACDB75EBB189B671B8D48BD60D36D2BD4B9D2F5FC828F9989F2E9FEDE3AF8E10343C458CAEC77EBCDD113C75D4F190EFA489835725FD7A0CB3E3A9C30DE03BC5D3991D53A86A25A3F3601171130DBE5F2E6F844F6AE9565261F9110A264A1C61EA0CDDF6DB06F28F9E3B70A482C849E5523932B4F2343E90AC140AC06AB027E293CE2B81BA61021B1B15DDCA48B721AED9AC652159DB0EF
3620170623040254 2 6 100 2047 2 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EB5EBE533 3620171129062015 2 6 100 2047 2 F6A83AA30FCC5A1FED886CF60BFAD561F8558C07EC39F7972F8BD034F16AE485A25E223E609D18CBA60DFB74F85637DC6A55E38BA145746B5C2EFC007E1B36B0B179A7756B160A90E6C7AA8D42DC5EF9F96EB654D37EAA3BC2A96CA6F9F60A47E340873B6131B9013ACDB75EBB189B671B8D48BD60D36D2BD4B9D2F5FC828F9989F2E9FEDE3AF8E10343C458CAEC77EBCDD113C75D4F190EFA489835725FD7A0CB3E3A9C30DE03BC5D3991D53A86A25A3F3601171130DBE5F2E6F844F6AE9565261F9110A264A1C61EA0CDDF6DB06F28F9E3B70A482C849E5523932B4F2343E90AC140AC06AB027E293CE2B81BA61021B1B15DDCA48B721AED9AC65215A1F453
3720170623040334 2 6 100 2047 5 F740D04A6CFD4547DDBE874AEED3DF220F4ABD1EEA9BB022EDB3019835812EB327F3F0BBD0D137702856B499924C1A0D78D467EFBCB2215008FC3918FF88710ED5CA4F3554494F3AC374C8695B1DA006470F1C5C751825389DF3FBAC83DFEFAE2B07FA30E3B6B13D2BF9FAA27DCBD03FEB6847F08C3C6C89B04366A78D8C43E1E26B63ED5BB9A3E1AAE00BD4A4BF058B41B70E9F599C7DAE2E42701C68FDDEFE7213432E77342F785D64B723FF33A2D9C6F85F149776F898EF8BEFE3D03D2163974A3C0F13520F4BE92A246DED5A6FC997B2657D1A72A1210E881D0A0F14E93522268E3D8FFB84ABB3B9B064985E891C7C0DC09E166008A5E13A777EB649ECAF 3720171129062045 2 6 100 2047 5 F6A83AA30FCC5A1FED886CF60BFAD561F8558C07EC39F7972F8BD034F16AE485A25E223E609D18CBA60DFB74F85637DC6A55E38BA145746B5C2EFC007E1B36B0B179A7756B160A90E6C7AA8D42DC5EF9F96EB654D37EAA3BC2A96CA6F9F60A47E340873B6131B9013ACDB75EBB189B671B8D48BD60D36D2BD4B9D2F5FC828F9989F2E9FEDE3AF8E10343C458CAEC77EBCDD113C75D4F190EFA489835725FD7A0CB3E3A9C30DE03BC5D3991D53A86A25A3F3601171130DBE5F2E6F844F6AE9565261F9110A264A1C61EA0CDDF6DB06F28F9E3B70A482C849E5523932B4F2343E90AC140AC06AB027E293CE2B81BA61021B1B15DDCA48B721AED9AC65215DD99B7
3820170623040448 2 6 100 2047 2 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3C4B50D13 3820171129062054 2 6 100 2047 5 F6A83AA30FCC5A1FED886CF60BFAD561F8558C07EC39F7972F8BD034F16AE485A25E223E609D18CBA60DFB74F85637DC6A55E38BA145746B5C2EFC007E1B36B0B179A7756B160A90E6C7AA8D42DC5EF9F96EB654D37EAA3BC2A96CA6F9F60A47E340873B6131B9013ACDB75EBB189B671B8D48BD60D36D2BD4B9D2F5FC828F9989F2E9FEDE3AF8E10343C458CAEC77EBCDD113C75D4F190EFA489835725FD7A0CB3E3A9C30DE03BC5D3991D53A86A25A3F3601171130DBE5F2E6F844F6AE9565261F9110A264A1C61EA0CDDF6DB06F28F9E3B70A482C849E5523932B4F2343E90AC140AC06AB027E293CE2B81BA61021B1B15DDCA48B721AED9AC65215E9E31F
3920170623040459 2 6 100 2047 5 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3C4C9F477 3920171129062130 2 6 100 2047 5 F6A83AA30FCC5A1FED886CF60BFAD561F8558C07EC39F7972F8BD034F16AE485A25E223E609D18CBA60DFB74F85637DC6A55E38BA145746B5C2EFC007E1B36B0B179A7756B160A90E6C7AA8D42DC5EF9F96EB654D37EAA3BC2A96CA6F9F60A47E340873B6131B9013ACDB75EBB189B671B8D48BD60D36D2BD4B9D2F5FC828F9989F2E9FEDE3AF8E10343C458CAEC77EBCDD113C75D4F190EFA489835725FD7A0CB3E3A9C30DE03BC5D3991D53A86A25A3F3601171130DBE5F2E6F844F6AE9565261F9110A264A1C61EA0CDDF6DB06F28F9E3B70A482C849E5523932B4F2343E90AC140AC06AB027E293CE2B81BA61021B1B15DDCA48B721AED9AC652162FE18F
4020170623040510 2 6 100 2047 2 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3C4DDC50B 4020171129062138 2 6 100 2047 5 F6A83AA30FCC5A1FED886CF60BFAD561F8558C07EC39F7972F8BD034F16AE485A25E223E609D18CBA60DFB74F85637DC6A55E38BA145746B5C2EFC007E1B36B0B179A7756B160A90E6C7AA8D42DC5EF9F96EB654D37EAA3BC2A96CA6F9F60A47E340873B6131B9013ACDB75EBB189B671B8D48BD60D36D2BD4B9D2F5FC828F9989F2E9FEDE3AF8E10343C458CAEC77EBCDD113C75D4F190EFA489835725FD7A0CB3E3A9C30DE03BC5D3991D53A86A25A3F3601171130DBE5F2E6F844F6AE9565261F9110A264A1C61EA0CDDF6DB06F28F9E3B70A482C849E5523932B4F2343E90AC140AC06AB027E293CE2B81BA61021B1B15DDCA48B721AED9AC6521639C1E7
4120170623040603 2 6 100 2047 5 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3C55E2BE7 4120171129062159 2 6 100 2047 2 F6A83AA30FCC5A1FED886CF60BFAD561F8558C07EC39F7972F8BD034F16AE485A25E223E609D18CBA60DFB74F85637DC6A55E38BA145746B5C2EFC007E1B36B0B179A7756B160A90E6C7AA8D42DC5EF9F96EB654D37EAA3BC2A96CA6F9F60A47E340873B6131B9013ACDB75EBB189B671B8D48BD60D36D2BD4B9D2F5FC828F9989F2E9FEDE3AF8E10343C458CAEC77EBCDD113C75D4F190EFA489835725FD7A0CB3E3A9C30DE03BC5D3991D53A86A25A3F3601171130DBE5F2E6F844F6AE9565261F9110A264A1C61EA0CDDF6DB06F28F9E3B70A482C849E5523932B4F2343E90AC140AC06AB027E293CE2B81BA61021B1B15DDCA48B721AED9AC652165F37BB
4220170623040614 2 6 100 2047 5 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3C5715757 4220171129062221 2 6 100 2047 5 F6A83AA30FCC5A1FED886CF60BFAD561F8558C07EC39F7972F8BD034F16AE485A25E223E609D18CBA60DFB74F85637DC6A55E38BA145746B5C2EFC007E1B36B0B179A7756B160A90E6C7AA8D42DC5EF9F96EB654D37EAA3BC2A96CA6F9F60A47E340873B6131B9013ACDB75EBB189B671B8D48BD60D36D2BD4B9D2F5FC828F9989F2E9FEDE3AF8E10343C458CAEC77EBCDD113C75D4F190EFA489835725FD7A0CB3E3A9C30DE03BC5D3991D53A86A25A3F3601171130DBE5F2E6F844F6AE9565261F9110A264A1C61EA0CDDF6DB06F28F9E3B70A482C849E5523932B4F2343E90AC140AC06AB027E293CE2B81BA61021B1B15DDCA48B721AED9AC65216873C97
4320170623040626 2 6 100 2047 5 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3C58A0617 4320171129062228 2 6 100 2047 2 F6A83AA30FCC5A1FED886CF60BFAD561F8558C07EC39F7972F8BD034F16AE485A25E223E609D18CBA60DFB74F85637DC6A55E38BA145746B5C2EFC007E1B36B0B179A7756B160A90E6C7AA8D42DC5EF9F96EB654D37EAA3BC2A96CA6F9F60A47E340873B6131B9013ACDB75EBB189B671B8D48BD60D36D2BD4B9D2F5FC828F9989F2E9FEDE3AF8E10343C458CAEC77EBCDD113C75D4F190EFA489835725FD7A0CB3E3A9C30DE03BC5D3991D53A86A25A3F3601171130DBE5F2E6F844F6AE9565261F9110A264A1C61EA0CDDF6DB06F28F9E3B70A482C849E5523932B4F2343E90AC140AC06AB027E293CE2B81BA61021B1B15DDCA48B721AED9AC652168EBECB
4420170623040632 2 6 100 2047 5 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3C5910FF7 4420171129062350 2 6 100 2047 2 F6A83AA30FCC5A1FED886CF60BFAD561F8558C07EC39F7972F8BD034F16AE485A25E223E609D18CBA60DFB74F85637DC6A55E38BA145746B5C2EFC007E1B36B0B179A7756B160A90E6C7AA8D42DC5EF9F96EB654D37EAA3BC2A96CA6F9F60A47E340873B6131B9013ACDB75EBB189B671B8D48BD60D36D2BD4B9D2F5FC828F9989F2E9FEDE3AF8E10343C458CAEC77EBCDD113C75D4F190EFA489835725FD7A0CB3E3A9C30DE03BC5D3991D53A86A25A3F3601171130DBE5F2E6F844F6AE9565261F9110A264A1C61EA0CDDF6DB06F28F9E3B70A482C849E5523932B4F2343E90AC140AC06AB027E293CE2B81BA61021B1B15DDCA48B721AED9AC6521738FF13
4520170623040709 2 6 100 2047 2 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3C5E85ABB 4520171129062433 2 6 100 2047 5 F6A83AA30FCC5A1FED886CF60BFAD561F8558C07EC39F7972F8BD034F16AE485A25E223E609D18CBA60DFB74F85637DC6A55E38BA145746B5C2EFC007E1B36B0B179A7756B160A90E6C7AA8D42DC5EF9F96EB654D37EAA3BC2A96CA6F9F60A47E340873B6131B9013ACDB75EBB189B671B8D48BD60D36D2BD4B9D2F5FC828F9989F2E9FEDE3AF8E10343C458CAEC77EBCDD113C75D4F190EFA489835725FD7A0CB3E3A9C30DE03BC5D3991D53A86A25A3F3601171130DBE5F2E6F844F6AE9565261F9110A264A1C61EA0CDDF6DB06F28F9E3B70A482C849E5523932B4F2343E90AC140AC06AB027E293CE2B81BA61021B1B15DDCA48B721AED9AC652178ED13F
4620170623040729 2 6 100 2047 5 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3C61714B7 4620171129062446 2 6 100 2047 5 F6A83AA30FCC5A1FED886CF60BFAD561F8558C07EC39F7972F8BD034F16AE485A25E223E609D18CBA60DFB74F85637DC6A55E38BA145746B5C2EFC007E1B36B0B179A7756B160A90E6C7AA8D42DC5EF9F96EB654D37EAA3BC2A96CA6F9F60A47E340873B6131B9013ACDB75EBB189B671B8D48BD60D36D2BD4B9D2F5FC828F9989F2E9FEDE3AF8E10343C458CAEC77EBCDD113C75D4F190EFA489835725FD7A0CB3E3A9C30DE03BC5D3991D53A86A25A3F3601171130DBE5F2E6F844F6AE9565261F9110A264A1C61EA0CDDF6DB06F28F9E3B70A482C849E5523932B4F2343E90AC140AC06AB027E293CE2B81BA61021B1B15DDCA48B721AED9AC65217A15C2F
4720170623040745 2 6 100 2047 5 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3C6362DF7 4720171129062541 2 6 100 2047 2 F6A83AA30FCC5A1FED886CF60BFAD561F8558C07EC39F7972F8BD034F16AE485A25E223E609D18CBA60DFB74F85637DC6A55E38BA145746B5C2EFC007E1B36B0B179A7756B160A90E6C7AA8D42DC5EF9F96EB654D37EAA3BC2A96CA6F9F60A47E340873B6131B9013ACDB75EBB189B671B8D48BD60D36D2BD4B9D2F5FC828F9989F2E9FEDE3AF8E10343C458CAEC77EBCDD113C75D4F190EFA489835725FD7A0CB3E3A9C30DE03BC5D3991D53A86A25A3F3601171130DBE5F2E6F844F6AE9565261F9110A264A1C61EA0CDDF6DB06F28F9E3B70A482C849E5523932B4F2343E90AC140AC06AB027E293CE2B81BA61021B1B15DDCA48B721AED9AC652181044FB
4820170623040759 2 6 100 2047 2 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3C64F9EEB 4820171129062603 2 6 100 2047 5 F6A83AA30FCC5A1FED886CF60BFAD561F8558C07EC39F7972F8BD034F16AE485A25E223E609D18CBA60DFB74F85637DC6A55E38BA145746B5C2EFC007E1B36B0B179A7756B160A90E6C7AA8D42DC5EF9F96EB654D37EAA3BC2A96CA6F9F60A47E340873B6131B9013ACDB75EBB189B671B8D48BD60D36D2BD4B9D2F5FC828F9989F2E9FEDE3AF8E10343C458CAEC77EBCDD113C75D4F190EFA489835725FD7A0CB3E3A9C30DE03BC5D3991D53A86A25A3F3601171130DBE5F2E6F844F6AE9565261F9110A264A1C61EA0CDDF6DB06F28F9E3B70A482C849E5523932B4F2343E90AC140AC06AB027E293CE2B81BA61021B1B15DDCA48B721AED9AC6521837D78F
4920170623040829 2 6 100 2047 5 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3C6949627 4920171129062624 2 6 100 2047 5 F6A83AA30FCC5A1FED886CF60BFAD561F8558C07EC39F7972F8BD034F16AE485A25E223E609D18CBA60DFB74F85637DC6A55E38BA145746B5C2EFC007E1B36B0B179A7756B160A90E6C7AA8D42DC5EF9F96EB654D37EAA3BC2A96CA6F9F60A47E340873B6131B9013ACDB75EBB189B671B8D48BD60D36D2BD4B9D2F5FC828F9989F2E9FEDE3AF8E10343C458CAEC77EBCDD113C75D4F190EFA489835725FD7A0CB3E3A9C30DE03BC5D3991D53A86A25A3F3601171130DBE5F2E6F844F6AE9565261F9110A264A1C61EA0CDDF6DB06F28F9E3B70A482C849E5523932B4F2343E90AC140AC06AB027E293CE2B81BA61021B1B15DDCA48B721AED9AC652185C9EDF
5020170623040836 2 6 100 2047 2 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3C69F6763 5020171129062634 2 6 100 2047 2 F6A83AA30FCC5A1FED886CF60BFAD561F8558C07EC39F7972F8BD034F16AE485A25E223E609D18CBA60DFB74F85637DC6A55E38BA145746B5C2EFC007E1B36B0B179A7756B160A90E6C7AA8D42DC5EF9F96EB654D37EAA3BC2A96CA6F9F60A47E340873B6131B9013ACDB75EBB189B671B8D48BD60D36D2BD4B9D2F5FC828F9989F2E9FEDE3AF8E10343C458CAEC77EBCDD113C75D4F190EFA489835725FD7A0CB3E3A9C30DE03BC5D3991D53A86A25A3F3601171130DBE5F2E6F844F6AE9565261F9110A264A1C61EA0CDDF6DB06F28F9E3B70A482C849E5523932B4F2343E90AC140AC06AB027E293CE2B81BA61021B1B15DDCA48B721AED9AC652186C3473
5120170623040925 2 6 100 2047 2 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3C712B23B 5120171129062650 2 6 100 2047 5 F6A83AA30FCC5A1FED886CF60BFAD561F8558C07EC39F7972F8BD034F16AE485A25E223E609D18CBA60DFB74F85637DC6A55E38BA145746B5C2EFC007E1B36B0B179A7756B160A90E6C7AA8D42DC5EF9F96EB654D37EAA3BC2A96CA6F9F60A47E340873B6131B9013ACDB75EBB189B671B8D48BD60D36D2BD4B9D2F5FC828F9989F2E9FEDE3AF8E10343C458CAEC77EBCDD113C75D4F190EFA489835725FD7A0CB3E3A9C30DE03BC5D3991D53A86A25A3F3601171130DBE5F2E6F844F6AE9565261F9110A264A1C61EA0CDDF6DB06F28F9E3B70A482C849E5523932B4F2343E90AC140AC06AB027E293CE2B81BA61021B1B15DDCA48B721AED9AC65218888AC7
5220170623040941 2 6 100 2047 5 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3C7336C6F 5220171129062658 2 6 100 2047 2 F6A83AA30FCC5A1FED886CF60BFAD561F8558C07EC39F7972F8BD034F16AE485A25E223E609D18CBA60DFB74F85637DC6A55E38BA145746B5C2EFC007E1B36B0B179A7756B160A90E6C7AA8D42DC5EF9F96EB654D37EAA3BC2A96CA6F9F60A47E340873B6131B9013ACDB75EBB189B671B8D48BD60D36D2BD4B9D2F5FC828F9989F2E9FEDE3AF8E10343C458CAEC77EBCDD113C75D4F190EFA489835725FD7A0CB3E3A9C30DE03BC5D3991D53A86A25A3F3601171130DBE5F2E6F844F6AE9565261F9110A264A1C61EA0CDDF6DB06F28F9E3B70A482C849E5523932B4F2343E90AC140AC06AB027E293CE2B81BA61021B1B15DDCA48B721AED9AC65218915923
5320170623041004 2 6 100 2047 2 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3C76418FB 5320171129062719 2 6 100 2047 2 FB10C8B63DDACEB1654E9B1BF39D2E5A65A310270D19FA63F4520A3B76AF3FB32C535647E803A830B96E950AAE9539547D53CA1373E7C059B5E8FC81A00E193B547C8F490B1428A4692EF9B4248E69498595D579D93CE2D867709AE84F6558381A51673E2BC55FC04B8655EDF3743980319C875C7B733996FE318A3EC6DBFEE79D596AF1A4AA7497575D8A2E378D86CC368073E9E11FFC83F85886D1FC8F1D32CC0021259D040063526D8ABF2F7E00D4B627AED022D63B84F7DB55EE10550FA9562A067EAAEE021D1893DC6DADCCADAE1C0AD8F350A20CB33DAD32035FE12CF7DD29A0BF35DD87228B512DF58C7A3DD5187E2E58FC39AC835F847A3ADAB68F23
5420170623041040 2 6 100 2047 2 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3C7B6A153 5420171129062852 2 6 100 2047 2 FB10C8B63DDACEB1654E9B1BF39D2E5A65A310270D19FA63F4520A3B76AF3FB32C535647E803A830B96E950AAE9539547D53CA1373E7C059B5E8FC81A00E193B547C8F490B1428A4692EF9B4248E69498595D579D93CE2D867709AE84F6558381A51673E2BC55FC04B8655EDF3743980319C875C7B733996FE318A3EC6DBFEE79D596AF1A4AA7497575D8A2E378D86CC368073E9E11FFC83F85886D1FC8F1D32CC0021259D040063526D8ABF2F7E00D4B627AED022D63B84F7DB55EE10550FA9562A067EAAEE021D1893DC6DADCCADAE1C0AD8F350A20CB33DAD32035FE12CF7DD29A0BF35DD87228B512DF58C7A3DD5187E2E58FC39AC835F847A3ADB8020BB
5520170623041049 2 6 100 2047 5 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3C7C6F12F 5520171129062857 2 6 100 2047 5 FB10C8B63DDACEB1654E9B1BF39D2E5A65A310270D19FA63F4520A3B76AF3FB32C535647E803A830B96E950AAE9539547D53CA1373E7C059B5E8FC81A00E193B547C8F490B1428A4692EF9B4248E69498595D579D93CE2D867709AE84F6558381A51673E2BC55FC04B8655EDF3743980319C875C7B733996FE318A3EC6DBFEE79D596AF1A4AA7497575D8A2E378D86CC368073E9E11FFC83F85886D1FC8F1D32CC0021259D040063526D8ABF2F7E00D4B627AED022D63B84F7DB55EE10550FA9562A067EAAEE021D1893DC6DADCCADAE1C0AD8F350A20CB33DAD32035FE12CF7DD29A0BF35DD87228B512DF58C7A3DD5187E2E58FC39AC835F847A3ADB83D6A7
5620170623041059 2 6 100 2047 5 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3C7D798EF 5620171129062904 2 6 100 2047 2 FB10C8B63DDACEB1654E9B1BF39D2E5A65A310270D19FA63F4520A3B76AF3FB32C535647E803A830B96E950AAE9539547D53CA1373E7C059B5E8FC81A00E193B547C8F490B1428A4692EF9B4248E69498595D579D93CE2D867709AE84F6558381A51673E2BC55FC04B8655EDF3743980319C875C7B733996FE318A3EC6DBFEE79D596AF1A4AA7497575D8A2E378D86CC368073E9E11FFC83F85886D1FC8F1D32CC0021259D040063526D8ABF2F7E00D4B627AED022D63B84F7DB55EE10550FA9562A067EAAEE021D1893DC6DADCCADAE1C0AD8F350A20CB33DAD32035FE12CF7DD29A0BF35DD87228B512DF58C7A3DD5187E2E58FC39AC835F847A3ADB8A117B
5720170623041129 2 6 100 2047 2 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3C81D54F3 5720171129062913 2 6 100 2047 5 FB10C8B63DDACEB1654E9B1BF39D2E5A65A310270D19FA63F4520A3B76AF3FB32C535647E803A830B96E950AAE9539547D53CA1373E7C059B5E8FC81A00E193B547C8F490B1428A4692EF9B4248E69498595D579D93CE2D867709AE84F6558381A51673E2BC55FC04B8655EDF3743980319C875C7B733996FE318A3EC6DBFEE79D596AF1A4AA7497575D8A2E378D86CC368073E9E11FFC83F85886D1FC8F1D32CC0021259D040063526D8ABF2F7E00D4B627AED022D63B84F7DB55EE10550FA9562A067EAAEE021D1893DC6DADCCADAE1C0AD8F350A20CB33DAD32035FE12CF7DD29A0BF35DD87228B512DF58C7A3DD5187E2E58FC39AC835F847A3ADB95C4A7
5820170623041311 2 6 100 2047 5 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3C919987F 5820171129063020 2 6 100 2047 5 FB10C8B63DDACEB1654E9B1BF39D2E5A65A310270D19FA63F4520A3B76AF3FB32C535647E803A830B96E950AAE9539547D53CA1373E7C059B5E8FC81A00E193B547C8F490B1428A4692EF9B4248E69498595D579D93CE2D867709AE84F6558381A51673E2BC55FC04B8655EDF3743980319C875C7B733996FE318A3EC6DBFEE79D596AF1A4AA7497575D8A2E378D86CC368073E9E11FFC83F85886D1FC8F1D32CC0021259D040063526D8ABF2F7E00D4B627AED022D63B84F7DB55EE10550FA9562A067EAAEE021D1893DC6DADCCADAE1C0AD8F350A20CB33DAD32035FE12CF7DD29A0BF35DD87228B512DF58C7A3DD5187E2E58FC39AC835F847A3ADC1E13B7
5920170623041314 2 6 100 2047 2 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3C91A831B 5920171129063054 2 6 100 2047 2 FB10C8B63DDACEB1654E9B1BF39D2E5A65A310270D19FA63F4520A3B76AF3FB32C535647E803A830B96E950AAE9539547D53CA1373E7C059B5E8FC81A00E193B547C8F490B1428A4692EF9B4248E69498595D579D93CE2D867709AE84F6558381A51673E2BC55FC04B8655EDF3743980319C875C7B733996FE318A3EC6DBFEE79D596AF1A4AA7497575D8A2E378D86CC368073E9E11FFC83F85886D1FC8F1D32CC0021259D040063526D8ABF2F7E00D4B627AED022D63B84F7DB55EE10550FA9562A067EAAEE021D1893DC6DADCCADAE1C0AD8F350A20CB33DAD32035FE12CF7DD29A0BF35DD87228B512DF58C7A3DD5187E2E58FC39AC835F847A3ADC606493
6020170623041341 2 6 100 2047 5 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3C95422FF 6020171129063136 2 6 100 2047 5 FB10C8B63DDACEB1654E9B1BF39D2E5A65A310270D19FA63F4520A3B76AF3FB32C535647E803A830B96E950AAE9539547D53CA1373E7C059B5E8FC81A00E193B547C8F490B1428A4692EF9B4248E69498595D579D93CE2D867709AE84F6558381A51673E2BC55FC04B8655EDF3743980319C875C7B733996FE318A3EC6DBFEE79D596AF1A4AA7497575D8A2E378D86CC368073E9E11FFC83F85886D1FC8F1D32CC0021259D040063526D8ABF2F7E00D4B627AED022D63B84F7DB55EE10550FA9562A067EAAEE021D1893DC6DADCCADAE1C0AD8F350A20CB33DAD32035FE12CF7DD29A0BF35DD87228B512DF58C7A3DD5187E2E58FC39AC835F847A3ADCB2F54F
6120170623041350 2 6 100 2047 5 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3C9646B7F 6120171129063229 2 6 100 2047 5 FB10C8B63DDACEB1654E9B1BF39D2E5A65A310270D19FA63F4520A3B76AF3FB32C535647E803A830B96E950AAE9539547D53CA1373E7C059B5E8FC81A00E193B547C8F490B1428A4692EF9B4248E69498595D579D93CE2D867709AE84F6558381A51673E2BC55FC04B8655EDF3743980319C875C7B733996FE318A3EC6DBFEE79D596AF1A4AA7497575D8A2E378D86CC368073E9E11FFC83F85886D1FC8F1D32CC0021259D040063526D8ABF2F7E00D4B627AED022D63B84F7DB55EE10550FA9562A067EAAEE021D1893DC6DADCCADAE1C0AD8F350A20CB33DAD32035FE12CF7DD29A0BF35DD87228B512DF58C7A3DD5187E2E58FC39AC835F847A3ADD20E077
6220170623041354 2 6 100 2047 5 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3C9662E87 6220171129063237 2 6 100 2047 2 FB10C8B63DDACEB1654E9B1BF39D2E5A65A310270D19FA63F4520A3B76AF3FB32C535647E803A830B96E950AAE9539547D53CA1373E7C059B5E8FC81A00E193B547C8F490B1428A4692EF9B4248E69498595D579D93CE2D867709AE84F6558381A51673E2BC55FC04B8655EDF3743980319C875C7B733996FE318A3EC6DBFEE79D596AF1A4AA7497575D8A2E378D86CC368073E9E11FFC83F85886D1FC8F1D32CC0021259D040063526D8ABF2F7E00D4B627AED022D63B84F7DB55EE10550FA9562A067EAAEE021D1893DC6DADCCADAE1C0AD8F350A20CB33DAD32035FE12CF7DD29A0BF35DD87228B512DF58C7A3DD5187E2E58FC39AC835F847A3ADD2BAEB3
6320170623041503 2 6 100 2047 2 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3CA105123 6320171129063257 2 6 100 2047 5 FB10C8B63DDACEB1654E9B1BF39D2E5A65A310270D19FA63F4520A3B76AF3FB32C535647E803A830B96E950AAE9539547D53CA1373E7C059B5E8FC81A00E193B547C8F490B1428A4692EF9B4248E69498595D579D93CE2D867709AE84F6558381A51673E2BC55FC04B8655EDF3743980319C875C7B733996FE318A3EC6DBFEE79D596AF1A4AA7497575D8A2E378D86CC368073E9E11FFC83F85886D1FC8F1D32CC0021259D040063526D8ABF2F7E00D4B627AED022D63B84F7DB55EE10550FA9562A067EAAEE021D1893DC6DADCCADAE1C0AD8F350A20CB33DAD32035FE12CF7DD29A0BF35DD87228B512DF58C7A3DD5187E2E58FC39AC835F847A3ADD51762F
6420170623041522 2 6 100 2047 5 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3CA3BE707 6420171129063345 2 6 100 2047 2 FB10C8B63DDACEB1654E9B1BF39D2E5A65A310270D19FA63F4520A3B76AF3FB32C535647E803A830B96E950AAE9539547D53CA1373E7C059B5E8FC81A00E193B547C8F490B1428A4692EF9B4248E69498595D579D93CE2D867709AE84F6558381A51673E2BC55FC04B8655EDF3743980319C875C7B733996FE318A3EC6DBFEE79D596AF1A4AA7497575D8A2E378D86CC368073E9E11FFC83F85886D1FC8F1D32CC0021259D040063526D8ABF2F7E00D4B627AED022D63B84F7DB55EE10550FA9562A067EAAEE021D1893DC6DADCCADAE1C0AD8F350A20CB33DAD32035FE12CF7DD29A0BF35DD87228B512DF58C7A3DD5187E2E58FC39AC835F847A3ADDB29C0B
6520170623041541 2 6 100 2047 2 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3CA620DAB 6520171129063402 2 6 100 2047 5 FB10C8B63DDACEB1654E9B1BF39D2E5A65A310270D19FA63F4520A3B76AF3FB32C535647E803A830B96E950AAE9539547D53CA1373E7C059B5E8FC81A00E193B547C8F490B1428A4692EF9B4248E69498595D579D93CE2D867709AE84F6558381A51673E2BC55FC04B8655EDF3743980319C875C7B733996FE318A3EC6DBFEE79D596AF1A4AA7497575D8A2E378D86CC368073E9E11FFC83F85886D1FC8F1D32CC0021259D040063526D8ABF2F7E00D4B627AED022D63B84F7DB55EE10550FA9562A067EAAEE021D1893DC6DADCCADAE1C0AD8F350A20CB33DAD32035FE12CF7DD29A0BF35DD87228B512DF58C7A3DD5187E2E58FC39AC835F847A3ADDD1340F
6620170623041546 2 6 100 2047 2 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3CA66FFC3 6620171129063440 2 6 100 2047 2 FB10C8B63DDACEB1654E9B1BF39D2E5A65A310270D19FA63F4520A3B76AF3FB32C535647E803A830B96E950AAE9539547D53CA1373E7C059B5E8FC81A00E193B547C8F490B1428A4692EF9B4248E69498595D579D93CE2D867709AE84F6558381A51673E2BC55FC04B8655EDF3743980319C875C7B733996FE318A3EC6DBFEE79D596AF1A4AA7497575D8A2E378D86CC368073E9E11FFC83F85886D1FC8F1D32CC0021259D040063526D8ABF2F7E00D4B627AED022D63B84F7DB55EE10550FA9562A067EAAEE021D1893DC6DADCCADAE1C0AD8F350A20CB33DAD32035FE12CF7DD29A0BF35DD87228B512DF58C7A3DD5187E2E58FC39AC835F847A3ADE1D2F13
6720170623041620 2 6 100 2047 2 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3CAB69493 6720171129063453 2 6 100 2047 2 FB10C8B63DDACEB1654E9B1BF39D2E5A65A310270D19FA63F4520A3B76AF3FB32C535647E803A830B96E950AAE9539547D53CA1373E7C059B5E8FC81A00E193B547C8F490B1428A4692EF9B4248E69498595D579D93CE2D867709AE84F6558381A51673E2BC55FC04B8655EDF3743980319C875C7B733996FE318A3EC6DBFEE79D596AF1A4AA7497575D8A2E378D86CC368073E9E11FFC83F85886D1FC8F1D32CC0021259D040063526D8ABF2F7E00D4B627AED022D63B84F7DB55EE10550FA9562A067EAAEE021D1893DC6DADCCADAE1C0AD8F350A20CB33DAD32035FE12CF7DD29A0BF35DD87228B512DF58C7A3DD5187E2E58FC39AC835F847A3ADE32DC9B
6820170623041704 2 6 100 2047 2 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3CB1C2B4B 6820171129063513 2 6 100 2047 5 FB10C8B63DDACEB1654E9B1BF39D2E5A65A310270D19FA63F4520A3B76AF3FB32C535647E803A830B96E950AAE9539547D53CA1373E7C059B5E8FC81A00E193B547C8F490B1428A4692EF9B4248E69498595D579D93CE2D867709AE84F6558381A51673E2BC55FC04B8655EDF3743980319C875C7B733996FE318A3EC6DBFEE79D596AF1A4AA7497575D8A2E378D86CC368073E9E11FFC83F85886D1FC8F1D32CC0021259D040063526D8ABF2F7E00D4B627AED022D63B84F7DB55EE10550FA9562A067EAAEE021D1893DC6DADCCADAE1C0AD8F350A20CB33DAD32035FE12CF7DD29A0BF35DD87228B512DF58C7A3DD5187E2E58FC39AC835F847A3ADE56C75F
6920170623041709 2 6 100 2047 2 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3CB1FD10B 6920171129063518 2 6 100 2047 5 FB10C8B63DDACEB1654E9B1BF39D2E5A65A310270D19FA63F4520A3B76AF3FB32C535647E803A830B96E950AAE9539547D53CA1373E7C059B5E8FC81A00E193B547C8F490B1428A4692EF9B4248E69498595D579D93CE2D867709AE84F6558381A51673E2BC55FC04B8655EDF3743980319C875C7B733996FE318A3EC6DBFEE79D596AF1A4AA7497575D8A2E378D86CC368073E9E11FFC83F85886D1FC8F1D32CC0021259D040063526D8ABF2F7E00D4B627AED022D63B84F7DB55EE10550FA9562A067EAAEE021D1893DC6DADCCADAE1C0AD8F350A20CB33DAD32035FE12CF7DD29A0BF35DD87228B512DF58C7A3DD5187E2E58FC39AC835F847A3ADE5898EF
7020170623041747 2 6 100 2047 2 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3CB7550DB 7020171129063545 2 6 100 2047 5 FB10C8B63DDACEB1654E9B1BF39D2E5A65A310270D19FA63F4520A3B76AF3FB32C535647E803A830B96E950AAE9539547D53CA1373E7C059B5E8FC81A00E193B547C8F490B1428A4692EF9B4248E69498595D579D93CE2D867709AE84F6558381A51673E2BC55FC04B8655EDF3743980319C875C7B733996FE318A3EC6DBFEE79D596AF1A4AA7497575D8A2E378D86CC368073E9E11FFC83F85886D1FC8F1D32CC0021259D040063526D8ABF2F7E00D4B627AED022D63B84F7DB55EE10550FA9562A067EAAEE021D1893DC6DADCCADAE1C0AD8F350A20CB33DAD32035FE12CF7DD29A0BF35DD87228B512DF58C7A3DD5187E2E58FC39AC835F847A3ADE8E3FC7
7120170623041822 2 6 100 2047 2 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3CBC63D2B 7120171129063559 2 6 100 2047 2 FB10C8B63DDACEB1654E9B1BF39D2E5A65A310270D19FA63F4520A3B76AF3FB32C535647E803A830B96E950AAE9539547D53CA1373E7C059B5E8FC81A00E193B547C8F490B1428A4692EF9B4248E69498595D579D93CE2D867709AE84F6558381A51673E2BC55FC04B8655EDF3743980319C875C7B733996FE318A3EC6DBFEE79D596AF1A4AA7497575D8A2E378D86CC368073E9E11FFC83F85886D1FC8F1D32CC0021259D040063526D8ABF2F7E00D4B627AED022D63B84F7DB55EE10550FA9562A067EAAEE021D1893DC6DADCCADAE1C0AD8F350A20CB33DAD32035FE12CF7DD29A0BF35DD87228B512DF58C7A3DD5187E2E58FC39AC835F847A3ADEA2F2AB
7220170623041830 2 6 100 2047 2 EDB5FA2E865AD05F06510EFBFC71F9DFBAA5C1EEF3F6FDC2650C1D8C507DECA3422AE18746EA7D7BEA600C0AE9A0812A3DC02C099F8AF046EF014EC2A58734A716F156FCE4F19E3A9EB38F225A1CA0B868F70B3BE0CAE3AC2A20F330EF3CC33CB27D1FCB2D27505409144F957AC592567AC0B2A8099F6D58B546C7EE734FD806CDFDDE5F41C38966EB61005CA78D970BFA2C77F099BB19543B559AA118B6F303644D541E83B293138BEF5B8F0B0382ACA8DBDD693845FF6B7EE6ABF1B8B4733998F31DBF74F9CBA5145A0C5345EDC5B056CDCAA3AF605701C56651B8A968AD6D7E421DD3B5F3765865D5FDC55252F25C9661CD71A43A20B13A16CFF3CBD499AB 7220171129063613 2 6 100 2047 5 FB10C8B63DDACEB1654E9B1BF39D2E5A65A310270D19FA63F4520A3B76AF3FB32C535647E803A830B96E950AAE9539547D53CA1373E7C059B5E8FC81A00E193B547C8F490B1428A4692EF9B4248E69498595D579D93CE2D867709AE84F6558381A51673E2BC55FC04B8655EDF3743980319C875C7B733996FE318A3EC6DBFEE79D596AF1A4AA7497575D8A2E378D86CC368073E9E11FFC83F85886D1FC8F1D32CC0021259D040063526D8ABF2F7E00D4B627AED022D63B84F7DB55EE10550FA9562A067EAAEE021D1893DC6DADCCADAE1C0AD8F350A20CB33DAD32035FE12CF7DD29A0BF35DD87228B512DF58C7A3DD5187E2E58FC39AC835F847A3ADEB8D03F
7320170623043901 2 6 100 3071 2 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB5508B03E93 7320171129063626 2 6 100 2047 5 FB10C8B63DDACEB1654E9B1BF39D2E5A65A310270D19FA63F4520A3B76AF3FB32C535647E803A830B96E950AAE9539547D53CA1373E7C059B5E8FC81A00E193B547C8F490B1428A4692EF9B4248E69498595D579D93CE2D867709AE84F6558381A51673E2BC55FC04B8655EDF3743980319C875C7B733996FE318A3EC6DBFEE79D596AF1A4AA7497575D8A2E378D86CC368073E9E11FFC83F85886D1FC8F1D32CC0021259D040063526D8ABF2F7E00D4B627AED022D63B84F7DB55EE10550FA9562A067EAAEE021D1893DC6DADCCADAE1C0AD8F350A20CB33DAD32035FE12CF7DD29A0BF35DD87228B512DF58C7A3DD5187E2E58FC39AC835F847A3ADECF0D4F
7420170623044452 2 6 100 3071 5 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB5509C5C937 7420171129063639 2 6 100 2047 2 FB10C8B63DDACEB1654E9B1BF39D2E5A65A310270D19FA63F4520A3B76AF3FB32C535647E803A830B96E950AAE9539547D53CA1373E7C059B5E8FC81A00E193B547C8F490B1428A4692EF9B4248E69498595D579D93CE2D867709AE84F6558381A51673E2BC55FC04B8655EDF3743980319C875C7B733996FE318A3EC6DBFEE79D596AF1A4AA7497575D8A2E378D86CC368073E9E11FFC83F85886D1FC8F1D32CC0021259D040063526D8ABF2F7E00D4B627AED022D63B84F7DB55EE10550FA9562A067EAAEE021D1893DC6DADCCADAE1C0AD8F350A20CB33DAD32035FE12CF7DD29A0BF35DD87228B512DF58C7A3DD5187E2E58FC39AC835F847A3ADEE3F9DB
7520170623044600 2 6 100 3071 2 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB5509F436FB 7520171129063648 2 6 100 2047 2 FB10C8B63DDACEB1654E9B1BF39D2E5A65A310270D19FA63F4520A3B76AF3FB32C535647E803A830B96E950AAE9539547D53CA1373E7C059B5E8FC81A00E193B547C8F490B1428A4692EF9B4248E69498595D579D93CE2D867709AE84F6558381A51673E2BC55FC04B8655EDF3743980319C875C7B733996FE318A3EC6DBFEE79D596AF1A4AA7497575D8A2E378D86CC368073E9E11FFC83F85886D1FC8F1D32CC0021259D040063526D8ABF2F7E00D4B627AED022D63B84F7DB55EE10550FA9562A067EAAEE021D1893DC6DADCCADAE1C0AD8F350A20CB33DAD32035FE12CF7DD29A0BF35DD87228B512DF58C7A3DD5187E2E58FC39AC835F847A3ADEECDD2B
7620170623044825 2 6 100 3071 2 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB550A640733 7620171129063728 2 6 100 2047 5 FB10C8B63DDACEB1654E9B1BF39D2E5A65A310270D19FA63F4520A3B76AF3FB32C535647E803A830B96E950AAE9539547D53CA1373E7C059B5E8FC81A00E193B547C8F490B1428A4692EF9B4248E69498595D579D93CE2D867709AE84F6558381A51673E2BC55FC04B8655EDF3743980319C875C7B733996FE318A3EC6DBFEE79D596AF1A4AA7497575D8A2E378D86CC368073E9E11FFC83F85886D1FC8F1D32CC0021259D040063526D8ABF2F7E00D4B627AED022D63B84F7DB55EE10550FA9562A067EAAEE021D1893DC6DADCCADAE1C0AD8F350A20CB33DAD32035FE12CF7DD29A0BF35DD87228B512DF58C7A3DD5187E2E58FC39AC835F847A3ADF3B2B1F
7720170623045050 2 6 100 3071 2 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB550AD6755B 7720171129063831 2 6 100 2047 2 FB10C8B63DDACEB1654E9B1BF39D2E5A65A310270D19FA63F4520A3B76AF3FB32C535647E803A830B96E950AAE9539547D53CA1373E7C059B5E8FC81A00E193B547C8F490B1428A4692EF9B4248E69498595D579D93CE2D867709AE84F6558381A51673E2BC55FC04B8655EDF3743980319C875C7B733996FE318A3EC6DBFEE79D596AF1A4AA7497575D8A2E378D86CC368073E9E11FFC83F85886D1FC8F1D32CC0021259D040063526D8ABF2F7E00D4B627AED022D63B84F7DB55EE10550FA9562A067EAAEE021D1893DC6DADCCADAE1C0AD8F350A20CB33DAD32035FE12CF7DD29A0BF35DD87228B512DF58C7A3DD5187E2E58FC39AC835F847A3ADFB933CB
7820170623045124 2 6 100 3071 2 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB550AE93B43 7820171129063954 2 6 100 2047 5 FB10C8B63DDACEB1654E9B1BF39D2E5A65A310270D19FA63F4520A3B76AF3FB32C535647E803A830B96E950AAE9539547D53CA1373E7C059B5E8FC81A00E193B547C8F490B1428A4692EF9B4248E69498595D579D93CE2D867709AE84F6558381A51673E2BC55FC04B8655EDF3743980319C875C7B733996FE318A3EC6DBFEE79D596AF1A4AA7497575D8A2E378D86CC368073E9E11FFC83F85886D1FC8F1D32CC0021259D040063526D8ABF2F7E00D4B627AED022D63B84F7DB55EE10550FA9562A067EAAEE021D1893DC6DADCCADAE1C0AD8F350A20CB33DAD32035FE12CF7DD29A0BF35DD87228B512DF58C7A3DD5187E2E58FC39AC835F847A3AE05FFACF
7920170623045420 2 6 100 3071 2 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB550B6F1ED3 7920171129064044 2 6 100 2047 2 FB10C8B63DDACEB1654E9B1BF39D2E5A65A310270D19FA63F4520A3B76AF3FB32C535647E803A830B96E950AAE9539547D53CA1373E7C059B5E8FC81A00E193B547C8F490B1428A4692EF9B4248E69498595D579D93CE2D867709AE84F6558381A51673E2BC55FC04B8655EDF3743980319C875C7B733996FE318A3EC6DBFEE79D596AF1A4AA7497575D8A2E378D86CC368073E9E11FFC83F85886D1FC8F1D32CC0021259D040063526D8ABF2F7E00D4B627AED022D63B84F7DB55EE10550FA9562A067EAAEE021D1893DC6DADCCADAE1C0AD8F350A20CB33DAD32035FE12CF7DD29A0BF35DD87228B512DF58C7A3DD5187E2E58FC39AC835F847A3AE0C83FEB
8020170623045805 2 6 100 3071 5 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB550C20298F 8020171129064109 2 6 100 2047 2 FB10C8B63DDACEB1654E9B1BF39D2E5A65A310270D19FA63F4520A3B76AF3FB32C535647E803A830B96E950AAE9539547D53CA1373E7C059B5E8FC81A00E193B547C8F490B1428A4692EF9B4248E69498595D579D93CE2D867709AE84F6558381A51673E2BC55FC04B8655EDF3743980319C875C7B733996FE318A3EC6DBFEE79D596AF1A4AA7497575D8A2E378D86CC368073E9E11FFC83F85886D1FC8F1D32CC0021259D040063526D8ABF2F7E00D4B627AED022D63B84F7DB55EE10550FA9562A067EAAEE021D1893DC6DADCCADAE1C0AD8F350A20CB33DAD32035FE12CF7DD29A0BF35DD87228B512DF58C7A3DD5187E2E58FC39AC835F847A3AE0F81483
8120170623045930 2 6 100 3071 5 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB550C5914BF 8120171129064127 2 6 100 2047 2 FB10C8B63DDACEB1654E9B1BF39D2E5A65A310270D19FA63F4520A3B76AF3FB32C535647E803A830B96E950AAE9539547D53CA1373E7C059B5E8FC81A00E193B547C8F490B1428A4692EF9B4248E69498595D579D93CE2D867709AE84F6558381A51673E2BC55FC04B8655EDF3743980319C875C7B733996FE318A3EC6DBFEE79D596AF1A4AA7497575D8A2E378D86CC368073E9E11FFC83F85886D1FC8F1D32CC0021259D040063526D8ABF2F7E00D4B627AED022D63B84F7DB55EE10550FA9562A067EAAEE021D1893DC6DADCCADAE1C0AD8F350A20CB33DAD32035FE12CF7DD29A0BF35DD87228B512DF58C7A3DD5187E2E58FC39AC835F847A3AE1194DFB
8220170623050341 2 6 100 3071 2 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB550D1A1773 8220171129064141 2 6 100 2047 2 FB10C8B63DDACEB1654E9B1BF39D2E5A65A310270D19FA63F4520A3B76AF3FB32C535647E803A830B96E950AAE9539547D53CA1373E7C059B5E8FC81A00E193B547C8F490B1428A4692EF9B4248E69498595D579D93CE2D867709AE84F6558381A51673E2BC55FC04B8655EDF3743980319C875C7B733996FE318A3EC6DBFEE79D596AF1A4AA7497575D8A2E378D86CC368073E9E11FFC83F85886D1FC8F1D32CC0021259D040063526D8ABF2F7E00D4B627AED022D63B84F7DB55EE10550FA9562A067EAAEE021D1893DC6DADCCADAE1C0AD8F350A20CB33DAD32035FE12CF7DD29A0BF35DD87228B512DF58C7A3DD5187E2E58FC39AC835F847A3AE12EBF3B
8320170623050720 2 6 100 3071 2 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB550DC219FB 8320171129064157 2 6 100 2047 5 FB10C8B63DDACEB1654E9B1BF39D2E5A65A310270D19FA63F4520A3B76AF3FB32C535647E803A830B96E950AAE9539547D53CA1373E7C059B5E8FC81A00E193B547C8F490B1428A4692EF9B4248E69498595D579D93CE2D867709AE84F6558381A51673E2BC55FC04B8655EDF3743980319C875C7B733996FE318A3EC6DBFEE79D596AF1A4AA7497575D8A2E378D86CC368073E9E11FFC83F85886D1FC8F1D32CC0021259D040063526D8ABF2F7E00D4B627AED022D63B84F7DB55EE10550FA9562A067EAAEE021D1893DC6DADCCADAE1C0AD8F350A20CB33DAD32035FE12CF7DD29A0BF35DD87228B512DF58C7A3DD5187E2E58FC39AC835F847A3AE14B8657
8420170623051801 2 6 100 3071 5 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB550FBDD1AF 8420171129064308 2 6 100 2047 2 FB10C8B63DDACEB1654E9B1BF39D2E5A65A310270D19FA63F4520A3B76AF3FB32C535647E803A830B96E950AAE9539547D53CA1373E7C059B5E8FC81A00E193B547C8F490B1428A4692EF9B4248E69498595D579D93CE2D867709AE84F6558381A51673E2BC55FC04B8655EDF3743980319C875C7B733996FE318A3EC6DBFEE79D596AF1A4AA7497575D8A2E378D86CC368073E9E11FFC83F85886D1FC8F1D32CC0021259D040063526D8ABF2F7E00D4B627AED022D63B84F7DB55EE10550FA9562A067EAAEE021D1893DC6DADCCADAE1C0AD8F350A20CB33DAD32035FE12CF7DD29A0BF35DD87228B512DF58C7A3DD5187E2E58FC39AC835F847A3AE1DFF6A3
8520170623052216 2 6 100 3071 2 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB5510842093 8520171129064313 2 6 100 2047 5 FB10C8B63DDACEB1654E9B1BF39D2E5A65A310270D19FA63F4520A3B76AF3FB32C535647E803A830B96E950AAE9539547D53CA1373E7C059B5E8FC81A00E193B547C8F490B1428A4692EF9B4248E69498595D579D93CE2D867709AE84F6558381A51673E2BC55FC04B8655EDF3743980319C875C7B733996FE318A3EC6DBFEE79D596AF1A4AA7497575D8A2E378D86CC368073E9E11FFC83F85886D1FC8F1D32CC0021259D040063526D8ABF2F7E00D4B627AED022D63B84F7DB55EE10550FA9562A067EAAEE021D1893DC6DADCCADAE1C0AD8F350A20CB33DAD32035FE12CF7DD29A0BF35DD87228B512DF58C7A3DD5187E2E58FC39AC835F847A3AE1E37B6F
8620170623052416 2 6 100 3071 5 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB5510DBFCD7 8620171129064345 2 6 100 2047 2 FB10C8B63DDACEB1654E9B1BF39D2E5A65A310270D19FA63F4520A3B76AF3FB32C535647E803A830B96E950AAE9539547D53CA1373E7C059B5E8FC81A00E193B547C8F490B1428A4692EF9B4248E69498595D579D93CE2D867709AE84F6558381A51673E2BC55FC04B8655EDF3743980319C875C7B733996FE318A3EC6DBFEE79D596AF1A4AA7497575D8A2E378D86CC368073E9E11FFC83F85886D1FC8F1D32CC0021259D040063526D8ABF2F7E00D4B627AED022D63B84F7DB55EE10550FA9562A067EAAEE021D1893DC6DADCCADAE1C0AD8F350A20CB33DAD32035FE12CF7DD29A0BF35DD87228B512DF58C7A3DD5187E2E58FC39AC835F847A3AE21EA40B
8720170623052526 2 6 100 3071 2 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB55110BB843 8720171129064404 2 6 100 2047 2 FB10C8B63DDACEB1654E9B1BF39D2E5A65A310270D19FA63F4520A3B76AF3FB32C535647E803A830B96E950AAE9539547D53CA1373E7C059B5E8FC81A00E193B547C8F490B1428A4692EF9B4248E69498595D579D93CE2D867709AE84F6558381A51673E2BC55FC04B8655EDF3743980319C875C7B733996FE318A3EC6DBFEE79D596AF1A4AA7497575D8A2E378D86CC368073E9E11FFC83F85886D1FC8F1D32CC0021259D040063526D8ABF2F7E00D4B627AED022D63B84F7DB55EE10550FA9562A067EAAEE021D1893DC6DADCCADAE1C0AD8F350A20CB33DAD32035FE12CF7DD29A0BF35DD87228B512DF58C7A3DD5187E2E58FC39AC835F847A3AE23F19DB
8820170623052831 2 6 100 3071 2 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB551196B36B 8820171129064429 2 6 100 2047 2 FB10C8B63DDACEB1654E9B1BF39D2E5A65A310270D19FA63F4520A3B76AF3FB32C535647E803A830B96E950AAE9539547D53CA1373E7C059B5E8FC81A00E193B547C8F490B1428A4692EF9B4248E69498595D579D93CE2D867709AE84F6558381A51673E2BC55FC04B8655EDF3743980319C875C7B733996FE318A3EC6DBFEE79D596AF1A4AA7497575D8A2E378D86CC368073E9E11FFC83F85886D1FC8F1D32CC0021259D040063526D8ABF2F7E00D4B627AED022D63B84F7DB55EE10550FA9562A067EAAEE021D1893DC6DADCCADAE1C0AD8F350A20CB33DAD32035FE12CF7DD29A0BF35DD87228B512DF58C7A3DD5187E2E58FC39AC835F847A3AE26AA1A3
8920170623053119 2 6 100 3071 5 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB551217A237 8920171129070339 2 6 100 3071 2 FE72CDD6784FBAB0F7AA00E2F31A76435F8A02AC8B14A52C64CF4998EFEDADF9272FF9ADCF5AEDB6EEAE34A36C64833C8D63398A4906979A6B785139D9E7FE72FE8E3502B71B7780E8F4D74A520D3C8E5706EA428CCB746B673EC7472704203315FFDA7F3D5FCE56F6F441AA575B77748D6CB69DC1D7DB8531902CCB0E4D4817FBF4BCFE05120B60B7B99C62C578E6BDADE8E45B44DD67448F25F9118DA92DE375421E131781ED0895CACACB30C2D94D994B16215284CDE857A6C677C0E04A9B81E9D88076167EF3CB8041B65A1756850C2C667F2C6F5D6700F868A1518FD192B3C1915F19D119B2CF4588BD043ED3443982768B641FED8E2BF8E85BAC97A82808450DCCD35B5ED09E089AA04226A7710E20D5C00AED1CBAA176D93E1FEA308B4763F0FE9456E11F645A06D22A33EEA1931104605F280C7C5630548F3D35F6DBEDC8133FDC184F95D43B7D865EEF1E78A952BE3F098328A863447E2EBB726F3AB543F686CBD8BF8F9E780166758B495B7B75066E4B1987002422692D8656503B
9020170623053458 2 6 100 3071 5 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB5512C20307 9020171129070431 2 6 100 3071 5 FE72CDD6784FBAB0F7AA00E2F31A76435F8A02AC8B14A52C64CF4998EFEDADF9272FF9ADCF5AEDB6EEAE34A36C64833C8D63398A4906979A6B785139D9E7FE72FE8E3502B71B7780E8F4D74A520D3C8E5706EA428CCB746B673EC7472704203315FFDA7F3D5FCE56F6F441AA575B77748D6CB69DC1D7DB8531902CCB0E4D4817FBF4BCFE05120B60B7B99C62C578E6BDADE8E45B44DD67448F25F9118DA92DE375421E131781ED0895CACACB30C2D94D994B16215284CDE857A6C677C0E04A9B81E9D88076167EF3CB8041B65A1756850C2C667F2C6F5D6700F868A1518FD192B3C1915F19D119B2CF4588BD043ED3443982768B641FED8E2BF8E85BAC97A82808450DCCD35B5ED09E089AA04226A7710E20D5C00AED1CBAA176D93E1FEA308B4763F0FE9456E11F645A06D22A33EEA1931104605F280C7C5630548F3D35F6DBEDC8133FDC184F95D43B7D865EEF1E78A952BE3F098328A863447E2EBB726F3AB543F686CBD8BF8F9E780166758B495B7B75066E4B1987002422692D8673A5D7
9120170623053734 2 6 100 3071 2 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB55133990CB 9120171129070444 2 6 100 3071 2 FE72CDD6784FBAB0F7AA00E2F31A76435F8A02AC8B14A52C64CF4998EFEDADF9272FF9ADCF5AEDB6EEAE34A36C64833C8D63398A4906979A6B785139D9E7FE72FE8E3502B71B7780E8F4D74A520D3C8E5706EA428CCB746B673EC7472704203315FFDA7F3D5FCE56F6F441AA575B77748D6CB69DC1D7DB8531902CCB0E4D4817FBF4BCFE05120B60B7B99C62C578E6BDADE8E45B44DD67448F25F9118DA92DE375421E131781ED0895CACACB30C2D94D994B16215284CDE857A6C677C0E04A9B81E9D88076167EF3CB8041B65A1756850C2C667F2C6F5D6700F868A1518FD192B3C1915F19D119B2CF4588BD043ED3443982768B641FED8E2BF8E85BAC97A82808450DCCD35B5ED09E089AA04226A7710E20D5C00AED1CBAA176D93E1FEA308B4763F0FE9456E11F645A06D22A33EEA1931104605F280C7C5630548F3D35F6DBEDC8133FDC184F95D43B7D865EEF1E78A952BE3F098328A863447E2EBB726F3AB543F686CBD8BF8F9E780166758B495B7B75066E4B1987002422692D8674FE3B
9220170623054412 2 6 100 3071 2 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB5514721AB3 9220171129070802 2 6 100 3071 2 FE72CDD6784FBAB0F7AA00E2F31A76435F8A02AC8B14A52C64CF4998EFEDADF9272FF9ADCF5AEDB6EEAE34A36C64833C8D63398A4906979A6B785139D9E7FE72FE8E3502B71B7780E8F4D74A520D3C8E5706EA428CCB746B673EC7472704203315FFDA7F3D5FCE56F6F441AA575B77748D6CB69DC1D7DB8531902CCB0E4D4817FBF4BCFE05120B60B7B99C62C578E6BDADE8E45B44DD67448F25F9118DA92DE375421E131781ED0895CACACB30C2D94D994B16215284CDE857A6C677C0E04A9B81E9D88076167EF3CB8041B65A1756850C2C667F2C6F5D6700F868A1518FD192B3C1915F19D119B2CF4588BD043ED3443982768B641FED8E2BF8E85BAC97A82808450DCCD35B5ED09E089AA04226A7710E20D5C00AED1CBAA176D93E1FEA308B4763F0FE9456E11F645A06D22A33EEA1931104605F280C7C5630548F3D35F6DBEDC8133FDC184F95D43B7D865EEF1E78A952BE3F098328A863447E2EBB726F3AB543F686CBD8BF8F9E780166758B495B7B75066E4B1987002422692D86F9B0D3
9320170623054517 2 6 100 3071 2 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB55149F4D0B 9320171129071143 2 6 100 3071 5 FE72CDD6784FBAB0F7AA00E2F31A76435F8A02AC8B14A52C64CF4998EFEDADF9272FF9ADCF5AEDB6EEAE34A36C64833C8D63398A4906979A6B785139D9E7FE72FE8E3502B71B7780E8F4D74A520D3C8E5706EA428CCB746B673EC7472704203315FFDA7F3D5FCE56F6F441AA575B77748D6CB69DC1D7DB8531902CCB0E4D4817FBF4BCFE05120B60B7B99C62C578E6BDADE8E45B44DD67448F25F9118DA92DE375421E131781ED0895CACACB30C2D94D994B16215284CDE857A6C677C0E04A9B81E9D88076167EF3CB8041B65A1756850C2C667F2C6F5D6700F868A1518FD192B3C1915F19D119B2CF4588BD043ED3443982768B641FED8E2BF8E85BAC97A82808450DCCD35B5ED09E089AA04226A7710E20D5C00AED1CBAA176D93E1FEA308B4763F0FE9456E11F645A06D22A33EEA1931104605F280C7C5630548F3D35F6DBEDC8133FDC184F95D43B7D865EEF1E78A952BE3F098328A863447E2EBB726F3AB543F686CBD8BF8F9E780166758B495B7B75066E4B1987002422692D8790794F
9420170623055017 2 6 100 3071 2 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB551583DD9B 9420171129072038 2 6 100 3071 2 FE72CDD6784FBAB0F7AA00E2F31A76435F8A02AC8B14A52C64CF4998EFEDADF9272FF9ADCF5AEDB6EEAE34A36C64833C8D63398A4906979A6B785139D9E7FE72FE8E3502B71B7780E8F4D74A520D3C8E5706EA428CCB746B673EC7472704203315FFDA7F3D5FCE56F6F441AA575B77748D6CB69DC1D7DB8531902CCB0E4D4817FBF4BCFE05120B60B7B99C62C578E6BDADE8E45B44DD67448F25F9118DA92DE375421E131781ED0895CACACB30C2D94D994B16215284CDE857A6C677C0E04A9B81E9D88076167EF3CB8041B65A1756850C2C667F2C6F5D6700F868A1518FD192B3C1915F19D119B2CF4588BD043ED3443982768B641FED8E2BF8E85BAC97A82808450DCCD35B5ED09E089AA04226A7710E20D5C00AED1CBAA176D93E1FEA308B4763F0FE9456E11F645A06D22A33EEA1931104605F280C7C5630548F3D35F6DBEDC8133FDC184F95D43B7D865EEF1E78A952BE3F098328A863447E2EBB726F3AB543F686CBD8BF8F9E780166758B495B7B75066E4B1987002422692D890948AB
9520170623055422 2 6 100 3071 2 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB55163A7903 9520171129072201 2 6 100 3071 2 FE72CDD6784FBAB0F7AA00E2F31A76435F8A02AC8B14A52C64CF4998EFEDADF9272FF9ADCF5AEDB6EEAE34A36C64833C8D63398A4906979A6B785139D9E7FE72FE8E3502B71B7780E8F4D74A520D3C8E5706EA428CCB746B673EC7472704203315FFDA7F3D5FCE56F6F441AA575B77748D6CB69DC1D7DB8531902CCB0E4D4817FBF4BCFE05120B60B7B99C62C578E6BDADE8E45B44DD67448F25F9118DA92DE375421E131781ED0895CACACB30C2D94D994B16215284CDE857A6C677C0E04A9B81E9D88076167EF3CB8041B65A1756850C2C667F2C6F5D6700F868A1518FD192B3C1915F19D119B2CF4588BD043ED3443982768B641FED8E2BF8E85BAC97A82808450DCCD35B5ED09E089AA04226A7710E20D5C00AED1CBAA176D93E1FEA308B4763F0FE9456E11F645A06D22A33EEA1931104605F280C7C5630548F3D35F6DBEDC8133FDC184F95D43B7D865EEF1E78A952BE3F098328A863447E2EBB726F3AB543F686CBD8BF8F9E780166758B495B7B75066E4B1987002422692D893CA93B
9620170623055449 2 6 100 3071 5 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB5516475E5F 9620171129072633 2 6 100 3071 2 FE72CDD6784FBAB0F7AA00E2F31A76435F8A02AC8B14A52C64CF4998EFEDADF9272FF9ADCF5AEDB6EEAE34A36C64833C8D63398A4906979A6B785139D9E7FE72FE8E3502B71B7780E8F4D74A520D3C8E5706EA428CCB746B673EC7472704203315FFDA7F3D5FCE56F6F441AA575B77748D6CB69DC1D7DB8531902CCB0E4D4817FBF4BCFE05120B60B7B99C62C578E6BDADE8E45B44DD67448F25F9118DA92DE375421E131781ED0895CACACB30C2D94D994B16215284CDE857A6C677C0E04A9B81E9D88076167EF3CB8041B65A1756850C2C667F2C6F5D6700F868A1518FD192B3C1915F19D119B2CF4588BD043ED3443982768B641FED8E2BF8E85BAC97A82808450DCCD35B5ED09E089AA04226A7710E20D5C00AED1CBAA176D93E1FEA308B4763F0FE9456E11F645A06D22A33EEA1931104605F280C7C5630548F3D35F6DBEDC8133FDC184F95D43B7D865EEF1E78A952BE3F098328A863447E2EBB726F3AB543F686CBD8BF8F9E780166758B495B7B75066E4B1987002422692D89FA04BB
9720170623055516 2 6 100 3071 5 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB5516556F37 9720171129072704 2 6 100 3071 2 FE72CDD6784FBAB0F7AA00E2F31A76435F8A02AC8B14A52C64CF4998EFEDADF9272FF9ADCF5AEDB6EEAE34A36C64833C8D63398A4906979A6B785139D9E7FE72FE8E3502B71B7780E8F4D74A520D3C8E5706EA428CCB746B673EC7472704203315FFDA7F3D5FCE56F6F441AA575B77748D6CB69DC1D7DB8531902CCB0E4D4817FBF4BCFE05120B60B7B99C62C578E6BDADE8E45B44DD67448F25F9118DA92DE375421E131781ED0895CACACB30C2D94D994B16215284CDE857A6C677C0E04A9B81E9D88076167EF3CB8041B65A1756850C2C667F2C6F5D6700F868A1518FD192B3C1915F19D119B2CF4588BD043ED3443982768B641FED8E2BF8E85BAC97A82808450DCCD35B5ED09E089AA04226A7710E20D5C00AED1CBAA176D93E1FEA308B4763F0FE9456E11F645A06D22A33EEA1931104605F280C7C5630548F3D35F6DBEDC8133FDC184F95D43B7D865EEF1E78A952BE3F098328A863447E2EBB726F3AB543F686CBD8BF8F9E780166758B495B7B75066E4B1987002422692D8A081C83
9820170623055539 2 6 100 3071 5 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB55165F8F67 9820171129073026 2 6 100 3071 5 FE72CDD6784FBAB0F7AA00E2F31A76435F8A02AC8B14A52C64CF4998EFEDADF9272FF9ADCF5AEDB6EEAE34A36C64833C8D63398A4906979A6B785139D9E7FE72FE8E3502B71B7780E8F4D74A520D3C8E5706EA428CCB746B673EC7472704203315FFDA7F3D5FCE56F6F441AA575B77748D6CB69DC1D7DB8531902CCB0E4D4817FBF4BCFE05120B60B7B99C62C578E6BDADE8E45B44DD67448F25F9118DA92DE375421E131781ED0895CACACB30C2D94D994B16215284CDE857A6C677C0E04A9B81E9D88076167EF3CB8041B65A1756850C2C667F2C6F5D6700F868A1518FD192B3C1915F19D119B2CF4588BD043ED3443982768B641FED8E2BF8E85BAC97A82808450DCCD35B5ED09E089AA04226A7710E20D5C00AED1CBAA176D93E1FEA308B4763F0FE9456E11F645A06D22A33EEA1931104605F280C7C5630548F3D35F6DBEDC8133FDC184F95D43B7D865EEF1E78A952BE3F098328A863447E2EBB726F3AB543F686CBD8BF8F9E780166758B495B7B75066E4B1987002422692D8A94313F
9920170623055716 2 6 100 3071 2 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB5516A5CA13 9920171129073736 2 6 100 3071 5 FE72CDD6784FBAB0F7AA00E2F31A76435F8A02AC8B14A52C64CF4998EFEDADF9272FF9ADCF5AEDB6EEAE34A36C64833C8D63398A4906979A6B785139D9E7FE72FE8E3502B71B7780E8F4D74A520D3C8E5706EA428CCB746B673EC7472704203315FFDA7F3D5FCE56F6F441AA575B77748D6CB69DC1D7DB8531902CCB0E4D4817FBF4BCFE05120B60B7B99C62C578E6BDADE8E45B44DD67448F25F9118DA92DE375421E131781ED0895CACACB30C2D94D994B16215284CDE857A6C677C0E04A9B81E9D88076167EF3CB8041B65A1756850C2C667F2C6F5D6700F868A1518FD192B3C1915F19D119B2CF4588BD043ED3443982768B641FED8E2BF8E85BAC97A82808450DCCD35B5ED09E089AA04226A7710E20D5C00AED1CBAA176D93E1FEA308B4763F0FE9456E11F645A06D22A33EEA1931104605F280C7C5630548F3D35F6DBEDC8133FDC184F95D43B7D865EEF1E78A952BE3F098328A863447E2EBB726F3AB543F686CBD8BF8F9E780166758B495B7B75066E4B1987002422692D8BBF2F57
10020170623055812 2 6 100 3071 2 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB5516C8A4A3 10020171129073811 2 6 100 3071 2 FE72CDD6784FBAB0F7AA00E2F31A76435F8A02AC8B14A52C64CF4998EFEDADF9272FF9ADCF5AEDB6EEAE34A36C64833C8D63398A4906979A6B785139D9E7FE72FE8E3502B71B7780E8F4D74A520D3C8E5706EA428CCB746B673EC7472704203315FFDA7F3D5FCE56F6F441AA575B77748D6CB69DC1D7DB8531902CCB0E4D4817FBF4BCFE05120B60B7B99C62C578E6BDADE8E45B44DD67448F25F9118DA92DE375421E131781ED0895CACACB30C2D94D994B16215284CDE857A6C677C0E04A9B81E9D88076167EF3CB8041B65A1756850C2C667F2C6F5D6700F868A1518FD192B3C1915F19D119B2CF4588BD043ED3443982768B641FED8E2BF8E85BAC97A82808450DCCD35B5ED09E089AA04226A7710E20D5C00AED1CBAA176D93E1FEA308B4763F0FE9456E11F645A06D22A33EEA1931104605F280C7C5630548F3D35F6DBEDC8133FDC184F95D43B7D865EEF1E78A952BE3F098328A863447E2EBB726F3AB543F686CBD8BF8F9E780166758B495B7B75066E4B1987002422692D8BD07FFB
10120170623055846 2 6 100 3071 2 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB5516DBF96B 10120171129074006 2 6 100 3071 5 FE72CDD6784FBAB0F7AA00E2F31A76435F8A02AC8B14A52C64CF4998EFEDADF9272FF9ADCF5AEDB6EEAE34A36C64833C8D63398A4906979A6B785139D9E7FE72FE8E3502B71B7780E8F4D74A520D3C8E5706EA428CCB746B673EC7472704203315FFDA7F3D5FCE56F6F441AA575B77748D6CB69DC1D7DB8531902CCB0E4D4817FBF4BCFE05120B60B7B99C62C578E6BDADE8E45B44DD67448F25F9118DA92DE375421E131781ED0895CACACB30C2D94D994B16215284CDE857A6C677C0E04A9B81E9D88076167EF3CB8041B65A1756850C2C667F2C6F5D6700F868A1518FD192B3C1915F19D119B2CF4588BD043ED3443982768B641FED8E2BF8E85BAC97A82808450DCCD35B5ED09E089AA04226A7710E20D5C00AED1CBAA176D93E1FEA308B4763F0FE9456E11F645A06D22A33EEA1931104605F280C7C5630548F3D35F6DBEDC8133FDC184F95D43B7D865EEF1E78A952BE3F098328A863447E2EBB726F3AB543F686CBD8BF8F9E780166758B495B7B75066E4B1987002422692D8C1A2AAF
10220170623060438 2 6 100 3071 2 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB5517E20F03 10220171129074244 2 6 100 3071 2 FE72CDD6784FBAB0F7AA00E2F31A76435F8A02AC8B14A52C64CF4998EFEDADF9272FF9ADCF5AEDB6EEAE34A36C64833C8D63398A4906979A6B785139D9E7FE72FE8E3502B71B7780E8F4D74A520D3C8E5706EA428CCB746B673EC7472704203315FFDA7F3D5FCE56F6F441AA575B77748D6CB69DC1D7DB8531902CCB0E4D4817FBF4BCFE05120B60B7B99C62C578E6BDADE8E45B44DD67448F25F9118DA92DE375421E131781ED0895CACACB30C2D94D994B16215284CDE857A6C677C0E04A9B81E9D88076167EF3CB8041B65A1756850C2C667F2C6F5D6700F868A1518FD192B3C1915F19D119B2CF4588BD043ED3443982768B641FED8E2BF8E85BAC97A82808450DCCD35B5ED09E089AA04226A7710E20D5C00AED1CBAA176D93E1FEA308B4763F0FE9456E11F645A06D22A33EEA1931104605F280C7C5630548F3D35F6DBEDC8133FDC184F95D43B7D865EEF1E78A952BE3F098328A863447E2EBB726F3AB543F686CBD8BF8F9E780166758B495B7B75066E4B1987002422692D8C85024B
10320170623060534 2 6 100 3071 5 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB551803F1D7 10320171129074339 2 6 100 3071 2 FE72CDD6784FBAB0F7AA00E2F31A76435F8A02AC8B14A52C64CF4998EFEDADF9272FF9ADCF5AEDB6EEAE34A36C64833C8D63398A4906979A6B785139D9E7FE72FE8E3502B71B7780E8F4D74A520D3C8E5706EA428CCB746B673EC7472704203315FFDA7F3D5FCE56F6F441AA575B77748D6CB69DC1D7DB8531902CCB0E4D4817FBF4BCFE05120B60B7B99C62C578E6BDADE8E45B44DD67448F25F9118DA92DE375421E131781ED0895CACACB30C2D94D994B16215284CDE857A6C677C0E04A9B81E9D88076167EF3CB8041B65A1756850C2C667F2C6F5D6700F868A1518FD192B3C1915F19D119B2CF4588BD043ED3443982768B641FED8E2BF8E85BAC97A82808450DCCD35B5ED09E089AA04226A7710E20D5C00AED1CBAA176D93E1FEA308B4763F0FE9456E11F645A06D22A33EEA1931104605F280C7C5630548F3D35F6DBEDC8133FDC184F95D43B7D865EEF1E78A952BE3F098328A863447E2EBB726F3AB543F686CBD8BF8F9E780166758B495B7B75066E4B1987002422692D8CA238BB
10420170623060551 2 6 100 3071 5 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB55180824C7 10420171129074739 2 6 100 3071 2 FE72CDD6784FBAB0F7AA00E2F31A76435F8A02AC8B14A52C64CF4998EFEDADF9272FF9ADCF5AEDB6EEAE34A36C64833C8D63398A4906979A6B785139D9E7FE72FE8E3502B71B7780E8F4D74A520D3C8E5706EA428CCB746B673EC7472704203315FFDA7F3D5FCE56F6F441AA575B77748D6CB69DC1D7DB8531902CCB0E4D4817FBF4BCFE05120B60B7B99C62C578E6BDADE8E45B44DD67448F25F9118DA92DE375421E131781ED0895CACACB30C2D94D994B16215284CDE857A6C677C0E04A9B81E9D88076167EF3CB8041B65A1756850C2C667F2C6F5D6700F868A1518FD192B3C1915F19D119B2CF4588BD043ED3443982768B641FED8E2BF8E85BAC97A82808450DCCD35B5ED09E089AA04226A7710E20D5C00AED1CBAA176D93E1FEA308B4763F0FE9456E11F645A06D22A33EEA1931104605F280C7C5630548F3D35F6DBEDC8133FDC184F95D43B7D865EEF1E78A952BE3F098328A863447E2EBB726F3AB543F686CBD8BF8F9E780166758B495B7B75066E4B1987002422692D8D485DB3
10520170623060759 2 6 100 3071 5 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB5518622977 10520171129074856 2 6 100 3071 2 FE72CDD6784FBAB0F7AA00E2F31A76435F8A02AC8B14A52C64CF4998EFEDADF9272FF9ADCF5AEDB6EEAE34A36C64833C8D63398A4906979A6B785139D9E7FE72FE8E3502B71B7780E8F4D74A520D3C8E5706EA428CCB746B673EC7472704203315FFDA7F3D5FCE56F6F441AA575B77748D6CB69DC1D7DB8531902CCB0E4D4817FBF4BCFE05120B60B7B99C62C578E6BDADE8E45B44DD67448F25F9118DA92DE375421E131781ED0895CACACB30C2D94D994B16215284CDE857A6C677C0E04A9B81E9D88076167EF3CB8041B65A1756850C2C667F2C6F5D6700F868A1518FD192B3C1915F19D119B2CF4588BD043ED3443982768B641FED8E2BF8E85BAC97A82808450DCCD35B5ED09E089AA04226A7710E20D5C00AED1CBAA176D93E1FEA308B4763F0FE9456E11F645A06D22A33EEA1931104605F280C7C5630548F3D35F6DBEDC8133FDC184F95D43B7D865EEF1E78A952BE3F098328A863447E2EBB726F3AB543F686CBD8BF8F9E780166758B495B7B75066E4B1987002422692D8D771FB3
10620170623061152 2 6 100 3071 5 E795DA675C82260F11D7C50B677AE8A8D94BF342724BB06FA0D426CE2E83E8971A1BE2AC59516488B25D561568B14DBBFFB5F33686D2952409B9C20FC19A13CB91C9176420F59F464DC198E254B87C765DC12B885CF1A463858C3CB0A918AF66C6A2CA06A48B4D5BDEB5A56B24C36BA330488DFCBDD499957E755CCE704F183CB4549441A7D761C22B7F7CB66BE50F0A6591F17778F51E73544B765E83A3C00BD3309F8CE1B135A3DD481DBE8C2CEE54E8DDF1351015E70D9012662E69F654A5A9F68C416167685A1695C8139BA1825287C98680945506D5AB750BEB68C6D2B430E7E4043D0A00DECDA77F81A2432929F530C5BC0CBBC011095D897BD81FB98792345F5372BA53E53F31FB09730C58E8FDA9F7C1EBA0AEA4FE50B2B5CE146043CB18BFB3A12F06ED1D3287242D3D59E85E0A5E243626525D3EAD946126B9F32590011EEA0EDD5E2025037D51940B3E1A45B614A23F48278977535E3773F0AA2A24413F4A397AC0881582E8832C7B140C0BA4818A55C8620FD2BEBB55190DD957 10620171129075003 2 6 100 3071 5 FE72CDD6784FBAB0F7AA00E2F31A76435F8A02AC8B14A52C64CF4998EFEDADF9272FF9ADCF5AEDB6EEAE34A36C64833C8D63398A4906979A6B785139D9E7FE72FE8E3502B71B7780E8F4D74A520D3C8E5706EA428CCB746B673EC7472704203315FFDA7F3D5FCE56F6F441AA575B77748D6CB69DC1D7DB8531902CCB0E4D4817FBF4BCFE05120B60B7B99C62C578E6BDADE8E45B44DD67448F25F9118DA92DE375421E131781ED0895CACACB30C2D94D994B16215284CDE857A6C677C0E04A9B81E9D88076167EF3CB8041B65A1756850C2C667F2C6F5D6700F868A1518FD192B3C1915F19D119B2CF4588BD043ED3443982768B641FED8E2BF8E85BAC97A82808450DCCD35B5ED09E089AA04226A7710E20D5C00AED1CBAA176D93E1FEA308B4763F0FE9456E11F645A06D22A33EEA1931104605F280C7C5630548F3D35F6DBEDC8133FDC184F95D43B7D865EEF1E78A952BE3F098328A863447E2EBB726F3AB543F686CBD8BF8F9E780166758B495B7B75066E4B1987002422692D8D9E294F
10720170623061950 2 6 100 3071 5 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21EBBB813F 10720171129075124 2 6 100 3071 2 FE72CDD6784FBAB0F7AA00E2F31A76435F8A02AC8B14A52C64CF4998EFEDADF9272FF9ADCF5AEDB6EEAE34A36C64833C8D63398A4906979A6B785139D9E7FE72FE8E3502B71B7780E8F4D74A520D3C8E5706EA428CCB746B673EC7472704203315FFDA7F3D5FCE56F6F441AA575B77748D6CB69DC1D7DB8531902CCB0E4D4817FBF4BCFE05120B60B7B99C62C578E6BDADE8E45B44DD67448F25F9118DA92DE375421E131781ED0895CACACB30C2D94D994B16215284CDE857A6C677C0E04A9B81E9D88076167EF3CB8041B65A1756850C2C667F2C6F5D6700F868A1518FD192B3C1915F19D119B2CF4588BD043ED3443982768B641FED8E2BF8E85BAC97A82808450DCCD35B5ED09E089AA04226A7710E20D5C00AED1CBAA176D93E1FEA308B4763F0FE9456E11F645A06D22A33EEA1931104605F280C7C5630548F3D35F6DBEDC8133FDC184F95D43B7D865EEF1E78A952BE3F098328A863447E2EBB726F3AB543F686CBD8BF8F9E780166758B495B7B75066E4B1987002422692D8DCE88FB
10820170623062054 2 6 100 3071 2 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21EBE73A63 10820171129080839 2 6 100 3071 2 FE72CDD6784FBAB0F7AA00E2F31A76435F8A02AC8B14A52C64CF4998EFEDADF9272FF9ADCF5AEDB6EEAE34A36C64833C8D63398A4906979A6B785139D9E7FE72FE8E3502B71B7780E8F4D74A520D3C8E5706EA428CCB746B673EC7472704203315FFDA7F3D5FCE56F6F441AA575B77748D6CB69DC1D7DB8531902CCB0E4D4817FBF4BCFE05120B60B7B99C62C578E6BDADE8E45B44DD67448F25F9118DA92DE375421E131781ED0895CACACB30C2D94D994B16215284CDE857A6C677C0E04A9B81E9D88076167EF3CB8041B65A1756850C2C667F2C6F5D6700F868A1518FD192B3C1915F19D119B2CF4588BD043ED3443982768B641FED8E2BF8E85BAC97A82808450DCCD35B5ED09E089AA04226A7710E20D5C00AED1CBAA176D93E1FEA308B4763F0FE9456E11F645A06D22A33EEA1931104605F280C7C5630548F3D35F6DBEDC8133FDC184F95D43B7D865EEF1E78A952BE3F098328A863447E2EBB726F3AB543F686CBD8BF8F9E780166758B495B7B75066E4B1987002422692D90AB02AB
10920170623062250 2 6 100 3071 2 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21EC3B7BBB 10920171129080910 2 6 100 3071 5 FE72CDD6784FBAB0F7AA00E2F31A76435F8A02AC8B14A52C64CF4998EFEDADF9272FF9ADCF5AEDB6EEAE34A36C64833C8D63398A4906979A6B785139D9E7FE72FE8E3502B71B7780E8F4D74A520D3C8E5706EA428CCB746B673EC7472704203315FFDA7F3D5FCE56F6F441AA575B77748D6CB69DC1D7DB8531902CCB0E4D4817FBF4BCFE05120B60B7B99C62C578E6BDADE8E45B44DD67448F25F9118DA92DE375421E131781ED0895CACACB30C2D94D994B16215284CDE857A6C677C0E04A9B81E9D88076167EF3CB8041B65A1756850C2C667F2C6F5D6700F868A1518FD192B3C1915F19D119B2CF4588BD043ED3443982768B641FED8E2BF8E85BAC97A82808450DCCD35B5ED09E089AA04226A7710E20D5C00AED1CBAA176D93E1FEA308B4763F0FE9456E11F645A06D22A33EEA1931104605F280C7C5630548F3D35F6DBEDC8133FDC184F95D43B7D865EEF1E78A952BE3F098328A863447E2EBB726F3AB543F686CBD8BF8F9E780166758B495B7B75066E4B1987002422692D90B81087
11020170623062850 2 6 100 3071 5 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21ED5538D7 11020171129081213 2 6 100 3071 2 FE72CDD6784FBAB0F7AA00E2F31A76435F8A02AC8B14A52C64CF4998EFEDADF9272FF9ADCF5AEDB6EEAE34A36C64833C8D63398A4906979A6B785139D9E7FE72FE8E3502B71B7780E8F4D74A520D3C8E5706EA428CCB746B673EC7472704203315FFDA7F3D5FCE56F6F441AA575B77748D6CB69DC1D7DB8531902CCB0E4D4817FBF4BCFE05120B60B7B99C62C578E6BDADE8E45B44DD67448F25F9118DA92DE375421E131781ED0895CACACB30C2D94D994B16215284CDE857A6C677C0E04A9B81E9D88076167EF3CB8041B65A1756850C2C667F2C6F5D6700F868A1518FD192B3C1915F19D119B2CF4588BD043ED3443982768B641FED8E2BF8E85BAC97A82808450DCCD35B5ED09E089AA04226A7710E20D5C00AED1CBAA176D93E1FEA308B4763F0FE9456E11F645A06D22A33EEA1931104605F280C7C5630548F3D35F6DBEDC8133FDC184F95D43B7D865EEF1E78A952BE3F098328A863447E2EBB726F3AB543F686CBD8BF8F9E780166758B495B7B75066E4B1987002422692D91332803
11120170623063051 2 6 100 3071 5 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21EDADBD87 11120171129081802 2 6 100 3071 2 FE72CDD6784FBAB0F7AA00E2F31A76435F8A02AC8B14A52C64CF4998EFEDADF9272FF9ADCF5AEDB6EEAE34A36C64833C8D63398A4906979A6B785139D9E7FE72FE8E3502B71B7780E8F4D74A520D3C8E5706EA428CCB746B673EC7472704203315FFDA7F3D5FCE56F6F441AA575B77748D6CB69DC1D7DB8531902CCB0E4D4817FBF4BCFE05120B60B7B99C62C578E6BDADE8E45B44DD67448F25F9118DA92DE375421E131781ED0895CACACB30C2D94D994B16215284CDE857A6C677C0E04A9B81E9D88076167EF3CB8041B65A1756850C2C667F2C6F5D6700F868A1518FD192B3C1915F19D119B2CF4588BD043ED3443982768B641FED8E2BF8E85BAC97A82808450DCCD35B5ED09E089AA04226A7710E20D5C00AED1CBAA176D93E1FEA308B4763F0FE9456E11F645A06D22A33EEA1931104605F280C7C5630548F3D35F6DBEDC8133FDC184F95D43B7D865EEF1E78A952BE3F098328A863447E2EBB726F3AB543F686CBD8BF8F9E780166758B495B7B75066E4B1987002422692D9223D76B
11220170623063106 2 6 100 3071 5 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21EDB14127 11220171129082038 2 6 100 3071 5 FE72CDD6784FBAB0F7AA00E2F31A76435F8A02AC8B14A52C64CF4998EFEDADF9272FF9ADCF5AEDB6EEAE34A36C64833C8D63398A4906979A6B785139D9E7FE72FE8E3502B71B7780E8F4D74A520D3C8E5706EA428CCB746B673EC7472704203315FFDA7F3D5FCE56F6F441AA575B77748D6CB69DC1D7DB8531902CCB0E4D4817FBF4BCFE05120B60B7B99C62C578E6BDADE8E45B44DD67448F25F9118DA92DE375421E131781ED0895CACACB30C2D94D994B16215284CDE857A6C677C0E04A9B81E9D88076167EF3CB8041B65A1756850C2C667F2C6F5D6700F868A1518FD192B3C1915F19D119B2CF4588BD043ED3443982768B641FED8E2BF8E85BAC97A82808450DCCD35B5ED09E089AA04226A7710E20D5C00AED1CBAA176D93E1FEA308B4763F0FE9456E11F645A06D22A33EEA1931104605F280C7C5630548F3D35F6DBEDC8133FDC184F95D43B7D865EEF1E78A952BE3F098328A863447E2EBB726F3AB543F686CBD8BF8F9E780166758B495B7B75066E4B1987002422692D928D0B97
11320170623063228 2 6 100 3071 2 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21EDEBD58B 11320171129082101 2 6 100 3071 5 FE72CDD6784FBAB0F7AA00E2F31A76435F8A02AC8B14A52C64CF4998EFEDADF9272FF9ADCF5AEDB6EEAE34A36C64833C8D63398A4906979A6B785139D9E7FE72FE8E3502B71B7780E8F4D74A520D3C8E5706EA428CCB746B673EC7472704203315FFDA7F3D5FCE56F6F441AA575B77748D6CB69DC1D7DB8531902CCB0E4D4817FBF4BCFE05120B60B7B99C62C578E6BDADE8E45B44DD67448F25F9118DA92DE375421E131781ED0895CACACB30C2D94D994B16215284CDE857A6C677C0E04A9B81E9D88076167EF3CB8041B65A1756850C2C667F2C6F5D6700F868A1518FD192B3C1915F19D119B2CF4588BD043ED3443982768B641FED8E2BF8E85BAC97A82808450DCCD35B5ED09E089AA04226A7710E20D5C00AED1CBAA176D93E1FEA308B4763F0FE9456E11F645A06D22A33EEA1931104605F280C7C5630548F3D35F6DBEDC8133FDC184F95D43B7D865EEF1E78A952BE3F098328A863447E2EBB726F3AB543F686CBD8BF8F9E780166758B495B7B75066E4B1987002422692D92957057
11420170623063242 2 6 100 3071 2 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21EDEE14B3 11420171129082300 2 6 100 3071 2 FE72CDD6784FBAB0F7AA00E2F31A76435F8A02AC8B14A52C64CF4998EFEDADF9272FF9ADCF5AEDB6EEAE34A36C64833C8D63398A4906979A6B785139D9E7FE72FE8E3502B71B7780E8F4D74A520D3C8E5706EA428CCB746B673EC7472704203315FFDA7F3D5FCE56F6F441AA575B77748D6CB69DC1D7DB8531902CCB0E4D4817FBF4BCFE05120B60B7B99C62C578E6BDADE8E45B44DD67448F25F9118DA92DE375421E131781ED0895CACACB30C2D94D994B16215284CDE857A6C677C0E04A9B81E9D88076167EF3CB8041B65A1756850C2C667F2C6F5D6700F868A1518FD192B3C1915F19D119B2CF4588BD043ED3443982768B641FED8E2BF8E85BAC97A82808450DCCD35B5ED09E089AA04226A7710E20D5C00AED1CBAA176D93E1FEA308B4763F0FE9456E11F645A06D22A33EEA1931104605F280C7C5630548F3D35F6DBEDC8133FDC184F95D43B7D865EEF1E78A952BE3F098328A863447E2EBB726F3AB543F686CBD8BF8F9E780166758B495B7B75066E4B1987002422692D92DF3C23
11520170623063301 2 6 100 3071 5 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21EDF542E7 11520171129082841 2 6 100 3071 2 FE72CDD6784FBAB0F7AA00E2F31A76435F8A02AC8B14A52C64CF4998EFEDADF9272FF9ADCF5AEDB6EEAE34A36C64833C8D63398A4906979A6B785139D9E7FE72FE8E3502B71B7780E8F4D74A520D3C8E5706EA428CCB746B673EC7472704203315FFDA7F3D5FCE56F6F441AA575B77748D6CB69DC1D7DB8531902CCB0E4D4817FBF4BCFE05120B60B7B99C62C578E6BDADE8E45B44DD67448F25F9118DA92DE375421E131781ED0895CACACB30C2D94D994B16215284CDE857A6C677C0E04A9B81E9D88076167EF3CB8041B65A1756850C2C667F2C6F5D6700F868A1518FD192B3C1915F19D119B2CF4588BD043ED3443982768B641FED8E2BF8E85BAC97A82808450DCCD35B5ED09E089AA04226A7710E20D5C00AED1CBAA176D93E1FEA308B4763F0FE9456E11F645A06D22A33EEA1931104605F280C7C5630548F3D35F6DBEDC8133FDC184F95D43B7D865EEF1E78A952BE3F098328A863447E2EBB726F3AB543F686CBD8BF8F9E780166758B495B7B75066E4B1987002422692D93CA39BB
11620170623063538 2 6 100 3071 2 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21EE64F8A3 11620171129083100 2 6 100 3071 2 FE72CDD6784FBAB0F7AA00E2F31A76435F8A02AC8B14A52C64CF4998EFEDADF9272FF9ADCF5AEDB6EEAE34A36C64833C8D63398A4906979A6B785139D9E7FE72FE8E3502B71B7780E8F4D74A520D3C8E5706EA428CCB746B673EC7472704203315FFDA7F3D5FCE56F6F441AA575B77748D6CB69DC1D7DB8531902CCB0E4D4817FBF4BCFE05120B60B7B99C62C578E6BDADE8E45B44DD67448F25F9118DA92DE375421E131781ED0895CACACB30C2D94D994B16215284CDE857A6C677C0E04A9B81E9D88076167EF3CB8041B65A1756850C2C667F2C6F5D6700F868A1518FD192B3C1915F19D119B2CF4588BD043ED3443982768B641FED8E2BF8E85BAC97A82808450DCCD35B5ED09E089AA04226A7710E20D5C00AED1CBAA176D93E1FEA308B4763F0FE9456E11F645A06D22A33EEA1931104605F280C7C5630548F3D35F6DBEDC8133FDC184F95D43B7D865EEF1E78A952BE3F098328A863447E2EBB726F3AB543F686CBD8BF8F9E780166758B495B7B75066E4B1987002422692D94254653
11720170623063759 2 6 100 3071 5 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21EEC9D597 11720171129083144 2 6 100 3071 5 FE72CDD6784FBAB0F7AA00E2F31A76435F8A02AC8B14A52C64CF4998EFEDADF9272FF9ADCF5AEDB6EEAE34A36C64833C8D63398A4906979A6B785139D9E7FE72FE8E3502B71B7780E8F4D74A520D3C8E5706EA428CCB746B673EC7472704203315FFDA7F3D5FCE56F6F441AA575B77748D6CB69DC1D7DB8531902CCB0E4D4817FBF4BCFE05120B60B7B99C62C578E6BDADE8E45B44DD67448F25F9118DA92DE375421E131781ED0895CACACB30C2D94D994B16215284CDE857A6C677C0E04A9B81E9D88076167EF3CB8041B65A1756850C2C667F2C6F5D6700F868A1518FD192B3C1915F19D119B2CF4588BD043ED3443982768B641FED8E2BF8E85BAC97A82808450DCCD35B5ED09E089AA04226A7710E20D5C00AED1CBAA176D93E1FEA308B4763F0FE9456E11F645A06D22A33EEA1931104605F280C7C5630548F3D35F6DBEDC8133FDC184F95D43B7D865EEF1E78A952BE3F098328A863447E2EBB726F3AB543F686CBD8BF8F9E780166758B495B7B75066E4B1987002422692D943C67CF
11820170623064815 2 6 100 3071 5 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21F0A8EB1F 11820171129083314 2 6 100 3071 5 FE72CDD6784FBAB0F7AA00E2F31A76435F8A02AC8B14A52C64CF4998EFEDADF9272FF9ADCF5AEDB6EEAE34A36C64833C8D63398A4906979A6B785139D9E7FE72FE8E3502B71B7780E8F4D74A520D3C8E5706EA428CCB746B673EC7472704203315FFDA7F3D5FCE56F6F441AA575B77748D6CB69DC1D7DB8531902CCB0E4D4817FBF4BCFE05120B60B7B99C62C578E6BDADE8E45B44DD67448F25F9118DA92DE375421E131781ED0895CACACB30C2D94D994B16215284CDE857A6C677C0E04A9B81E9D88076167EF3CB8041B65A1756850C2C667F2C6F5D6700F868A1518FD192B3C1915F19D119B2CF4588BD043ED3443982768B641FED8E2BF8E85BAC97A82808450DCCD35B5ED09E089AA04226A7710E20D5C00AED1CBAA176D93E1FEA308B4763F0FE9456E11F645A06D22A33EEA1931104605F280C7C5630548F3D35F6DBEDC8133FDC184F95D43B7D865EEF1E78A952BE3F098328A863447E2EBB726F3AB543F686CBD8BF8F9E780166758B495B7B75066E4B1987002422692D9472895F
11920170623065609 2 6 100 3071 5 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21F21F5CB7 11920171129083902 2 6 100 3071 2 FE72CDD6784FBAB0F7AA00E2F31A76435F8A02AC8B14A52C64CF4998EFEDADF9272FF9ADCF5AEDB6EEAE34A36C64833C8D63398A4906979A6B785139D9E7FE72FE8E3502B71B7780E8F4D74A520D3C8E5706EA428CCB746B673EC7472704203315FFDA7F3D5FCE56F6F441AA575B77748D6CB69DC1D7DB8531902CCB0E4D4817FBF4BCFE05120B60B7B99C62C578E6BDADE8E45B44DD67448F25F9118DA92DE375421E131781ED0895CACACB30C2D94D994B16215284CDE857A6C677C0E04A9B81E9D88076167EF3CB8041B65A1756850C2C667F2C6F5D6700F868A1518FD192B3C1915F19D119B2CF4588BD043ED3443982768B641FED8E2BF8E85BAC97A82808450DCCD35B5ED09E089AA04226A7710E20D5C00AED1CBAA176D93E1FEA308B4763F0FE9456E11F645A06D22A33EEA1931104605F280C7C5630548F3D35F6DBEDC8133FDC184F95D43B7D865EEF1E78A952BE3F098328A863447E2EBB726F3AB543F686CBD8BF8F9E780166758B495B7B75066E4B1987002422692D955FDEA3
12020170623070150 2 6 100 3071 2 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21F32604CB 12020171129084024 2 6 100 3071 2 FE72CDD6784FBAB0F7AA00E2F31A76435F8A02AC8B14A52C64CF4998EFEDADF9272FF9ADCF5AEDB6EEAE34A36C64833C8D63398A4906979A6B785139D9E7FE72FE8E3502B71B7780E8F4D74A520D3C8E5706EA428CCB746B673EC7472704203315FFDA7F3D5FCE56F6F441AA575B77748D6CB69DC1D7DB8531902CCB0E4D4817FBF4BCFE05120B60B7B99C62C578E6BDADE8E45B44DD67448F25F9118DA92DE375421E131781ED0895CACACB30C2D94D994B16215284CDE857A6C677C0E04A9B81E9D88076167EF3CB8041B65A1756850C2C667F2C6F5D6700F868A1518FD192B3C1915F19D119B2CF4588BD043ED3443982768B641FED8E2BF8E85BAC97A82808450DCCD35B5ED09E089AA04226A7710E20D5C00AED1CBAA176D93E1FEA308B4763F0FE9456E11F645A06D22A33EEA1931104605F280C7C5630548F3D35F6DBEDC8133FDC184F95D43B7D865EEF1E78A952BE3F098328A863447E2EBB726F3AB543F686CBD8BF8F9E780166758B495B7B75066E4B1987002422692D9591B8D3
12120170623070933 2 6 100 3071 2 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21F48C5ED3 12120171129084309 2 6 100 3071 5 FE72CDD6784FBAB0F7AA00E2F31A76435F8A02AC8B14A52C64CF4998EFEDADF9272FF9ADCF5AEDB6EEAE34A36C64833C8D63398A4906979A6B785139D9E7FE72FE8E3502B71B7780E8F4D74A520D3C8E5706EA428CCB746B673EC7472704203315FFDA7F3D5FCE56F6F441AA575B77748D6CB69DC1D7DB8531902CCB0E4D4817FBF4BCFE05120B60B7B99C62C578E6BDADE8E45B44DD67448F25F9118DA92DE375421E131781ED0895CACACB30C2D94D994B16215284CDE857A6C677C0E04A9B81E9D88076167EF3CB8041B65A1756850C2C667F2C6F5D6700F868A1518FD192B3C1915F19D119B2CF4588BD043ED3443982768B641FED8E2BF8E85BAC97A82808450DCCD35B5ED09E089AA04226A7710E20D5C00AED1CBAA176D93E1FEA308B4763F0FE9456E11F645A06D22A33EEA1931104605F280C7C5630548F3D35F6DBEDC8133FDC184F95D43B7D865EEF1E78A952BE3F098328A863447E2EBB726F3AB543F686CBD8BF8F9E780166758B495B7B75066E4B1987002422692D96010007
12220170623071215 2 6 100 3071 2 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21F5044ECB 12220171129084528 2 6 100 3071 2 FE72CDD6784FBAB0F7AA00E2F31A76435F8A02AC8B14A52C64CF4998EFEDADF9272FF9ADCF5AEDB6EEAE34A36C64833C8D63398A4906979A6B785139D9E7FE72FE8E3502B71B7780E8F4D74A520D3C8E5706EA428CCB746B673EC7472704203315FFDA7F3D5FCE56F6F441AA575B77748D6CB69DC1D7DB8531902CCB0E4D4817FBF4BCFE05120B60B7B99C62C578E6BDADE8E45B44DD67448F25F9118DA92DE375421E131781ED0895CACACB30C2D94D994B16215284CDE857A6C677C0E04A9B81E9D88076167EF3CB8041B65A1756850C2C667F2C6F5D6700F868A1518FD192B3C1915F19D119B2CF4588BD043ED3443982768B641FED8E2BF8E85BAC97A82808450DCCD35B5ED09E089AA04226A7710E20D5C00AED1CBAA176D93E1FEA308B4763F0FE9456E11F645A06D22A33EEA1931104605F280C7C5630548F3D35F6DBEDC8133FDC184F95D43B7D865EEF1E78A952BE3F098328A863447E2EBB726F3AB543F686CBD8BF8F9E780166758B495B7B75066E4B1987002422692D9659DC3B
12320170623071504 2 6 100 3071 2 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21F5815613 12320171129084819 2 6 100 3071 2 FE72CDD6784FBAB0F7AA00E2F31A76435F8A02AC8B14A52C64CF4998EFEDADF9272FF9ADCF5AEDB6EEAE34A36C64833C8D63398A4906979A6B785139D9E7FE72FE8E3502B71B7780E8F4D74A520D3C8E5706EA428CCB746B673EC7472704203315FFDA7F3D5FCE56F6F441AA575B77748D6CB69DC1D7DB8531902CCB0E4D4817FBF4BCFE05120B60B7B99C62C578E6BDADE8E45B44DD67448F25F9118DA92DE375421E131781ED0895CACACB30C2D94D994B16215284CDE857A6C677C0E04A9B81E9D88076167EF3CB8041B65A1756850C2C667F2C6F5D6700F868A1518FD192B3C1915F19D119B2CF4588BD043ED3443982768B641FED8E2BF8E85BAC97A82808450DCCD35B5ED09E089AA04226A7710E20D5C00AED1CBAA176D93E1FEA308B4763F0FE9456E11F645A06D22A33EEA1931104605F280C7C5630548F3D35F6DBEDC8133FDC184F95D43B7D865EEF1E78A952BE3F098328A863447E2EBB726F3AB543F686CBD8BF8F9E780166758B495B7B75066E4B1987002422692D96CA1933
12420170623071625 2 6 100 3071 2 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21F5B8F8AB 12420171129084937 2 6 100 3071 5 FE72CDD6784FBAB0F7AA00E2F31A76435F8A02AC8B14A52C64CF4998EFEDADF9272FF9ADCF5AEDB6EEAE34A36C64833C8D63398A4906979A6B785139D9E7FE72FE8E3502B71B7780E8F4D74A520D3C8E5706EA428CCB746B673EC7472704203315FFDA7F3D5FCE56F6F441AA575B77748D6CB69DC1D7DB8531902CCB0E4D4817FBF4BCFE05120B60B7B99C62C578E6BDADE8E45B44DD67448F25F9118DA92DE375421E131781ED0895CACACB30C2D94D994B16215284CDE857A6C677C0E04A9B81E9D88076167EF3CB8041B65A1756850C2C667F2C6F5D6700F868A1518FD192B3C1915F19D119B2CF4588BD043ED3443982768B641FED8E2BF8E85BAC97A82808450DCCD35B5ED09E089AA04226A7710E20D5C00AED1CBAA176D93E1FEA308B4763F0FE9456E11F645A06D22A33EEA1931104605F280C7C5630548F3D35F6DBEDC8133FDC184F95D43B7D865EEF1E78A952BE3F098328A863447E2EBB726F3AB543F686CBD8BF8F9E780166758B495B7B75066E4B1987002422692D96F8F0FF
12520170623071723 2 6 100 3071 2 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21F5DE3F7B 12520171129085037 2 6 100 3071 5 FE72CDD6784FBAB0F7AA00E2F31A76435F8A02AC8B14A52C64CF4998EFEDADF9272FF9ADCF5AEDB6EEAE34A36C64833C8D63398A4906979A6B785139D9E7FE72FE8E3502B71B7780E8F4D74A520D3C8E5706EA428CCB746B673EC7472704203315FFDA7F3D5FCE56F6F441AA575B77748D6CB69DC1D7DB8531902CCB0E4D4817FBF4BCFE05120B60B7B99C62C578E6BDADE8E45B44DD67448F25F9118DA92DE375421E131781ED0895CACACB30C2D94D994B16215284CDE857A6C677C0E04A9B81E9D88076167EF3CB8041B65A1756850C2C667F2C6F5D6700F868A1518FD192B3C1915F19D119B2CF4588BD043ED3443982768B641FED8E2BF8E85BAC97A82808450DCCD35B5ED09E089AA04226A7710E20D5C00AED1CBAA176D93E1FEA308B4763F0FE9456E11F645A06D22A33EEA1931104605F280C7C5630548F3D35F6DBEDC8133FDC184F95D43B7D865EEF1E78A952BE3F098328A863447E2EBB726F3AB543F686CBD8BF8F9E780166758B495B7B75066E4B1987002422692D971A1D57
12620170623071945 2 6 100 3071 2 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21F645009B 12620171129085105 2 6 100 3071 2 FE72CDD6784FBAB0F7AA00E2F31A76435F8A02AC8B14A52C64CF4998EFEDADF9272FF9ADCF5AEDB6EEAE34A36C64833C8D63398A4906979A6B785139D9E7FE72FE8E3502B71B7780E8F4D74A520D3C8E5706EA428CCB746B673EC7472704203315FFDA7F3D5FCE56F6F441AA575B77748D6CB69DC1D7DB8531902CCB0E4D4817FBF4BCFE05120B60B7B99C62C578E6BDADE8E45B44DD67448F25F9118DA92DE375421E131781ED0895CACACB30C2D94D994B16215284CDE857A6C677C0E04A9B81E9D88076167EF3CB8041B65A1756850C2C667F2C6F5D6700F868A1518FD192B3C1915F19D119B2CF4588BD043ED3443982768B641FED8E2BF8E85BAC97A82808450DCCD35B5ED09E089AA04226A7710E20D5C00AED1CBAA176D93E1FEA308B4763F0FE9456E11F645A06D22A33EEA1931104605F280C7C5630548F3D35F6DBEDC8133FDC184F95D43B7D865EEF1E78A952BE3F098328A863447E2EBB726F3AB543F686CBD8BF8F9E780166758B495B7B75066E4B1987002422692D97264D63
12720170623072445 2 6 100 3071 5 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21F721A837 12720171129085212 2 6 100 3071 5 FE72CDD6784FBAB0F7AA00E2F31A76435F8A02AC8B14A52C64CF4998EFEDADF9272FF9ADCF5AEDB6EEAE34A36C64833C8D63398A4906979A6B785139D9E7FE72FE8E3502B71B7780E8F4D74A520D3C8E5706EA428CCB746B673EC7472704203315FFDA7F3D5FCE56F6F441AA575B77748D6CB69DC1D7DB8531902CCB0E4D4817FBF4BCFE05120B60B7B99C62C578E6BDADE8E45B44DD67448F25F9118DA92DE375421E131781ED0895CACACB30C2D94D994B16215284CDE857A6C677C0E04A9B81E9D88076167EF3CB8041B65A1756850C2C667F2C6F5D6700F868A1518FD192B3C1915F19D119B2CF4588BD043ED3443982768B641FED8E2BF8E85BAC97A82808450DCCD35B5ED09E089AA04226A7710E20D5C00AED1CBAA176D93E1FEA308B4763F0FE9456E11F645A06D22A33EEA1931104605F280C7C5630548F3D35F6DBEDC8133FDC184F95D43B7D865EEF1E78A952BE3F098328A863447E2EBB726F3AB543F686CBD8BF8F9E780166758B495B7B75066E4B1987002422692D974AC317
12820170623072516 2 6 100 3071 5 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21F731AF17 12820171129085529 2 6 100 3071 2 FE72CDD6784FBAB0F7AA00E2F31A76435F8A02AC8B14A52C64CF4998EFEDADF9272FF9ADCF5AEDB6EEAE34A36C64833C8D63398A4906979A6B785139D9E7FE72FE8E3502B71B7780E8F4D74A520D3C8E5706EA428CCB746B673EC7472704203315FFDA7F3D5FCE56F6F441AA575B77748D6CB69DC1D7DB8531902CCB0E4D4817FBF4BCFE05120B60B7B99C62C578E6BDADE8E45B44DD67448F25F9118DA92DE375421E131781ED0895CACACB30C2D94D994B16215284CDE857A6C677C0E04A9B81E9D88076167EF3CB8041B65A1756850C2C667F2C6F5D6700F868A1518FD192B3C1915F19D119B2CF4588BD043ED3443982768B641FED8E2BF8E85BAC97A82808450DCCD35B5ED09E089AA04226A7710E20D5C00AED1CBAA176D93E1FEA308B4763F0FE9456E11F645A06D22A33EEA1931104605F280C7C5630548F3D35F6DBEDC8133FDC184F95D43B7D865EEF1E78A952BE3F098328A863447E2EBB726F3AB543F686CBD8BF8F9E780166758B495B7B75066E4B1987002422692D97CB27FB
12920170623073343 2 6 100 3071 5 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21F8B6F58F 12920171129085643 2 6 100 3071 5 FE72CDD6784FBAB0F7AA00E2F31A76435F8A02AC8B14A52C64CF4998EFEDADF9272FF9ADCF5AEDB6EEAE34A36C64833C8D63398A4906979A6B785139D9E7FE72FE8E3502B71B7780E8F4D74A520D3C8E5706EA428CCB746B673EC7472704203315FFDA7F3D5FCE56F6F441AA575B77748D6CB69DC1D7DB8531902CCB0E4D4817FBF4BCFE05120B60B7B99C62C578E6BDADE8E45B44DD67448F25F9118DA92DE375421E131781ED0895CACACB30C2D94D994B16215284CDE857A6C677C0E04A9B81E9D88076167EF3CB8041B65A1756850C2C667F2C6F5D6700F868A1518FD192B3C1915F19D119B2CF4588BD043ED3443982768B641FED8E2BF8E85BAC97A82808450DCCD35B5ED09E089AA04226A7710E20D5C00AED1CBAA176D93E1FEA308B4763F0FE9456E11F645A06D22A33EEA1931104605F280C7C5630548F3D35F6DBEDC8133FDC184F95D43B7D865EEF1E78A952BE3F098328A863447E2EBB726F3AB543F686CBD8BF8F9E780166758B495B7B75066E4B1987002422692D97F5D31F
13020170623073442 2 6 100 3071 5 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21F8DA7A47 13020171129085754 2 6 100 3071 5 FE72CDD6784FBAB0F7AA00E2F31A76435F8A02AC8B14A52C64CF4998EFEDADF9272FF9ADCF5AEDB6EEAE34A36C64833C8D63398A4906979A6B785139D9E7FE72FE8E3502B71B7780E8F4D74A520D3C8E5706EA428CCB746B673EC7472704203315FFDA7F3D5FCE56F6F441AA575B77748D6CB69DC1D7DB8531902CCB0E4D4817FBF4BCFE05120B60B7B99C62C578E6BDADE8E45B44DD67448F25F9118DA92DE375421E131781ED0895CACACB30C2D94D994B16215284CDE857A6C677C0E04A9B81E9D88076167EF3CB8041B65A1756850C2C667F2C6F5D6700F868A1518FD192B3C1915F19D119B2CF4588BD043ED3443982768B641FED8E2BF8E85BAC97A82808450DCCD35B5ED09E089AA04226A7710E20D5C00AED1CBAA176D93E1FEA308B4763F0FE9456E11F645A06D22A33EEA1931104605F280C7C5630548F3D35F6DBEDC8133FDC184F95D43B7D865EEF1E78A952BE3F098328A863447E2EBB726F3AB543F686CBD8BF8F9E780166758B495B7B75066E4B1987002422692D981F137F
13120170623073826 2 6 100 3071 2 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21F983F783 13120171129085925 2 6 100 3071 5 E5B2496BAE5BB80230B69F3FCDC4E4D64BEFCD390B3D2F4A774F3ED4CBDB333B81930CBAF737164C13615CC0BE2EC320E34B8312ADCAA5D9644C0F054DD446C6299262BC184374B516DE3613628A8FB2606ECBCCE08BEE2ABE5D4B7B4CED22910635B723FFDC9381C8F87D0A471F935B62AF4CBEA3C329DF758BEE99F07C33AD6499CDCDDD64E3105F689C831D566296C978F27F0DB2F44389D9E0256790A0E4976FE38192C4BCB20FAF5853ED8AB04B16FFA478AB5945A3E98B12D014509039AB2F05629C48CA9E2272F71AE6AF07E7FBD92CD944A656731FB783E8EB38DF15630CA074D8CB41ECE91AA8A0D756690813C1DDFBE58CCCE7A50F4C83479C85B11908F80768F76F2FB8870B70F498F3235A044A80F32CE9AA9C613CD611D8CDD3CFD3F6A033F1764CD3029AD5435525D8BDD1B45100D61986BF8DBD8290AEC82FE15DBBBF00850AE58137383EEAFF9C9EDEDF8CCD42840E5D57C006F37AA3493FBA1E1719C7BDFC5EE22275A4D0415FD0DAB28E5CD6062755797851948CD513EF
13220170623074239 2 6 100 3071 5 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21FA40B7CF 13220171129090650 2 6 100 3071 5 E5B2496BAE5BB80230B69F3FCDC4E4D64BEFCD390B3D2F4A774F3ED4CBDB333B81930CBAF737164C13615CC0BE2EC320E34B8312ADCAA5D9644C0F054DD446C6299262BC184374B516DE3613628A8FB2606ECBCCE08BEE2ABE5D4B7B4CED22910635B723FFDC9381C8F87D0A471F935B62AF4CBEA3C329DF758BEE99F07C33AD6499CDCDDD64E3105F689C831D566296C978F27F0DB2F44389D9E0256790A0E4976FE38192C4BCB20FAF5853ED8AB04B16FFA478AB5945A3E98B12D014509039AB2F05629C48CA9E2272F71AE6AF07E7FBD92CD944A656731FB783E8EB38DF15630CA074D8CB41ECE91AA8A0D756690813C1DDFBE58CCCE7A50F4C83479C85B11908F80768F76F2FB8870B70F498F3235A044A80F32CE9AA9C613CD611D8CDD3CFD3F6A033F1764CD3029AD5435525D8BDD1B45100D61986BF8DBD8290AEC82FE15DBBBF00850AE58137383EEAFF9C9EDEDF8CCD42840E5D57C006F37AA3493FBA1E1719C7BDFC5EE22275A4D0415FD0DAB28E5CD6062755797851948E0DB457
13320170623074307 2 6 100 3071 2 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21FA4F193B 13320171129090703 2 6 100 3071 2 E5B2496BAE5BB80230B69F3FCDC4E4D64BEFCD390B3D2F4A774F3ED4CBDB333B81930CBAF737164C13615CC0BE2EC320E34B8312ADCAA5D9644C0F054DD446C6299262BC184374B516DE3613628A8FB2606ECBCCE08BEE2ABE5D4B7B4CED22910635B723FFDC9381C8F87D0A471F935B62AF4CBEA3C329DF758BEE99F07C33AD6499CDCDDD64E3105F689C831D566296C978F27F0DB2F44389D9E0256790A0E4976FE38192C4BCB20FAF5853ED8AB04B16FFA478AB5945A3E98B12D014509039AB2F05629C48CA9E2272F71AE6AF07E7FBD92CD944A656731FB783E8EB38DF15630CA074D8CB41ECE91AA8A0D756690813C1DDFBE58CCCE7A50F4C83479C85B11908F80768F76F2FB8870B70F498F3235A044A80F32CE9AA9C613CD611D8CDD3CFD3F6A033F1764CD3029AD5435525D8BDD1B45100D61986BF8DBD8290AEC82FE15DBBBF00850AE58137383EEAFF9C9EDEDF8CCD42840E5D57C006F37AA3493FBA1E1719C7BDFC5EE22275A4D0415FD0DAB28E5CD6062755797851948E0E411B
13420170623074345 2 6 100 3071 2 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21FA61D323 13420171129091339 2 6 100 3071 2 E5B2496BAE5BB80230B69F3FCDC4E4D64BEFCD390B3D2F4A774F3ED4CBDB333B81930CBAF737164C13615CC0BE2EC320E34B8312ADCAA5D9644C0F054DD446C6299262BC184374B516DE3613628A8FB2606ECBCCE08BEE2ABE5D4B7B4CED22910635B723FFDC9381C8F87D0A471F935B62AF4CBEA3C329DF758BEE99F07C33AD6499CDCDDD64E3105F689C831D566296C978F27F0DB2F44389D9E0256790A0E4976FE38192C4BCB20FAF5853ED8AB04B16FFA478AB5945A3E98B12D014509039AB2F05629C48CA9E2272F71AE6AF07E7FBD92CD944A656731FB783E8EB38DF15630CA074D8CB41ECE91AA8A0D756690813C1DDFBE58CCCE7A50F4C83479C85B11908F80768F76F2FB8870B70F498F3235A044A80F32CE9AA9C613CD611D8CDD3CFD3F6A033F1764CD3029AD5435525D8BDD1B45100D61986BF8DBD8290AEC82FE15DBBBF00850AE58137383EEAFF9C9EDEDF8CCD42840E5D57C006F37AA3493FBA1E1719C7BDFC5EE22275A4D0415FD0DAB28E5CD6062755797851948F218A93
13520170623074648 2 6 100 3071 2 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21FAEB991B 13520171129092140 2 6 100 3071 5 E5B2496BAE5BB80230B69F3FCDC4E4D64BEFCD390B3D2F4A774F3ED4CBDB333B81930CBAF737164C13615CC0BE2EC320E34B8312ADCAA5D9644C0F054DD446C6299262BC184374B516DE3613628A8FB2606ECBCCE08BEE2ABE5D4B7B4CED22910635B723FFDC9381C8F87D0A471F935B62AF4CBEA3C329DF758BEE99F07C33AD6499CDCDDD64E3105F689C831D566296C978F27F0DB2F44389D9E0256790A0E4976FE38192C4BCB20FAF5853ED8AB04B16FFA478AB5945A3E98B12D014509039AB2F05629C48CA9E2272F71AE6AF07E7FBD92CD944A656731FB783E8EB38DF15630CA074D8CB41ECE91AA8A0D756690813C1DDFBE58CCCE7A50F4C83479C85B11908F80768F76F2FB8870B70F498F3235A044A80F32CE9AA9C613CD611D8CDD3CFD3F6A033F1764CD3029AD5435525D8BDD1B45100D61986BF8DBD8290AEC82FE15DBBBF00850AE58137383EEAFF9C9EDEDF8CCD42840E5D57C006F37AA3493FBA1E1719C7BDFC5EE22275A4D0415FD0DAB28E5CD60627557978519490711E0F
13620170623074919 2 6 100 3071 5 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21FB5876F7 13620171129092229 2 6 100 3071 5 E5B2496BAE5BB80230B69F3FCDC4E4D64BEFCD390B3D2F4A774F3ED4CBDB333B81930CBAF737164C13615CC0BE2EC320E34B8312ADCAA5D9644C0F054DD446C6299262BC184374B516DE3613628A8FB2606ECBCCE08BEE2ABE5D4B7B4CED22910635B723FFDC9381C8F87D0A471F935B62AF4CBEA3C329DF758BEE99F07C33AD6499CDCDDD64E3105F689C831D566296C978F27F0DB2F44389D9E0256790A0E4976FE38192C4BCB20FAF5853ED8AB04B16FFA478AB5945A3E98B12D014509039AB2F05629C48CA9E2272F71AE6AF07E7FBD92CD944A656731FB783E8EB38DF15630CA074D8CB41ECE91AA8A0D756690813C1DDFBE58CCCE7A50F4C83479C85B11908F80768F76F2FB8870B70F498F3235A044A80F32CE9AA9C613CD611D8CDD3CFD3F6A033F1764CD3029AD5435525D8BDD1B45100D61986BF8DBD8290AEC82FE15DBBBF00850AE58137383EEAFF9C9EDEDF8CCD42840E5D57C006F37AA3493FBA1E1719C7BDFC5EE22275A4D0415FD0DAB28E5CD606275579785194908BB287
13720170623075011 2 6 100 3071 5 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21FB79557F 13720171129092532 2 6 100 3071 2 E5B2496BAE5BB80230B69F3FCDC4E4D64BEFCD390B3D2F4A774F3ED4CBDB333B81930CBAF737164C13615CC0BE2EC320E34B8312ADCAA5D9644C0F054DD446C6299262BC184374B516DE3613628A8FB2606ECBCCE08BEE2ABE5D4B7B4CED22910635B723FFDC9381C8F87D0A471F935B62AF4CBEA3C329DF758BEE99F07C33AD6499CDCDDD64E3105F689C831D566296C978F27F0DB2F44389D9E0256790A0E4976FE38192C4BCB20FAF5853ED8AB04B16FFA478AB5945A3E98B12D014509039AB2F05629C48CA9E2272F71AE6AF07E7FBD92CD944A656731FB783E8EB38DF15630CA074D8CB41ECE91AA8A0D756690813C1DDFBE58CCCE7A50F4C83479C85B11908F80768F76F2FB8870B70F498F3235A044A80F32CE9AA9C613CD611D8CDD3CFD3F6A033F1764CD3029AD5435525D8BDD1B45100D61986BF8DBD8290AEC82FE15DBBBF00850AE58137383EEAFF9C9EDEDF8CCD42840E5D57C006F37AA3493FBA1E1719C7BDFC5EE22275A4D0415FD0DAB28E5CD60627557978519491098743
13820170623075040 2 6 100 3071 5 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21FB88E5F7 13820171129092609 2 6 100 3071 5 E5B2496BAE5BB80230B69F3FCDC4E4D64BEFCD390B3D2F4A774F3ED4CBDB333B81930CBAF737164C13615CC0BE2EC320E34B8312ADCAA5D9644C0F054DD446C6299262BC184374B516DE3613628A8FB2606ECBCCE08BEE2ABE5D4B7B4CED22910635B723FFDC9381C8F87D0A471F935B62AF4CBEA3C329DF758BEE99F07C33AD6499CDCDDD64E3105F689C831D566296C978F27F0DB2F44389D9E0256790A0E4976FE38192C4BCB20FAF5853ED8AB04B16FFA478AB5945A3E98B12D014509039AB2F05629C48CA9E2272F71AE6AF07E7FBD92CD944A656731FB783E8EB38DF15630CA074D8CB41ECE91AA8A0D756690813C1DDFBE58CCCE7A50F4C83479C85B11908F80768F76F2FB8870B70F498F3235A044A80F32CE9AA9C613CD611D8CDD3CFD3F6A033F1764CD3029AD5435525D8BDD1B45100D61986BF8DBD8290AEC82FE15DBBBF00850AE58137383EEAFF9C9EDEDF8CCD42840E5D57C006F37AA3493FBA1E1719C7BDFC5EE22275A4D0415FD0DAB28E5CD606275579785194911B52CF
13920170623075211 2 6 100 3071 2 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21FBC86DF3 13920171129092912 2 6 100 3071 5 E5B2496BAE5BB80230B69F3FCDC4E4D64BEFCD390B3D2F4A774F3ED4CBDB333B81930CBAF737164C13615CC0BE2EC320E34B8312ADCAA5D9644C0F054DD446C6299262BC184374B516DE3613628A8FB2606ECBCCE08BEE2ABE5D4B7B4CED22910635B723FFDC9381C8F87D0A471F935B62AF4CBEA3C329DF758BEE99F07C33AD6499CDCDDD64E3105F689C831D566296C978F27F0DB2F44389D9E0256790A0E4976FE38192C4BCB20FAF5853ED8AB04B16FFA478AB5945A3E98B12D014509039AB2F05629C48CA9E2272F71AE6AF07E7FBD92CD944A656731FB783E8EB38DF15630CA074D8CB41ECE91AA8A0D756690813C1DDFBE58CCCE7A50F4C83479C85B11908F80768F76F2FB8870B70F498F3235A044A80F32CE9AA9C613CD611D8CDD3CFD3F6A033F1764CD3029AD5435525D8BDD1B45100D61986BF8DBD8290AEC82FE15DBBBF00850AE58137383EEAFF9C9EDEDF8CCD42840E5D57C006F37AA3493FBA1E1719C7BDFC5EE22275A4D0415FD0DAB28E5CD60627557978519491979D17
14020170623075233 2 6 100 3071 2 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21FBD19D1B 14020171129093038 2 6 100 3071 2 E5B2496BAE5BB80230B69F3FCDC4E4D64BEFCD390B3D2F4A774F3ED4CBDB333B81930CBAF737164C13615CC0BE2EC320E34B8312ADCAA5D9644C0F054DD446C6299262BC184374B516DE3613628A8FB2606ECBCCE08BEE2ABE5D4B7B4CED22910635B723FFDC9381C8F87D0A471F935B62AF4CBEA3C329DF758BEE99F07C33AD6499CDCDDD64E3105F689C831D566296C978F27F0DB2F44389D9E0256790A0E4976FE38192C4BCB20FAF5853ED8AB04B16FFA478AB5945A3E98B12D014509039AB2F05629C48CA9E2272F71AE6AF07E7FBD92CD944A656731FB783E8EB38DF15630CA074D8CB41ECE91AA8A0D756690813C1DDFBE58CCCE7A50F4C83479C85B11908F80768F76F2FB8870B70F498F3235A044A80F32CE9AA9C613CD611D8CDD3CFD3F6A033F1764CD3029AD5435525D8BDD1B45100D61986BF8DBD8290AEC82FE15DBBBF00850AE58137383EEAFF9C9EDEDF8CCD42840E5D57C006F37AA3493FBA1E1719C7BDFC5EE22275A4D0415FD0DAB28E5CD60627557978519491CBE28B
14120170623075313 2 6 100 3071 5 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21FBE8A97F 14120171129093318 2 6 100 3071 5 E5B2496BAE5BB80230B69F3FCDC4E4D64BEFCD390B3D2F4A774F3ED4CBDB333B81930CBAF737164C13615CC0BE2EC320E34B8312ADCAA5D9644C0F054DD446C6299262BC184374B516DE3613628A8FB2606ECBCCE08BEE2ABE5D4B7B4CED22910635B723FFDC9381C8F87D0A471F935B62AF4CBEA3C329DF758BEE99F07C33AD6499CDCDDD64E3105F689C831D566296C978F27F0DB2F44389D9E0256790A0E4976FE38192C4BCB20FAF5853ED8AB04B16FFA478AB5945A3E98B12D014509039AB2F05629C48CA9E2272F71AE6AF07E7FBD92CD944A656731FB783E8EB38DF15630CA074D8CB41ECE91AA8A0D756690813C1DDFBE58CCCE7A50F4C83479C85B11908F80768F76F2FB8870B70F498F3235A044A80F32CE9AA9C613CD611D8CDD3CFD3F6A033F1764CD3029AD5435525D8BDD1B45100D61986BF8DBD8290AEC82FE15DBBBF00850AE58137383EEAFF9C9EDEDF8CCD42840E5D57C006F37AA3493FBA1E1719C7BDFC5EE22275A4D0415FD0DAB28E5CD60627557978519492326CF7
14220170623080026 2 6 100 3071 2 E787C1EA14A0022F3F98A02847D293441332B2EB8BFF8C4D74ECFF730CCA9D1AFC6433A6DD4BA7089EC18D8D314550FCDC6DA23FEFDE48622BB6FFD89AB71CC0BA6C8C0930593E85A442A9C589ECF35E17D9CC7E2AE713B3704D69B61EF6E79A41AE02ADBF7966DF94B1C6861795B7EDFA8D7418EBAEB47F26F158AEF3DB418FD1632DBB93B431204964B78C7AE9ED796E39F1B6DE1FEE4CE77815462F36342E80B44B052BADC06F78CFEA7D3D0B294C5C8E8E623F95F5D3C1A17D911A0E78FE7754AA4A440FE75498D9AA47AACF2FC2F716630AEF10950F1FACD4CF847A7E4B0C20F507A7322996DBC4D2250A99CB213CB95AAF7A8B6A0B5317BE8FF728D3A0A0AAEA1B86729DDD59566916640F9AF7A455145CE29CB58884CC2E9DD705B1E87D10E139945FBE70D20D718FED9AF202A22673D76128A5FCB2860419675ADB97512628C7C65C7078B0C730A258C8979912C18EC065367791A404C71318B78FE29CC115ECD74C4EFCDE86C35BD0CFC3ADC41B4F24243A262B251F6E21FD35417B 14220171129093513 2 6 100 3071 2 E5B2496BAE5BB80230B69F3FCDC4E4D64BEFCD390B3D2F4A774F3ED4CBDB333B81930CBAF737164C13615CC0BE2EC320E34B8312ADCAA5D9644C0F054DD446C6299262BC184374B516DE3613628A8FB2606ECBCCE08BEE2ABE5D4B7B4CED22910635B723FFDC9381C8F87D0A471F935B62AF4CBEA3C329DF758BEE99F07C33AD6499CDCDDD64E3105F689C831D566296C978F27F0DB2F44389D9E0256790A0E4976FE38192C4BCB20FAF5853ED8AB04B16FFA478AB5945A3E98B12D014509039AB2F05629C48CA9E2272F71AE6AF07E7FBD92CD944A656731FB783E8EB38DF15630CA074D8CB41ECE91AA8A0D756690813C1DDFBE58CCCE7A50F4C83479C85B11908F80768F76F2FB8870B70F498F3235A044A80F32CE9AA9C613CD611D8CDD3CFD3F6A033F1764CD3029AD5435525D8BDD1B45100D61986BF8DBD8290AEC82FE15DBBBF00850AE58137383EEAFF9C9EDEDF8CCD42840E5D57C006F37AA3493FBA1E1719C7BDFC5EE22275A4D0415FD0DAB28E5CD606275579785194927B907B
14320170623082844 2 6 100 4095 2 DCFD3F9E0CF8187E955D8AEB347A5E4250C2B78E67E73E1DCDB99D67EC98180AE5FEF9119D38E50CBDBF46C8B2F62240FF5E1B28FB01276B82DB7422A777AA30AC5A9423D9AC3D33C9FECCC85823BD1138919E8F831364B093CF13B11CDD11394AA8D2256D58264266F780EABBA494E99EF63EC1F69997D180ABBA50B091AFD7FF478DAFF435CE2529E5F8FC81316AB0EA636014E125715FC77D653B142734C93FCD825C28CB928D579E9ED2C6C11E89C64B9C4B91CA962FB11C824F302BDEF7F67D1F7AC95F52B49FD4A044101BA3BDDD59C7663AB270D24DC846B90925F615EBFA5182F261938182E301C83FDC027381BD0FA753C84E57CC51531E7D0C468988B67D0B312E73C65E21D93C69C7862553F60BC9B26C6B5FB68BEDA3D7B0770C1116FF2B88484C7FB29A9D46D01719E89CB76A25C1B8349E3F8DA38CC00B3C1502BA6775BE363D27FA71A72DE0094E6805DEABB343B4A6DC98CD5F5191017B4E1CB0E5EE2FA979642305B8FDE9EE6A26E469C03C8B806F9492C0C544D7A0FE7773B3940812AE6B76C447BC28AA8127D9A7FEB7F98B9720C889CE2FF4806225B012B06F2FC0737D2A73A3046BD7ACBF0A8CF02BB3FAB81A60A29C0AA5B3B731541F62B542F4EF8224C6BAF6A087D0A9FE43492E5CE13F855E80457A516155CCA04A6144E402A1A3D71D657556B9124837730953505EB479984819069919E3F0A3 14320171129093638 2 6 100 3071 5 E5B2496BAE5BB80230B69F3FCDC4E4D64BEFCD390B3D2F4A774F3ED4CBDB333B81930CBAF737164C13615CC0BE2EC320E34B8312ADCAA5D9644C0F054DD446C6299262BC184374B516DE3613628A8FB2606ECBCCE08BEE2ABE5D4B7B4CED22910635B723FFDC9381C8F87D0A471F935B62AF4CBEA3C329DF758BEE99F07C33AD6499CDCDDD64E3105F689C831D566296C978F27F0DB2F44389D9E0256790A0E4976FE38192C4BCB20FAF5853ED8AB04B16FFA478AB5945A3E98B12D014509039AB2F05629C48CA9E2272F71AE6AF07E7FBD92CD944A656731FB783E8EB38DF15630CA074D8CB41ECE91AA8A0D756690813C1DDFBE58CCCE7A50F4C83479C85B11908F80768F76F2FB8870B70F498F3235A044A80F32CE9AA9C613CD611D8CDD3CFD3F6A033F1764CD3029AD5435525D8BDD1B45100D61986BF8DBD8290AEC82FE15DBBBF00850AE58137383EEAFF9C9EDEDF8CCD42840E5D57C006F37AA3493FBA1E1719C7BDFC5EE22275A4D0415FD0DAB28E5CD60627557978519492B0BBB7
14420170623084111 2 6 100 4095 2 DCFD3F9E0CF8187E955D8AEB347A5E4250C2B78E67E73E1DCDB99D67EC98180AE5FEF9119D38E50CBDBF46C8B2F62240FF5E1B28FB01276B82DB7422A777AA30AC5A9423D9AC3D33C9FECCC85823BD1138919E8F831364B093CF13B11CDD11394AA8D2256D58264266F780EABBA494E99EF63EC1F69997D180ABBA50B091AFD7FF478DAFF435CE2529E5F8FC81316AB0EA636014E125715FC77D653B142734C93FCD825C28CB928D579E9ED2C6C11E89C64B9C4B91CA962FB11C824F302BDEF7F67D1F7AC95F52B49FD4A044101BA3BDDD59C7663AB270D24DC846B90925F615EBFA5182F261938182E301C83FDC027381BD0FA753C84E57CC51531E7D0C468988B67D0B312E73C65E21D93C69C7862553F60BC9B26C6B5FB68BEDA3D7B0770C1116FF2B88484C7FB29A9D46D01719E89CB76A25C1B8349E3F8DA38CC00B3C1502BA6775BE363D27FA71A72DE0094E6805DEABB343B4A6DC98CD5F5191017B4E1CB0E5EE2FA979642305B8FDE9EE6A26E469C03C8B806F9492C0C544D7A0FE7773B3940812AE6B76C447BC28AA8127D9A7FEB7F98B9720C889CE2FF4806225B012B06F2FC0737D2A73A3046BD7ACBF0A8CF02BB3FAB81A60A29C0AA5B3B731541F62B542F4EF8224C6BAF6A087D0A9FE43492E5CE13F855E80457A516155CCA04A6144E402A1A3D71D657556B9124837730953505EB47998481906991AE37AEB 14420171129094059 2 6 100 3071 2 E5B2496BAE5BB80230B69F3FCDC4E4D64BEFCD390B3D2F4A774F3ED4CBDB333B81930CBAF737164C13615CC0BE2EC320E34B8312ADCAA5D9644C0F054DD446C6299262BC184374B516DE3613628A8FB2606ECBCCE08BEE2ABE5D4B7B4CED22910635B723FFDC9381C8F87D0A471F935B62AF4CBEA3C329DF758BEE99F07C33AD6499CDCDDD64E3105F689C831D566296C978F27F0DB2F44389D9E0256790A0E4976FE38192C4BCB20FAF5853ED8AB04B16FFA478AB5945A3E98B12D014509039AB2F05629C48CA9E2272F71AE6AF07E7FBD92CD944A656731FB783E8EB38DF15630CA074D8CB41ECE91AA8A0D756690813C1DDFBE58CCCE7A50F4C83479C85B11908F80768F76F2FB8870B70F498F3235A044A80F32CE9AA9C613CD611D8CDD3CFD3F6A033F1764CD3029AD5435525D8BDD1B45100D61986BF8DBD8290AEC82FE15DBBBF00850AE58137383EEAFF9C9EDEDF8CCD42840E5D57C006F37AA3493FBA1E1719C7BDFC5EE22275A4D0415FD0DAB28E5CD60627557978519493646CBB
14520170623091322 2 6 100 4095 5 DCFD3F9E0CF8187E955D8AEB347A5E4250C2B78E67E73E1DCDB99D67EC98180AE5FEF9119D38E50CBDBF46C8B2F62240FF5E1B28FB01276B82DB7422A777AA30AC5A9423D9AC3D33C9FECCC85823BD1138919E8F831364B093CF13B11CDD11394AA8D2256D58264266F780EABBA494E99EF63EC1F69997D180ABBA50B091AFD7FF478DAFF435CE2529E5F8FC81316AB0EA636014E125715FC77D653B142734C93FCD825C28CB928D579E9ED2C6C11E89C64B9C4B91CA962FB11C824F302BDEF7F67D1F7AC95F52B49FD4A044101BA3BDDD59C7663AB270D24DC846B90925F615EBFA5182F261938182E301C83FDC027381BD0FA753C84E57CC51531E7D0C468988B67D0B312E73C65E21D93C69C7862553F60BC9B26C6B5FB68BEDA3D7B0770C1116FF2B88484C7FB29A9D46D01719E89CB76A25C1B8349E3F8DA38CC00B3C1502BA6775BE363D27FA71A72DE0094E6805DEABB343B4A6DC98CD5F5191017B4E1CB0E5EE2FA979642305B8FDE9EE6A26E469C03C8B806F9492C0C544D7A0FE7773B3940812AE6B76C447BC28AA8127D9A7FEB7F98B9720C889CE2FF4806225B012B06F2FC0737D2A73A3046BD7ACBF0A8CF02BB3FAB81A60A29C0AA5B3B731541F62B542F4EF8224C6BAF6A087D0A9FE43492E5CE13F855E80457A516155CCA04A6144E402A1A3D71D657556B9124837730953505EB47998481906991D857A5F 14520171129094240 2 6 100 3071 2 E5B2496BAE5BB80230B69F3FCDC4E4D64BEFCD390B3D2F4A774F3ED4CBDB333B81930CBAF737164C13615CC0BE2EC320E34B8312ADCAA5D9644C0F054DD446C6299262BC184374B516DE3613628A8FB2606ECBCCE08BEE2ABE5D4B7B4CED22910635B723FFDC9381C8F87D0A471F935B62AF4CBEA3C329DF758BEE99F07C33AD6499CDCDDD64E3105F689C831D566296C978F27F0DB2F44389D9E0256790A0E4976FE38192C4BCB20FAF5853ED8AB04B16FFA478AB5945A3E98B12D014509039AB2F05629C48CA9E2272F71AE6AF07E7FBD92CD944A656731FB783E8EB38DF15630CA074D8CB41ECE91AA8A0D756690813C1DDFBE58CCCE7A50F4C83479C85B11908F80768F76F2FB8870B70F498F3235A044A80F32CE9AA9C613CD611D8CDD3CFD3F6A033F1764CD3029AD5435525D8BDD1B45100D61986BF8DBD8290AEC82FE15DBBBF00850AE58137383EEAFF9C9EDEDF8CCD42840E5D57C006F37AA3493FBA1E1719C7BDFC5EE22275A4D0415FD0DAB28E5CD606275579785194939F7823
14620170623095654 2 6 100 4095 5 DCFD3F9E0CF8187E955D8AEB347A5E4250C2B78E67E73E1DCDB99D67EC98180AE5FEF9119D38E50CBDBF46C8B2F62240FF5E1B28FB01276B82DB7422A777AA30AC5A9423D9AC3D33C9FECCC85823BD1138919E8F831364B093CF13B11CDD11394AA8D2256D58264266F780EABBA494E99EF63EC1F69997D180ABBA50B091AFD7FF478DAFF435CE2529E5F8FC81316AB0EA636014E125715FC77D653B142734C93FCD825C28CB928D579E9ED2C6C11E89C64B9C4B91CA962FB11C824F302BDEF7F67D1F7AC95F52B49FD4A044101BA3BDDD59C7663AB270D24DC846B90925F615EBFA5182F261938182E301C83FDC027381BD0FA753C84E57CC51531E7D0C468988B67D0B312E73C65E21D93C69C7862553F60BC9B26C6B5FB68BEDA3D7B0770C1116FF2B88484C7FB29A9D46D01719E89CB76A25C1B8349E3F8DA38CC00B3C1502BA6775BE363D27FA71A72DE0094E6805DEABB343B4A6DC98CD5F5191017B4E1CB0E5EE2FA979642305B8FDE9EE6A26E469C03C8B806F9492C0C544D7A0FE7773B3940812AE6B76C447BC28AA8127D9A7FEB7F98B9720C889CE2FF4806225B012B06F2FC0737D2A73A3046BD7ACBF0A8CF02BB3FAB81A60A29C0AA5B3B731541F62B542F4EF8224C6BAF6A087D0A9FE43492E5CE13F855E80457A516155CCA04A6144E402A1A3D71D657556B9124837730953505EB4799848190699210172E7 14620171129094307 2 6 100 3071 2 E5B2496BAE5BB80230B69F3FCDC4E4D64BEFCD390B3D2F4A774F3ED4CBDB333B81930CBAF737164C13615CC0BE2EC320E34B8312ADCAA5D9644C0F054DD446C6299262BC184374B516DE3613628A8FB2606ECBCCE08BEE2ABE5D4B7B4CED22910635B723FFDC9381C8F87D0A471F935B62AF4CBEA3C329DF758BEE99F07C33AD6499CDCDDD64E3105F689C831D566296C978F27F0DB2F44389D9E0256790A0E4976FE38192C4BCB20FAF5853ED8AB04B16FFA478AB5945A3E98B12D014509039AB2F05629C48CA9E2272F71AE6AF07E7FBD92CD944A656731FB783E8EB38DF15630CA074D8CB41ECE91AA8A0D756690813C1DDFBE58CCCE7A50F4C83479C85B11908F80768F76F2FB8870B70F498F3235A044A80F32CE9AA9C613CD611D8CDD3CFD3F6A033F1764CD3029AD5435525D8BDD1B45100D61986BF8DBD8290AEC82FE15DBBBF00850AE58137383EEAFF9C9EDEDF8CCD42840E5D57C006F37AA3493FBA1E1719C7BDFC5EE22275A4D0415FD0DAB28E5CD60627557978519493AB8EBB
14720170623095828 2 6 100 4095 2 DCFD3F9E0CF8187E955D8AEB347A5E4250C2B78E67E73E1DCDB99D67EC98180AE5FEF9119D38E50CBDBF46C8B2F62240FF5E1B28FB01276B82DB7422A777AA30AC5A9423D9AC3D33C9FECCC85823BD1138919E8F831364B093CF13B11CDD11394AA8D2256D58264266F780EABBA494E99EF63EC1F69997D180ABBA50B091AFD7FF478DAFF435CE2529E5F8FC81316AB0EA636014E125715FC77D653B142734C93FCD825C28CB928D579E9ED2C6C11E89C64B9C4B91CA962FB11C824F302BDEF7F67D1F7AC95F52B49FD4A044101BA3BDDD59C7663AB270D24DC846B90925F615EBFA5182F261938182E301C83FDC027381BD0FA753C84E57CC51531E7D0C468988B67D0B312E73C65E21D93C69C7862553F60BC9B26C6B5FB68BEDA3D7B0770C1116FF2B88484C7FB29A9D46D01719E89CB76A25C1B8349E3F8DA38CC00B3C1502BA6775BE363D27FA71A72DE0094E6805DEABB343B4A6DC98CD5F5191017B4E1CB0E5EE2FA979642305B8FDE9EE6A26E469C03C8B806F9492C0C544D7A0FE7773B3940812AE6B76C447BC28AA8127D9A7FEB7F98B9720C889CE2FF4806225B012B06F2FC0737D2A73A3046BD7ACBF0A8CF02BB3FAB81A60A29C0AA5B3B731541F62B542F4EF8224C6BAF6A087D0A9FE43492E5CE13F855E80457A516155CCA04A6144E402A1A3D71D657556B9124837730953505EB479984819069921188C6B 14720171129094439 2 6 100 3071 5 E5B2496BAE5BB80230B69F3FCDC4E4D64BEFCD390B3D2F4A774F3ED4CBDB333B81930CBAF737164C13615CC0BE2EC320E34B8312ADCAA5D9644C0F054DD446C6299262BC184374B516DE3613628A8FB2606ECBCCE08BEE2ABE5D4B7B4CED22910635B723FFDC9381C8F87D0A471F935B62AF4CBEA3C329DF758BEE99F07C33AD6499CDCDDD64E3105F689C831D566296C978F27F0DB2F44389D9E0256790A0E4976FE38192C4BCB20FAF5853ED8AB04B16FFA478AB5945A3E98B12D014509039AB2F05629C48CA9E2272F71AE6AF07E7FBD92CD944A656731FB783E8EB38DF15630CA074D8CB41ECE91AA8A0D756690813C1DDFBE58CCCE7A50F4C83479C85B11908F80768F76F2FB8870B70F498F3235A044A80F32CE9AA9C613CD611D8CDD3CFD3F6A033F1764CD3029AD5435525D8BDD1B45100D61986BF8DBD8290AEC82FE15DBBBF00850AE58137383EEAFF9C9EDEDF8CCD42840E5D57C006F37AA3493FBA1E1719C7BDFC5EE22275A4D0415FD0DAB28E5CD60627557978519493E34B3F
14820170623095901 2 6 100 4095 5 DCFD3F9E0CF8187E955D8AEB347A5E4250C2B78E67E73E1DCDB99D67EC98180AE5FEF9119D38E50CBDBF46C8B2F62240FF5E1B28FB01276B82DB7422A777AA30AC5A9423D9AC3D33C9FECCC85823BD1138919E8F831364B093CF13B11CDD11394AA8D2256D58264266F780EABBA494E99EF63EC1F69997D180ABBA50B091AFD7FF478DAFF435CE2529E5F8FC81316AB0EA636014E125715FC77D653B142734C93FCD825C28CB928D579E9ED2C6C11E89C64B9C4B91CA962FB11C824F302BDEF7F67D1F7AC95F52B49FD4A044101BA3BDDD59C7663AB270D24DC846B90925F615EBFA5182F261938182E301C83FDC027381BD0FA753C84E57CC51531E7D0C468988B67D0B312E73C65E21D93C69C7862553F60BC9B26C6B5FB68BEDA3D7B0770C1116FF2B88484C7FB29A9D46D01719E89CB76A25C1B8349E3F8DA38CC00B3C1502BA6775BE363D27FA71A72DE0094E6805DEABB343B4A6DC98CD5F5191017B4E1CB0E5EE2FA979642305B8FDE9EE6A26E469C03C8B806F9492C0C544D7A0FE7773B3940812AE6B76C447BC28AA8127D9A7FEB7F98B9720C889CE2FF4806225B012B06F2FC0737D2A73A3046BD7ACBF0A8CF02BB3FAB81A60A29C0AA5B3B731541F62B542F4EF8224C6BAF6A087D0A9FE43492E5CE13F855E80457A516155CCA04A6144E402A1A3D71D657556B9124837730953505EB4799848190699211B667F 14820171129094532 2 6 100 3071 5 E5B2496BAE5BB80230B69F3FCDC4E4D64BEFCD390B3D2F4A774F3ED4CBDB333B81930CBAF737164C13615CC0BE2EC320E34B8312ADCAA5D9644C0F054DD446C6299262BC184374B516DE3613628A8FB2606ECBCCE08BEE2ABE5D4B7B4CED22910635B723FFDC9381C8F87D0A471F935B62AF4CBEA3C329DF758BEE99F07C33AD6499CDCDDD64E3105F689C831D566296C978F27F0DB2F44389D9E0256790A0E4976FE38192C4BCB20FAF5853ED8AB04B16FFA478AB5945A3E98B12D014509039AB2F05629C48CA9E2272F71AE6AF07E7FBD92CD944A656731FB783E8EB38DF15630CA074D8CB41ECE91AA8A0D756690813C1DDFBE58CCCE7A50F4C83479C85B11908F80768F76F2FB8870B70F498F3235A044A80F32CE9AA9C613CD611D8CDD3CFD3F6A033F1764CD3029AD5435525D8BDD1B45100D61986BF8DBD8290AEC82FE15DBBBF00850AE58137383EEAFF9C9EDEDF8CCD42840E5D57C006F37AA3493FBA1E1719C7BDFC5EE22275A4D0415FD0DAB28E5CD60627557978519493FF8E7F
14920170623100423 2 6 100 4095 2 DCFD3F9E0CF8187E955D8AEB347A5E4250C2B78E67E73E1DCDB99D67EC98180AE5FEF9119D38E50CBDBF46C8B2F62240FF5E1B28FB01276B82DB7422A777AA30AC5A9423D9AC3D33C9FECCC85823BD1138919E8F831364B093CF13B11CDD11394AA8D2256D58264266F780EABBA494E99EF63EC1F69997D180ABBA50B091AFD7FF478DAFF435CE2529E5F8FC81316AB0EA636014E125715FC77D653B142734C93FCD825C28CB928D579E9ED2C6C11E89C64B9C4B91CA962FB11C824F302BDEF7F67D1F7AC95F52B49FD4A044101BA3BDDD59C7663AB270D24DC846B90925F615EBFA5182F261938182E301C83FDC027381BD0FA753C84E57CC51531E7D0C468988B67D0B312E73C65E21D93C69C7862553F60BC9B26C6B5FB68BEDA3D7B0770C1116FF2B88484C7FB29A9D46D01719E89CB76A25C1B8349E3F8DA38CC00B3C1502BA6775BE363D27FA71A72DE0094E6805DEABB343B4A6DC98CD5F5191017B4E1CB0E5EE2FA979642305B8FDE9EE6A26E469C03C8B806F9492C0C544D7A0FE7773B3940812AE6B76C447BC28AA8127D9A7FEB7F98B9720C889CE2FF4806225B012B06F2FC0737D2A73A3046BD7ACBF0A8CF02BB3FAB81A60A29C0AA5B3B731541F62B542F4EF8224C6BAF6A087D0A9FE43492E5CE13F855E80457A516155CCA04A6144E402A1A3D71D657556B9124837730953505EB479984819069921818383 14920171129094653 2 6 100 3071 2 E5B2496BAE5BB80230B69F3FCDC4E4D64BEFCD390B3D2F4A774F3ED4CBDB333B81930CBAF737164C13615CC0BE2EC320E34B8312ADCAA5D9644C0F054DD446C6299262BC184374B516DE3613628A8FB2606ECBCCE08BEE2ABE5D4B7B4CED22910635B723FFDC9381C8F87D0A471F935B62AF4CBEA3C329DF758BEE99F07C33AD6499CDCDDD64E3105F689C831D566296C978F27F0DB2F44389D9E0256790A0E4976FE38192C4BCB20FAF5853ED8AB04B16FFA478AB5945A3E98B12D014509039AB2F05629C48CA9E2272F71AE6AF07E7FBD92CD944A656731FB783E8EB38DF15630CA074D8CB41ECE91AA8A0D756690813C1DDFBE58CCCE7A50F4C83479C85B11908F80768F76F2FB8870B70F498F3235A044A80F32CE9AA9C613CD611D8CDD3CFD3F6A033F1764CD3029AD5435525D8BDD1B45100D61986BF8DBD8290AEC82FE15DBBBF00850AE58137383EEAFF9C9EDEDF8CCD42840E5D57C006F37AA3493FBA1E1719C7BDFC5EE22275A4D0415FD0DAB28E5CD60627557978519494307873
15020170623101338 2 6 100 4095 2 DCFD3F9E0CF8187E955D8AEB347A5E4250C2B78E67E73E1DCDB99D67EC98180AE5FEF9119D38E50CBDBF46C8B2F62240FF5E1B28FB01276B82DB7422A777AA30AC5A9423D9AC3D33C9FECCC85823BD1138919E8F831364B093CF13B11CDD11394AA8D2256D58264266F780EABBA494E99EF63EC1F69997D180ABBA50B091AFD7FF478DAFF435CE2529E5F8FC81316AB0EA636014E125715FC77D653B142734C93FCD825C28CB928D579E9ED2C6C11E89C64B9C4B91CA962FB11C824F302BDEF7F67D1F7AC95F52B49FD4A044101BA3BDDD59C7663AB270D24DC846B90925F615EBFA5182F261938182E301C83FDC027381BD0FA753C84E57CC51531E7D0C468988B67D0B312E73C65E21D93C69C7862553F60BC9B26C6B5FB68BEDA3D7B0770C1116FF2B88484C7FB29A9D46D01719E89CB76A25C1B8349E3F8DA38CC00B3C1502BA6775BE363D27FA71A72DE0094E6805DEABB343B4A6DC98CD5F5191017B4E1CB0E5EE2FA979642305B8FDE9EE6A26E469C03C8B806F9492C0C544D7A0FE7773B3940812AE6B76C447BC28AA8127D9A7FEB7F98B9720C889CE2FF4806225B012B06F2FC0737D2A73A3046BD7ACBF0A8CF02BB3FAB81A60A29C0AA5B3B731541F62B542F4EF8224C6BAF6A087D0A9FE43492E5CE13F855E80457A516155CCA04A6144E402A1A3D71D657556B9124837730953505EB4799848190699223C1F3B 15020171129094922 2 6 100 3071 5 E5B2496BAE5BB80230B69F3FCDC4E4D64BEFCD390B3D2F4A774F3ED4CBDB333B81930CBAF737164C13615CC0BE2EC320E34B8312ADCAA5D9644C0F054DD446C6299262BC184374B516DE3613628A8FB2606ECBCCE08BEE2ABE5D4B7B4CED22910635B723FFDC9381C8F87D0A471F935B62AF4CBEA3C329DF758BEE99F07C33AD6499CDCDDD64E3105F689C831D566296C978F27F0DB2F44389D9E0256790A0E4976FE38192C4BCB20FAF5853ED8AB04B16FFA478AB5945A3E98B12D014509039AB2F05629C48CA9E2272F71AE6AF07E7FBD92CD944A656731FB783E8EB38DF15630CA074D8CB41ECE91AA8A0D756690813C1DDFBE58CCCE7A50F4C83479C85B11908F80768F76F2FB8870B70F498F3235A044A80F32CE9AA9C613CD611D8CDD3CFD3F6A033F1764CD3029AD5435525D8BDD1B45100D61986BF8DBD8290AEC82FE15DBBBF00850AE58137383EEAFF9C9EDEDF8CCD42840E5D57C006F37AA3493FBA1E1719C7BDFC5EE22275A4D0415FD0DAB28E5CD60627557978519494921E2F
15120170623101757 2 6 100 4095 2 DCFD3F9E0CF8187E955D8AEB347A5E4250C2B78E67E73E1DCDB99D67EC98180AE5FEF9119D38E50CBDBF46C8B2F62240FF5E1B28FB01276B82DB7422A777AA30AC5A9423D9AC3D33C9FECCC85823BD1138919E8F831364B093CF13B11CDD11394AA8D2256D58264266F780EABBA494E99EF63EC1F69997D180ABBA50B091AFD7FF478DAFF435CE2529E5F8FC81316AB0EA636014E125715FC77D653B142734C93FCD825C28CB928D579E9ED2C6C11E89C64B9C4B91CA962FB11C824F302BDEF7F67D1F7AC95F52B49FD4A044101BA3BDDD59C7663AB270D24DC846B90925F615EBFA5182F261938182E301C83FDC027381BD0FA753C84E57CC51531E7D0C468988B67D0B312E73C65E21D93C69C7862553F60BC9B26C6B5FB68BEDA3D7B0770C1116FF2B88484C7FB29A9D46D01719E89CB76A25C1B8349E3F8DA38CC00B3C1502BA6775BE363D27FA71A72DE0094E6805DEABB343B4A6DC98CD5F5191017B4E1CB0E5EE2FA979642305B8FDE9EE6A26E469C03C8B806F9492C0C544D7A0FE7773B3940812AE6B76C447BC28AA8127D9A7FEB7F98B9720C889CE2FF4806225B012B06F2FC0737D2A73A3046BD7ACBF0A8CF02BB3FAB81A60A29C0AA5B3B731541F62B542F4EF8224C6BAF6A087D0A9FE43492E5CE13F855E80457A516155CCA04A6144E402A1A3D71D657556B9124837730953505EB4799848190699228B3683 15120171129094940 2 6 100 3071 2 E5B2496BAE5BB80230B69F3FCDC4E4D64BEFCD390B3D2F4A774F3ED4CBDB333B81930CBAF737164C13615CC0BE2EC320E34B8312ADCAA5D9644C0F054DD446C6299262BC184374B516DE3613628A8FB2606ECBCCE08BEE2ABE5D4B7B4CED22910635B723FFDC9381C8F87D0A471F935B62AF4CBEA3C329DF758BEE99F07C33AD6499CDCDDD64E3105F689C831D566296C978F27F0DB2F44389D9E0256790A0E4976FE38192C4BCB20FAF5853ED8AB04B16FFA478AB5945A3E98B12D014509039AB2F05629C48CA9E2272F71AE6AF07E7FBD92CD944A656731FB783E8EB38DF15630CA074D8CB41ECE91AA8A0D756690813C1DDFBE58CCCE7A50F4C83479C85B11908F80768F76F2FB8870B70F498F3235A044A80F32CE9AA9C613CD611D8CDD3CFD3F6A033F1764CD3029AD5435525D8BDD1B45100D61986BF8DBD8290AEC82FE15DBBBF00850AE58137383EEAFF9C9EDEDF8CCD42840E5D57C006F37AA3493FBA1E1719C7BDFC5EE22275A4D0415FD0DAB28E5CD6062755797851949496EE1B
15220170623104910 2 6 100 4095 2 DCFD3F9E0CF8187E955D8AEB347A5E4250C2B78E67E73E1DCDB99D67EC98180AE5FEF9119D38E50CBDBF46C8B2F62240FF5E1B28FB01276B82DB7422A777AA30AC5A9423D9AC3D33C9FECCC85823BD1138919E8F831364B093CF13B11CDD11394AA8D2256D58264266F780EABBA494E99EF63EC1F69997D180ABBA50B091AFD7FF478DAFF435CE2529E5F8FC81316AB0EA636014E125715FC77D653B142734C93FCD825C28CB928D579E9ED2C6C11E89C64B9C4B91CA962FB11C824F302BDEF7F67D1F7AC95F52B49FD4A044101BA3BDDD59C7663AB270D24DC846B90925F615EBFA5182F261938182E301C83FDC027381BD0FA753C84E57CC51531E7D0C468988B67D0B312E73C65E21D93C69C7862553F60BC9B26C6B5FB68BEDA3D7B0770C1116FF2B88484C7FB29A9D46D01719E89CB76A25C1B8349E3F8DA38CC00B3C1502BA6775BE363D27FA71A72DE0094E6805DEABB343B4A6DC98CD5F5191017B4E1CB0E5EE2FA979642305B8FDE9EE6A26E469C03C8B806F9492C0C544D7A0FE7773B3940812AE6B76C447BC28AA8127D9A7FEB7F98B9720C889CE2FF4806225B012B06F2FC0737D2A73A3046BD7ACBF0A8CF02BB3FAB81A60A29C0AA5B3B731541F62B542F4EF8224C6BAF6A087D0A9FE43492E5CE13F855E80457A516155CCA04A6144E402A1A3D71D657556B9124837730953505EB4799848190699250221BB 15220171129095758 2 6 100 3071 5 E5B2496BAE5BB80230B69F3FCDC4E4D64BEFCD390B3D2F4A774F3ED4CBDB333B81930CBAF737164C13615CC0BE2EC320E34B8312ADCAA5D9644C0F054DD446C6299262BC184374B516DE3613628A8FB2606ECBCCE08BEE2ABE5D4B7B4CED22910635B723FFDC9381C8F87D0A471F935B62AF4CBEA3C329DF758BEE99F07C33AD6499CDCDDD64E3105F689C831D566296C978F27F0DB2F44389D9E0256790A0E4976FE38192C4BCB20FAF5853ED8AB04B16FFA478AB5945A3E98B12D014509039AB2F05629C48CA9E2272F71AE6AF07E7FBD92CD944A656731FB783E8EB38DF15630CA074D8CB41ECE91AA8A0D756690813C1DDFBE58CCCE7A50F4C83479C85B11908F80768F76F2FB8870B70F498F3235A044A80F32CE9AA9C613CD611D8CDD3CFD3F6A033F1764CD3029AD5435525D8BDD1B45100D61986BF8DBD8290AEC82FE15DBBBF00850AE58137383EEAFF9C9EDEDF8CCD42840E5D57C006F37AA3493FBA1E1719C7BDFC5EE22275A4D0415FD0DAB28E5CD60627557978519495F23CAF
15320170623110231 2 6 100 4095 2 DCFD3F9E0CF8187E955D8AEB347A5E4250C2B78E67E73E1DCDB99D67EC98180AE5FEF9119D38E50CBDBF46C8B2F62240FF5E1B28FB01276B82DB7422A777AA30AC5A9423D9AC3D33C9FECCC85823BD1138919E8F831364B093CF13B11CDD11394AA8D2256D58264266F780EABBA494E99EF63EC1F69997D180ABBA50B091AFD7FF478DAFF435CE2529E5F8FC81316AB0EA636014E125715FC77D653B142734C93FCD825C28CB928D579E9ED2C6C11E89C64B9C4B91CA962FB11C824F302BDEF7F67D1F7AC95F52B49FD4A044101BA3BDDD59C7663AB270D24DC846B90925F615EBFA5182F261938182E301C83FDC027381BD0FA753C84E57CC51531E7D0C468988B67D0B312E73C65E21D93C69C7862553F60BC9B26C6B5FB68BEDA3D7B0770C1116FF2B88484C7FB29A9D46D01719E89CB76A25C1B8349E3F8DA38CC00B3C1502BA6775BE363D27FA71A72DE0094E6805DEABB343B4A6DC98CD5F5191017B4E1CB0E5EE2FA979642305B8FDE9EE6A26E469C03C8B806F9492C0C544D7A0FE7773B3940812AE6B76C447BC28AA8127D9A7FEB7F98B9720C889CE2FF4806225B012B06F2FC0737D2A73A3046BD7ACBF0A8CF02BB3FAB81A60A29C0AA5B3B731541F62B542F4EF8224C6BAF6A087D0A9FE43492E5CE13F855E80457A516155CCA04A6144E402A1A3D71D657556B9124837730953505EB4799848190699260AC373 15320171129100214 2 6 100 3071 5 E5B2496BAE5BB80230B69F3FCDC4E4D64BEFCD390B3D2F4A774F3ED4CBDB333B81930CBAF737164C13615CC0BE2EC320E34B8312ADCAA5D9644C0F054DD446C6299262BC184374B516DE3613628A8FB2606ECBCCE08BEE2ABE5D4B7B4CED22910635B723FFDC9381C8F87D0A471F935B62AF4CBEA3C329DF758BEE99F07C33AD6499CDCDDD64E3105F689C831D566296C978F27F0DB2F44389D9E0256790A0E4976FE38192C4BCB20FAF5853ED8AB04B16FFA478AB5945A3E98B12D014509039AB2F05629C48CA9E2272F71AE6AF07E7FBD92CD944A656731FB783E8EB38DF15630CA074D8CB41ECE91AA8A0D756690813C1DDFBE58CCCE7A50F4C83479C85B11908F80768F76F2FB8870B70F498F3235A044A80F32CE9AA9C613CD611D8CDD3CFD3F6A033F1764CD3029AD5435525D8BDD1B45100D61986BF8DBD8290AEC82FE15DBBBF00850AE58137383EEAFF9C9EDEDF8CCD42840E5D57C006F37AA3493FBA1E1719C7BDFC5EE22275A4D0415FD0DAB28E5CD606275579785194969CC5B7
15420170623110814 2 6 100 4095 2 DCFD3F9E0CF8187E955D8AEB347A5E4250C2B78E67E73E1DCDB99D67EC98180AE5FEF9119D38E50CBDBF46C8B2F62240FF5E1B28FB01276B82DB7422A777AA30AC5A9423D9AC3D33C9FECCC85823BD1138919E8F831364B093CF13B11CDD11394AA8D2256D58264266F780EABBA494E99EF63EC1F69997D180ABBA50B091AFD7FF478DAFF435CE2529E5F8FC81316AB0EA636014E125715FC77D653B142734C93FCD825C28CB928D579E9ED2C6C11E89C64B9C4B91CA962FB11C824F302BDEF7F67D1F7AC95F52B49FD4A044101BA3BDDD59C7663AB270D24DC846B90925F615EBFA5182F261938182E301C83FDC027381BD0FA753C84E57CC51531E7D0C468988B67D0B312E73C65E21D93C69C7862553F60BC9B26C6B5FB68BEDA3D7B0770C1116FF2B88484C7FB29A9D46D01719E89CB76A25C1B8349E3F8DA38CC00B3C1502BA6775BE363D27FA71A72DE0094E6805DEABB343B4A6DC98CD5F5191017B4E1CB0E5EE2FA979642305B8FDE9EE6A26E469C03C8B806F9492C0C544D7A0FE7773B3940812AE6B76C447BC28AA8127D9A7FEB7F98B9720C889CE2FF4806225B012B06F2FC0737D2A73A3046BD7ACBF0A8CF02BB3FAB81A60A29C0AA5B3B731541F62B542F4EF8224C6BAF6A087D0A9FE43492E5CE13F855E80457A516155CCA04A6144E402A1A3D71D657556B9124837730953505EB47998481906992672C113 15420171129101245 2 6 100 3071 2 E5B2496BAE5BB80230B69F3FCDC4E4D64BEFCD390B3D2F4A774F3ED4CBDB333B81930CBAF737164C13615CC0BE2EC320E34B8312ADCAA5D9644C0F054DD446C6299262BC184374B516DE3613628A8FB2606ECBCCE08BEE2ABE5D4B7B4CED22910635B723FFDC9381C8F87D0A471F935B62AF4CBEA3C329DF758BEE99F07C33AD6499CDCDDD64E3105F689C831D566296C978F27F0DB2F44389D9E0256790A0E4976FE38192C4BCB20FAF5853ED8AB04B16FFA478AB5945A3E98B12D014509039AB2F05629C48CA9E2272F71AE6AF07E7FBD92CD944A656731FB783E8EB38DF15630CA074D8CB41ECE91AA8A0D756690813C1DDFBE58CCCE7A50F4C83479C85B11908F80768F76F2FB8870B70F498F3235A044A80F32CE9AA9C613CD611D8CDD3CFD3F6A033F1764CD3029AD5435525D8BDD1B45100D61986BF8DBD8290AEC82FE15DBBBF00850AE58137383EEAFF9C9EDEDF8CCD42840E5D57C006F37AA3493FBA1E1719C7BDFC5EE22275A4D0415FD0DAB28E5CD60627557978519498540453
15520170623113826 2 6 100 4095 5 DCFD3F9E0CF8187E955D8AEB347A5E4250C2B78E67E73E1DCDB99D67EC98180AE5FEF9119D38E50CBDBF46C8B2F62240FF5E1B28FB01276B82DB7422A777AA30AC5A9423D9AC3D33C9FECCC85823BD1138919E8F831364B093CF13B11CDD11394AA8D2256D58264266F780EABBA494E99EF63EC1F69997D180ABBA50B091AFD7FF478DAFF435CE2529E5F8FC81316AB0EA636014E125715FC77D653B142734C93FCD825C28CB928D579E9ED2C6C11E89C64B9C4B91CA962FB11C824F302BDEF7F67D1F7AC95F52B49FD4A044101BA3BDDD59C7663AB270D24DC846B90925F615EBFA5182F261938182E301C83FDC027381BD0FA753C84E57CC51531E7D0C468988B67D0B312E73C65E21D93C69C7862553F60BC9B26C6B5FB68BEDA3D7B0770C1116FF2B88484C7FB29A9D46D01719E89CB76A25C1B8349E3F8DA38CC00B3C1502BA6775BE363D27FA71A72DE0094E6805DEABB343B4A6DC98CD5F5191017B4E1CB0E5EE2FA979642305B8FDE9EE6A26E469C03C8B806F9492C0C544D7A0FE7773B3940812AE6B76C447BC28AA8127D9A7FEB7F98B9720C889CE2FF4806225B012B06F2FC0737D2A73A3046BD7ACBF0A8CF02BB3FAB81A60A29C0AA5B3B731541F62B542F4EF8224C6BAF6A087D0A9FE43492E5CE13F855E80457A516155CCA04A6144E402A1A3D71D657556B9124837730953505EB479984819069928D90D4F 15520171129101539 2 6 100 3071 2 E5B2496BAE5BB80230B69F3FCDC4E4D64BEFCD390B3D2F4A774F3ED4CBDB333B81930CBAF737164C13615CC0BE2EC320E34B8312ADCAA5D9644C0F054DD446C6299262BC184374B516DE3613628A8FB2606ECBCCE08BEE2ABE5D4B7B4CED22910635B723FFDC9381C8F87D0A471F935B62AF4CBEA3C329DF758BEE99F07C33AD6499CDCDDD64E3105F689C831D566296C978F27F0DB2F44389D9E0256790A0E4976FE38192C4BCB20FAF5853ED8AB04B16FFA478AB5945A3E98B12D014509039AB2F05629C48CA9E2272F71AE6AF07E7FBD92CD944A656731FB783E8EB38DF15630CA074D8CB41ECE91AA8A0D756690813C1DDFBE58CCCE7A50F4C83479C85B11908F80768F76F2FB8870B70F498F3235A044A80F32CE9AA9C613CD611D8CDD3CFD3F6A033F1764CD3029AD5435525D8BDD1B45100D61986BF8DBD8290AEC82FE15DBBBF00850AE58137383EEAFF9C9EDEDF8CCD42840E5D57C006F37AA3493FBA1E1719C7BDFC5EE22275A4D0415FD0DAB28E5CD60627557978519498C81ACB
15620170623120249 2 6 100 4095 5 DCFD3F9E0CF8187E955D8AEB347A5E4250C2B78E67E73E1DCDB99D67EC98180AE5FEF9119D38E50CBDBF46C8B2F62240FF5E1B28FB01276B82DB7422A777AA30AC5A9423D9AC3D33C9FECCC85823BD1138919E8F831364B093CF13B11CDD11394AA8D2256D58264266F780EABBA494E99EF63EC1F69997D180ABBA50B091AFD7FF478DAFF435CE2529E5F8FC81316AB0EA636014E125715FC77D653B142734C93FCD825C28CB928D579E9ED2C6C11E89C64B9C4B91CA962FB11C824F302BDEF7F67D1F7AC95F52B49FD4A044101BA3BDDD59C7663AB270D24DC846B90925F615EBFA5182F261938182E301C83FDC027381BD0FA753C84E57CC51531E7D0C468988B67D0B312E73C65E21D93C69C7862553F60BC9B26C6B5FB68BEDA3D7B0770C1116FF2B88484C7FB29A9D46D01719E89CB76A25C1B8349E3F8DA38CC00B3C1502BA6775BE363D27FA71A72DE0094E6805DEABB343B4A6DC98CD5F5191017B4E1CB0E5EE2FA979642305B8FDE9EE6A26E469C03C8B806F9492C0C544D7A0FE7773B3940812AE6B76C447BC28AA8127D9A7FEB7F98B9720C889CE2FF4806225B012B06F2FC0737D2A73A3046BD7ACBF0A8CF02BB3FAB81A60A29C0AA5B3B731541F62B542F4EF8224C6BAF6A087D0A9FE43492E5CE13F855E80457A516155CCA04A6144E402A1A3D71D657556B9124837730953505EB47998481906992AC1BA3F 15620171129101618 2 6 100 3071 2 E5B2496BAE5BB80230B69F3FCDC4E4D64BEFCD390B3D2F4A774F3ED4CBDB333B81930CBAF737164C13615CC0BE2EC320E34B8312ADCAA5D9644C0F054DD446C6299262BC184374B516DE3613628A8FB2606ECBCCE08BEE2ABE5D4B7B4CED22910635B723FFDC9381C8F87D0A471F935B62AF4CBEA3C329DF758BEE99F07C33AD6499CDCDDD64E3105F689C831D566296C978F27F0DB2F44389D9E0256790A0E4976FE38192C4BCB20FAF5853ED8AB04B16FFA478AB5945A3E98B12D014509039AB2F05629C48CA9E2272F71AE6AF07E7FBD92CD944A656731FB783E8EB38DF15630CA074D8CB41ECE91AA8A0D756690813C1DDFBE58CCCE7A50F4C83479C85B11908F80768F76F2FB8870B70F498F3235A044A80F32CE9AA9C613CD611D8CDD3CFD3F6A033F1764CD3029AD5435525D8BDD1B45100D61986BF8DBD8290AEC82FE15DBBBF00850AE58137383EEAFF9C9EDEDF8CCD42840E5D57C006F37AA3493FBA1E1719C7BDFC5EE22275A4D0415FD0DAB28E5CD60627557978519498DC4FEB
15720170623121815 2 6 100 4095 2 DCFD3F9E0CF8187E955D8AEB347A5E4250C2B78E67E73E1DCDB99D67EC98180AE5FEF9119D38E50CBDBF46C8B2F62240FF5E1B28FB01276B82DB7422A777AA30AC5A9423D9AC3D33C9FECCC85823BD1138919E8F831364B093CF13B11CDD11394AA8D2256D58264266F780EABBA494E99EF63EC1F69997D180ABBA50B091AFD7FF478DAFF435CE2529E5F8FC81316AB0EA636014E125715FC77D653B142734C93FCD825C28CB928D579E9ED2C6C11E89C64B9C4B91CA962FB11C824F302BDEF7F67D1F7AC95F52B49FD4A044101BA3BDDD59C7663AB270D24DC846B90925F615EBFA5182F261938182E301C83FDC027381BD0FA753C84E57CC51531E7D0C468988B67D0B312E73C65E21D93C69C7862553F60BC9B26C6B5FB68BEDA3D7B0770C1116FF2B88484C7FB29A9D46D01719E89CB76A25C1B8349E3F8DA38CC00B3C1502BA6775BE363D27FA71A72DE0094E6805DEABB343B4A6DC98CD5F5191017B4E1CB0E5EE2FA979642305B8FDE9EE6A26E469C03C8B806F9492C0C544D7A0FE7773B3940812AE6B76C447BC28AA8127D9A7FEB7F98B9720C889CE2FF4806225B012B06F2FC0737D2A73A3046BD7ACBF0A8CF02BB3FAB81A60A29C0AA5B3B731541F62B542F4EF8224C6BAF6A087D0A9FE43492E5CE13F855E80457A516155CCA04A6144E402A1A3D71D657556B9124837730953505EB47998481906992BFC1B7B 15720171129101802 2 6 100 3071 2 E5B2496BAE5BB80230B69F3FCDC4E4D64BEFCD390B3D2F4A774F3ED4CBDB333B81930CBAF737164C13615CC0BE2EC320E34B8312ADCAA5D9644C0F054DD446C6299262BC184374B516DE3613628A8FB2606ECBCCE08BEE2ABE5D4B7B4CED22910635B723FFDC9381C8F87D0A471F935B62AF4CBEA3C329DF758BEE99F07C33AD6499CDCDDD64E3105F689C831D566296C978F27F0DB2F44389D9E0256790A0E4976FE38192C4BCB20FAF5853ED8AB04B16FFA478AB5945A3E98B12D014509039AB2F05629C48CA9E2272F71AE6AF07E7FBD92CD944A656731FB783E8EB38DF15630CA074D8CB41ECE91AA8A0D756690813C1DDFBE58CCCE7A50F4C83479C85B11908F80768F76F2FB8870B70F498F3235A044A80F32CE9AA9C613CD611D8CDD3CFD3F6A033F1764CD3029AD5435525D8BDD1B45100D61986BF8DBD8290AEC82FE15DBBBF00850AE58137383EEAFF9C9EDEDF8CCD42840E5D57C006F37AA3493FBA1E1719C7BDFC5EE22275A4D0415FD0DAB28E5CD606275579785194991CB3FB
15820170623122456 2 6 100 4095 5 DCFD3F9E0CF8187E955D8AEB347A5E4250C2B78E67E73E1DCDB99D67EC98180AE5FEF9119D38E50CBDBF46C8B2F62240FF5E1B28FB01276B82DB7422A777AA30AC5A9423D9AC3D33C9FECCC85823BD1138919E8F831364B093CF13B11CDD11394AA8D2256D58264266F780EABBA494E99EF63EC1F69997D180ABBA50B091AFD7FF478DAFF435CE2529E5F8FC81316AB0EA636014E125715FC77D653B142734C93FCD825C28CB928D579E9ED2C6C11E89C64B9C4B91CA962FB11C824F302BDEF7F67D1F7AC95F52B49FD4A044101BA3BDDD59C7663AB270D24DC846B90925F615EBFA5182F261938182E301C83FDC027381BD0FA753C84E57CC51531E7D0C468988B67D0B312E73C65E21D93C69C7862553F60BC9B26C6B5FB68BEDA3D7B0770C1116FF2B88484C7FB29A9D46D01719E89CB76A25C1B8349E3F8DA38CC00B3C1502BA6775BE363D27FA71A72DE0094E6805DEABB343B4A6DC98CD5F5191017B4E1CB0E5EE2FA979642305B8FDE9EE6A26E469C03C8B806F9492C0C544D7A0FE7773B3940812AE6B76C447BC28AA8127D9A7FEB7F98B9720C889CE2FF4806225B012B06F2FC0737D2A73A3046BD7ACBF0A8CF02BB3FAB81A60A29C0AA5B3B731541F62B542F4EF8224C6BAF6A087D0A9FE43492E5CE13F855E80457A516155CCA04A6144E402A1A3D71D657556B9124837730953505EB47998481906992C7EB0CF 15820171129102023 2 6 100 3071 2 E5B2496BAE5BB80230B69F3FCDC4E4D64BEFCD390B3D2F4A774F3ED4CBDB333B81930CBAF737164C13615CC0BE2EC320E34B8312ADCAA5D9644C0F054DD446C6299262BC184374B516DE3613628A8FB2606ECBCCE08BEE2ABE5D4B7B4CED22910635B723FFDC9381C8F87D0A471F935B62AF4CBEA3C329DF758BEE99F07C33AD6499CDCDDD64E3105F689C831D566296C978F27F0DB2F44389D9E0256790A0E4976FE38192C4BCB20FAF5853ED8AB04B16FFA478AB5945A3E98B12D014509039AB2F05629C48CA9E2272F71AE6AF07E7FBD92CD944A656731FB783E8EB38DF15630CA074D8CB41ECE91AA8A0D756690813C1DDFBE58CCCE7A50F4C83479C85B11908F80768F76F2FB8870B70F498F3235A044A80F32CE9AA9C613CD611D8CDD3CFD3F6A033F1764CD3029AD5435525D8BDD1B45100D61986BF8DBD8290AEC82FE15DBBBF00850AE58137383EEAFF9C9EDEDF8CCD42840E5D57C006F37AA3493FBA1E1719C7BDFC5EE22275A4D0415FD0DAB28E5CD606275579785194997603BB
15920170623123432 2 6 100 4095 2 DCFD3F9E0CF8187E955D8AEB347A5E4250C2B78E67E73E1DCDB99D67EC98180AE5FEF9119D38E50CBDBF46C8B2F62240FF5E1B28FB01276B82DB7422A777AA30AC5A9423D9AC3D33C9FECCC85823BD1138919E8F831364B093CF13B11CDD11394AA8D2256D58264266F780EABBA494E99EF63EC1F69997D180ABBA50B091AFD7FF478DAFF435CE2529E5F8FC81316AB0EA636014E125715FC77D653B142734C93FCD825C28CB928D579E9ED2C6C11E89C64B9C4B91CA962FB11C824F302BDEF7F67D1F7AC95F52B49FD4A044101BA3BDDD59C7663AB270D24DC846B90925F615EBFA5182F261938182E301C83FDC027381BD0FA753C84E57CC51531E7D0C468988B67D0B312E73C65E21D93C69C7862553F60BC9B26C6B5FB68BEDA3D7B0770C1116FF2B88484C7FB29A9D46D01719E89CB76A25C1B8349E3F8DA38CC00B3C1502BA6775BE363D27FA71A72DE0094E6805DEABB343B4A6DC98CD5F5191017B4E1CB0E5EE2FA979642305B8FDE9EE6A26E469C03C8B806F9492C0C544D7A0FE7773B3940812AE6B76C447BC28AA8127D9A7FEB7F98B9720C889CE2FF4806225B012B06F2FC0737D2A73A3046BD7ACBF0A8CF02BB3FAB81A60A29C0AA5B3B731541F62B542F4EF8224C6BAF6A087D0A9FE43492E5CE13F855E80457A516155CCA04A6144E402A1A3D71D657556B9124837730953505EB47998481906992D3D886B 15920171129102105 2 6 100 3071 2 E5B2496BAE5BB80230B69F3FCDC4E4D64BEFCD390B3D2F4A774F3ED4CBDB333B81930CBAF737164C13615CC0BE2EC320E34B8312ADCAA5D9644C0F054DD446C6299262BC184374B516DE3613628A8FB2606ECBCCE08BEE2ABE5D4B7B4CED22910635B723FFDC9381C8F87D0A471F935B62AF4CBEA3C329DF758BEE99F07C33AD6499CDCDDD64E3105F689C831D566296C978F27F0DB2F44389D9E0256790A0E4976FE38192C4BCB20FAF5853ED8AB04B16FFA478AB5945A3E98B12D014509039AB2F05629C48CA9E2272F71AE6AF07E7FBD92CD944A656731FB783E8EB38DF15630CA074D8CB41ECE91AA8A0D756690813C1DDFBE58CCCE7A50F4C83479C85B11908F80768F76F2FB8870B70F498F3235A044A80F32CE9AA9C613CD611D8CDD3CFD3F6A033F1764CD3029AD5435525D8BDD1B45100D61986BF8DBD8290AEC82FE15DBBBF00850AE58137383EEAFF9C9EDEDF8CCD42840E5D57C006F37AA3493FBA1E1719C7BDFC5EE22275A4D0415FD0DAB28E5CD606275579785194998A9683
16020170623125910 2 6 100 4095 2 DCFD3F9E0CF8187E955D8AEB347A5E4250C2B78E67E73E1DCDB99D67EC98180AE5FEF9119D38E50CBDBF46C8B2F62240FF5E1B28FB01276B82DB7422A777AA30AC5A9423D9AC3D33C9FECCC85823BD1138919E8F831364B093CF13B11CDD11394AA8D2256D58264266F780EABBA494E99EF63EC1F69997D180ABBA50B091AFD7FF478DAFF435CE2529E5F8FC81316AB0EA636014E125715FC77D653B142734C93FCD825C28CB928D579E9ED2C6C11E89C64B9C4B91CA962FB11C824F302BDEF7F67D1F7AC95F52B49FD4A044101BA3BDDD59C7663AB270D24DC846B90925F615EBFA5182F261938182E301C83FDC027381BD0FA753C84E57CC51531E7D0C468988B67D0B312E73C65E21D93C69C7862553F60BC9B26C6B5FB68BEDA3D7B0770C1116FF2B88484C7FB29A9D46D01719E89CB76A25C1B8349E3F8DA38CC00B3C1502BA6775BE363D27FA71A72DE0094E6805DEABB343B4A6DC98CD5F5191017B4E1CB0E5EE2FA979642305B8FDE9EE6A26E469C03C8B806F9492C0C544D7A0FE7773B3940812AE6B76C447BC28AA8127D9A7FEB7F98B9720C889CE2FF4806225B012B06F2FC0737D2A73A3046BD7ACBF0A8CF02BB3FAB81A60A29C0AA5B3B731541F62B542F4EF8224C6BAF6A087D0A9FE43492E5CE13F855E80457A516155CCA04A6144E402A1A3D71D657556B9124837730953505EB47998481906992F34AA0B 16020171129102314 2 6 100 3071 5 E5B2496BAE5BB80230B69F3FCDC4E4D64BEFCD390B3D2F4A774F3ED4CBDB333B81930CBAF737164C13615CC0BE2EC320E34B8312ADCAA5D9644C0F054DD446C6299262BC184374B516DE3613628A8FB2606ECBCCE08BEE2ABE5D4B7B4CED22910635B723FFDC9381C8F87D0A471F935B62AF4CBEA3C329DF758BEE99F07C33AD6499CDCDDD64E3105F689C831D566296C978F27F0DB2F44389D9E0256790A0E4976FE38192C4BCB20FAF5853ED8AB04B16FFA478AB5945A3E98B12D014509039AB2F05629C48CA9E2272F71AE6AF07E7FBD92CD944A656731FB783E8EB38DF15630CA074D8CB41ECE91AA8A0D756690813C1DDFBE58CCCE7A50F4C83479C85B11908F80768F76F2FB8870B70F498F3235A044A80F32CE9AA9C613CD611D8CDD3CFD3F6A033F1764CD3029AD5435525D8BDD1B45100D61986BF8DBD8290AEC82FE15DBBBF00850AE58137383EEAFF9C9EDEDF8CCD42840E5D57C006F37AA3493FBA1E1719C7BDFC5EE22275A4D0415FD0DAB28E5CD60627557978519499DEC1C7
16120170623130350 2 6 100 4095 5 DCFD3F9E0CF8187E955D8AEB347A5E4250C2B78E67E73E1DCDB99D67EC98180AE5FEF9119D38E50CBDBF46C8B2F62240FF5E1B28FB01276B82DB7422A777AA30AC5A9423D9AC3D33C9FECCC85823BD1138919E8F831364B093CF13B11CDD11394AA8D2256D58264266F780EABBA494E99EF63EC1F69997D180ABBA50B091AFD7FF478DAFF435CE2529E5F8FC81316AB0EA636014E125715FC77D653B142734C93FCD825C28CB928D579E9ED2C6C11E89C64B9C4B91CA962FB11C824F302BDEF7F67D1F7AC95F52B49FD4A044101BA3BDDD59C7663AB270D24DC846B90925F615EBFA5182F261938182E301C83FDC027381BD0FA753C84E57CC51531E7D0C468988B67D0B312E73C65E21D93C69C7862553F60BC9B26C6B5FB68BEDA3D7B0770C1116FF2B88484C7FB29A9D46D01719E89CB76A25C1B8349E3F8DA38CC00B3C1502BA6775BE363D27FA71A72DE0094E6805DEABB343B4A6DC98CD5F5191017B4E1CB0E5EE2FA979642305B8FDE9EE6A26E469C03C8B806F9492C0C544D7A0FE7773B3940812AE6B76C447BC28AA8127D9A7FEB7F98B9720C889CE2FF4806225B012B06F2FC0737D2A73A3046BD7ACBF0A8CF02BB3FAB81A60A29C0AA5B3B731541F62B542F4EF8224C6BAF6A087D0A9FE43492E5CE13F855E80457A516155CCA04A6144E402A1A3D71D657556B9124837730953505EB47998481906992F8B1CFF 16120171129102700 2 6 100 3071 5 E5B2496BAE5BB80230B69F3FCDC4E4D64BEFCD390B3D2F4A774F3ED4CBDB333B81930CBAF737164C13615CC0BE2EC320E34B8312ADCAA5D9644C0F054DD446C6299262BC184374B516DE3613628A8FB2606ECBCCE08BEE2ABE5D4B7B4CED22910635B723FFDC9381C8F87D0A471F935B62AF4CBEA3C329DF758BEE99F07C33AD6499CDCDDD64E3105F689C831D566296C978F27F0DB2F44389D9E0256790A0E4976FE38192C4BCB20FAF5853ED8AB04B16FFA478AB5945A3E98B12D014509039AB2F05629C48CA9E2272F71AE6AF07E7FBD92CD944A656731FB783E8EB38DF15630CA074D8CB41ECE91AA8A0D756690813C1DDFBE58CCCE7A50F4C83479C85B11908F80768F76F2FB8870B70F498F3235A044A80F32CE9AA9C613CD611D8CDD3CFD3F6A033F1764CD3029AD5435525D8BDD1B45100D61986BF8DBD8290AEC82FE15DBBBF00850AE58137383EEAFF9C9EDEDF8CCD42840E5D57C006F37AA3493FBA1E1719C7BDFC5EE22275A4D0415FD0DAB28E5CD6062755797851949A7663FF
16220170623131900 2 6 100 4095 2 DCFD3F9E0CF8187E955D8AEB347A5E4250C2B78E67E73E1DCDB99D67EC98180AE5FEF9119D38E50CBDBF46C8B2F62240FF5E1B28FB01276B82DB7422A777AA30AC5A9423D9AC3D33C9FECCC85823BD1138919E8F831364B093CF13B11CDD11394AA8D2256D58264266F780EABBA494E99EF63EC1F69997D180ABBA50B091AFD7FF478DAFF435CE2529E5F8FC81316AB0EA636014E125715FC77D653B142734C93FCD825C28CB928D579E9ED2C6C11E89C64B9C4B91CA962FB11C824F302BDEF7F67D1F7AC95F52B49FD4A044101BA3BDDD59C7663AB270D24DC846B90925F615EBFA5182F261938182E301C83FDC027381BD0FA753C84E57CC51531E7D0C468988B67D0B312E73C65E21D93C69C7862553F60BC9B26C6B5FB68BEDA3D7B0770C1116FF2B88484C7FB29A9D46D01719E89CB76A25C1B8349E3F8DA38CC00B3C1502BA6775BE363D27FA71A72DE0094E6805DEABB343B4A6DC98CD5F5191017B4E1CB0E5EE2FA979642305B8FDE9EE6A26E469C03C8B806F9492C0C544D7A0FE7773B3940812AE6B76C447BC28AA8127D9A7FEB7F98B9720C889CE2FF4806225B012B06F2FC0737D2A73A3046BD7ACBF0A8CF02BB3FAB81A60A29C0AA5B3B731541F62B542F4EF8224C6BAF6A087D0A9FE43492E5CE13F855E80457A516155CCA04A6144E402A1A3D71D657556B9124837730953505EB479984819069930BE28FB 16220171129102831 2 6 100 3071 2 E5B2496BAE5BB80230B69F3FCDC4E4D64BEFCD390B3D2F4A774F3ED4CBDB333B81930CBAF737164C13615CC0BE2EC320E34B8312ADCAA5D9644C0F054DD446C6299262BC184374B516DE3613628A8FB2606ECBCCE08BEE2ABE5D4B7B4CED22910635B723FFDC9381C8F87D0A471F935B62AF4CBEA3C329DF758BEE99F07C33AD6499CDCDDD64E3105F689C831D566296C978F27F0DB2F44389D9E0256790A0E4976FE38192C4BCB20FAF5853ED8AB04B16FFA478AB5945A3E98B12D014509039AB2F05629C48CA9E2272F71AE6AF07E7FBD92CD944A656731FB783E8EB38DF15630CA074D8CB41ECE91AA8A0D756690813C1DDFBE58CCCE7A50F4C83479C85B11908F80768F76F2FB8870B70F498F3235A044A80F32CE9AA9C613CD611D8CDD3CFD3F6A033F1764CD3029AD5435525D8BDD1B45100D61986BF8DBD8290AEC82FE15DBBBF00850AE58137383EEAFF9C9EDEDF8CCD42840E5D57C006F37AA3493FBA1E1719C7BDFC5EE22275A4D0415FD0DAB28E5CD6062755797851949AADA95B
16320170623132006 2 6 100 4095 2 DCFD3F9E0CF8187E955D8AEB347A5E4250C2B78E67E73E1DCDB99D67EC98180AE5FEF9119D38E50CBDBF46C8B2F62240FF5E1B28FB01276B82DB7422A777AA30AC5A9423D9AC3D33C9FECCC85823BD1138919E8F831364B093CF13B11CDD11394AA8D2256D58264266F780EABBA494E99EF63EC1F69997D180ABBA50B091AFD7FF478DAFF435CE2529E5F8FC81316AB0EA636014E125715FC77D653B142734C93FCD825C28CB928D579E9ED2C6C11E89C64B9C4B91CA962FB11C824F302BDEF7F67D1F7AC95F52B49FD4A044101BA3BDDD59C7663AB270D24DC846B90925F615EBFA5182F261938182E301C83FDC027381BD0FA753C84E57CC51531E7D0C468988B67D0B312E73C65E21D93C69C7862553F60BC9B26C6B5FB68BEDA3D7B0770C1116FF2B88484C7FB29A9D46D01719E89CB76A25C1B8349E3F8DA38CC00B3C1502BA6775BE363D27FA71A72DE0094E6805DEABB343B4A6DC98CD5F5191017B4E1CB0E5EE2FA979642305B8FDE9EE6A26E469C03C8B806F9492C0C544D7A0FE7773B3940812AE6B76C447BC28AA8127D9A7FEB7F98B9720C889CE2FF4806225B012B06F2FC0737D2A73A3046BD7ACBF0A8CF02BB3FAB81A60A29C0AA5B3B731541F62B542F4EF8224C6BAF6A087D0A9FE43492E5CE13F855E80457A516155CCA04A6144E402A1A3D71D657556B9124837730953505EB479984819069930CCBBC3 16320171129103048 2 6 100 3071 2 E5B2496BAE5BB80230B69F3FCDC4E4D64BEFCD390B3D2F4A774F3ED4CBDB333B81930CBAF737164C13615CC0BE2EC320E34B8312ADCAA5D9644C0F054DD446C6299262BC184374B516DE3613628A8FB2606ECBCCE08BEE2ABE5D4B7B4CED22910635B723FFDC9381C8F87D0A471F935B62AF4CBEA3C329DF758BEE99F07C33AD6499CDCDDD64E3105F689C831D566296C978F27F0DB2F44389D9E0256790A0E4976FE38192C4BCB20FAF5853ED8AB04B16FFA478AB5945A3E98B12D014509039AB2F05629C48CA9E2272F71AE6AF07E7FBD92CD944A656731FB783E8EB38DF15630CA074D8CB41ECE91AA8A0D756690813C1DDFBE58CCCE7A50F4C83479C85B11908F80768F76F2FB8870B70F498F3235A044A80F32CE9AA9C613CD611D8CDD3CFD3F6A033F1764CD3029AD5435525D8BDD1B45100D61986BF8DBD8290AEC82FE15DBBBF00850AE58137383EEAFF9C9EDEDF8CCD42840E5D57C006F37AA3493FBA1E1719C7BDFC5EE22275A4D0415FD0DAB28E5CD6062755797851949B0592FB
16420170623134400 2 6 100 4095 5 DCFD3F9E0CF8187E955D8AEB347A5E4250C2B78E67E73E1DCDB99D67EC98180AE5FEF9119D38E50CBDBF46C8B2F62240FF5E1B28FB01276B82DB7422A777AA30AC5A9423D9AC3D33C9FECCC85823BD1138919E8F831364B093CF13B11CDD11394AA8D2256D58264266F780EABBA494E99EF63EC1F69997D180ABBA50B091AFD7FF478DAFF435CE2529E5F8FC81316AB0EA636014E125715FC77D653B142734C93FCD825C28CB928D579E9ED2C6C11E89C64B9C4B91CA962FB11C824F302BDEF7F67D1F7AC95F52B49FD4A044101BA3BDDD59C7663AB270D24DC846B90925F615EBFA5182F261938182E301C83FDC027381BD0FA753C84E57CC51531E7D0C468988B67D0B312E73C65E21D93C69C7862553F60BC9B26C6B5FB68BEDA3D7B0770C1116FF2B88484C7FB29A9D46D01719E89CB76A25C1B8349E3F8DA38CC00B3C1502BA6775BE363D27FA71A72DE0094E6805DEABB343B4A6DC98CD5F5191017B4E1CB0E5EE2FA979642305B8FDE9EE6A26E469C03C8B806F9492C0C544D7A0FE7773B3940812AE6B76C447BC28AA8127D9A7FEB7F98B9720C889CE2FF4806225B012B06F2FC0737D2A73A3046BD7ACBF0A8CF02BB3FAB81A60A29C0AA5B3B731541F62B542F4EF8224C6BAF6A087D0A9FE43492E5CE13F855E80457A516155CCA04A6144E402A1A3D71D657556B9124837730953505EB479984819069932B40887 16420171129103239 2 6 100 3071 2 E5B2496BAE5BB80230B69F3FCDC4E4D64BEFCD390B3D2F4A774F3ED4CBDB333B81930CBAF737164C13615CC0BE2EC320E34B8312ADCAA5D9644C0F054DD446C6299262BC184374B516DE3613628A8FB2606ECBCCE08BEE2ABE5D4B7B4CED22910635B723FFDC9381C8F87D0A471F935B62AF4CBEA3C329DF758BEE99F07C33AD6499CDCDDD64E3105F689C831D566296C978F27F0DB2F44389D9E0256790A0E4976FE38192C4BCB20FAF5853ED8AB04B16FFA478AB5945A3E98B12D014509039AB2F05629C48CA9E2272F71AE6AF07E7FBD92CD944A656731FB783E8EB38DF15630CA074D8CB41ECE91AA8A0D756690813C1DDFBE58CCCE7A50F4C83479C85B11908F80768F76F2FB8870B70F498F3235A044A80F32CE9AA9C613CD611D8CDD3CFD3F6A033F1764CD3029AD5435525D8BDD1B45100D61986BF8DBD8290AEC82FE15DBBBF00850AE58137383EEAFF9C9EDEDF8CCD42840E5D57C006F37AA3493FBA1E1719C7BDFC5EE22275A4D0415FD0DAB28E5CD6062755797851949B4D9C73
16520170623134659 2 6 100 4095 5 DCFD3F9E0CF8187E955D8AEB347A5E4250C2B78E67E73E1DCDB99D67EC98180AE5FEF9119D38E50CBDBF46C8B2F62240FF5E1B28FB01276B82DB7422A777AA30AC5A9423D9AC3D33C9FECCC85823BD1138919E8F831364B093CF13B11CDD11394AA8D2256D58264266F780EABBA494E99EF63EC1F69997D180ABBA50B091AFD7FF478DAFF435CE2529E5F8FC81316AB0EA636014E125715FC77D653B142734C93FCD825C28CB928D579E9ED2C6C11E89C64B9C4B91CA962FB11C824F302BDEF7F67D1F7AC95F52B49FD4A044101BA3BDDD59C7663AB270D24DC846B90925F615EBFA5182F261938182E301C83FDC027381BD0FA753C84E57CC51531E7D0C468988B67D0B312E73C65E21D93C69C7862553F60BC9B26C6B5FB68BEDA3D7B0770C1116FF2B88484C7FB29A9D46D01719E89CB76A25C1B8349E3F8DA38CC00B3C1502BA6775BE363D27FA71A72DE0094E6805DEABB343B4A6DC98CD5F5191017B4E1CB0E5EE2FA979642305B8FDE9EE6A26E469C03C8B806F9492C0C544D7A0FE7773B3940812AE6B76C447BC28AA8127D9A7FEB7F98B9720C889CE2FF4806225B012B06F2FC0737D2A73A3046BD7ACBF0A8CF02BB3FAB81A60A29C0AA5B3B731541F62B542F4EF8224C6BAF6A087D0A9FE43492E5CE13F855E80457A516155CCA04A6144E402A1A3D71D657556B9124837730953505EB479984819069932E77127 16520171129103850 2 6 100 3071 5 E5B2496BAE5BB80230B69F3FCDC4E4D64BEFCD390B3D2F4A774F3ED4CBDB333B81930CBAF737164C13615CC0BE2EC320E34B8312ADCAA5D9644C0F054DD446C6299262BC184374B516DE3613628A8FB2606ECBCCE08BEE2ABE5D4B7B4CED22910635B723FFDC9381C8F87D0A471F935B62AF4CBEA3C329DF758BEE99F07C33AD6499CDCDDD64E3105F689C831D566296C978F27F0DB2F44389D9E0256790A0E4976FE38192C4BCB20FAF5853ED8AB04B16FFA478AB5945A3E98B12D014509039AB2F05629C48CA9E2272F71AE6AF07E7FBD92CD944A656731FB783E8EB38DF15630CA074D8CB41ECE91AA8A0D756690813C1DDFBE58CCCE7A50F4C83479C85B11908F80768F76F2FB8870B70F498F3235A044A80F32CE9AA9C613CD611D8CDD3CFD3F6A033F1764CD3029AD5435525D8BDD1B45100D61986BF8DBD8290AEC82FE15DBBBF00850AE58137383EEAFF9C9EDEDF8CCD42840E5D57C006F37AA3493FBA1E1719C7BDFC5EE22275A4D0415FD0DAB28E5CD6062755797851949C57B5F7
16620170623140059 2 6 100 4095 2 DCFD3F9E0CF8187E955D8AEB347A5E4250C2B78E67E73E1DCDB99D67EC98180AE5FEF9119D38E50CBDBF46C8B2F62240FF5E1B28FB01276B82DB7422A777AA30AC5A9423D9AC3D33C9FECCC85823BD1138919E8F831364B093CF13B11CDD11394AA8D2256D58264266F780EABBA494E99EF63EC1F69997D180ABBA50B091AFD7FF478DAFF435CE2529E5F8FC81316AB0EA636014E125715FC77D653B142734C93FCD825C28CB928D579E9ED2C6C11E89C64B9C4B91CA962FB11C824F302BDEF7F67D1F7AC95F52B49FD4A044101BA3BDDD59C7663AB270D24DC846B90925F615EBFA5182F261938182E301C83FDC027381BD0FA753C84E57CC51531E7D0C468988B67D0B312E73C65E21D93C69C7862553F60BC9B26C6B5FB68BEDA3D7B0770C1116FF2B88484C7FB29A9D46D01719E89CB76A25C1B8349E3F8DA38CC00B3C1502BA6775BE363D27FA71A72DE0094E6805DEABB343B4A6DC98CD5F5191017B4E1CB0E5EE2FA979642305B8FDE9EE6A26E469C03C8B806F9492C0C544D7A0FE7773B3940812AE6B76C447BC28AA8127D9A7FEB7F98B9720C889CE2FF4806225B012B06F2FC0737D2A73A3046BD7ACBF0A8CF02BB3FAB81A60A29C0AA5B3B731541F62B542F4EF8224C6BAF6A087D0A9FE43492E5CE13F855E80457A516155CCA04A6144E402A1A3D71D657556B9124837730953505EB479984819069934031953 16620171129104512 2 6 100 3071 2 E5B2496BAE5BB80230B69F3FCDC4E4D64BEFCD390B3D2F4A774F3ED4CBDB333B81930CBAF737164C13615CC0BE2EC320E34B8312ADCAA5D9644C0F054DD446C6299262BC184374B516DE3613628A8FB2606ECBCCE08BEE2ABE5D4B7B4CED22910635B723FFDC9381C8F87D0A471F935B62AF4CBEA3C329DF758BEE99F07C33AD6499CDCDDD64E3105F689C831D566296C978F27F0DB2F44389D9E0256790A0E4976FE38192C4BCB20FAF5853ED8AB04B16FFA478AB5945A3E98B12D014509039AB2F05629C48CA9E2272F71AE6AF07E7FBD92CD944A656731FB783E8EB38DF15630CA074D8CB41ECE91AA8A0D756690813C1DDFBE58CCCE7A50F4C83479C85B11908F80768F76F2FB8870B70F498F3235A044A80F32CE9AA9C613CD611D8CDD3CFD3F6A033F1764CD3029AD5435525D8BDD1B45100D61986BF8DBD8290AEC82FE15DBBBF00850AE58137383EEAFF9C9EDEDF8CCD42840E5D57C006F37AA3493FBA1E1719C7BDFC5EE22275A4D0415FD0DAB28E5CD6062755797851949D60C7AB
16720170623140936 2 6 100 4095 5 DCFD3F9E0CF8187E955D8AEB347A5E4250C2B78E67E73E1DCDB99D67EC98180AE5FEF9119D38E50CBDBF46C8B2F62240FF5E1B28FB01276B82DB7422A777AA30AC5A9423D9AC3D33C9FECCC85823BD1138919E8F831364B093CF13B11CDD11394AA8D2256D58264266F780EABBA494E99EF63EC1F69997D180ABBA50B091AFD7FF478DAFF435CE2529E5F8FC81316AB0EA636014E125715FC77D653B142734C93FCD825C28CB928D579E9ED2C6C11E89C64B9C4B91CA962FB11C824F302BDEF7F67D1F7AC95F52B49FD4A044101BA3BDDD59C7663AB270D24DC846B90925F615EBFA5182F261938182E301C83FDC027381BD0FA753C84E57CC51531E7D0C468988B67D0B312E73C65E21D93C69C7862553F60BC9B26C6B5FB68BEDA3D7B0770C1116FF2B88484C7FB29A9D46D01719E89CB76A25C1B8349E3F8DA38CC00B3C1502BA6775BE363D27FA71A72DE0094E6805DEABB343B4A6DC98CD5F5191017B4E1CB0E5EE2FA979642305B8FDE9EE6A26E469C03C8B806F9492C0C544D7A0FE7773B3940812AE6B76C447BC28AA8127D9A7FEB7F98B9720C889CE2FF4806225B012B06F2FC0737D2A73A3046BD7ACBF0A8CF02BB3FAB81A60A29C0AA5B3B731541F62B542F4EF8224C6BAF6A087D0A9FE43492E5CE13F855E80457A516155CCA04A6144E402A1A3D71D657556B9124837730953505EB479984819069934AC3B0F 16720171129105020 2 6 100 3071 2 E5B2496BAE5BB80230B69F3FCDC4E4D64BEFCD390B3D2F4A774F3ED4CBDB333B81930CBAF737164C13615CC0BE2EC320E34B8312ADCAA5D9644C0F054DD446C6299262BC184374B516DE3613628A8FB2606ECBCCE08BEE2ABE5D4B7B4CED22910635B723FFDC9381C8F87D0A471F935B62AF4CBEA3C329DF758BEE99F07C33AD6499CDCDDD64E3105F689C831D566296C978F27F0DB2F44389D9E0256790A0E4976FE38192C4BCB20FAF5853ED8AB04B16FFA478AB5945A3E98B12D014509039AB2F05629C48CA9E2272F71AE6AF07E7FBD92CD944A656731FB783E8EB38DF15630CA074D8CB41ECE91AA8A0D756690813C1DDFBE58CCCE7A50F4C83479C85B11908F80768F76F2FB8870B70F498F3235A044A80F32CE9AA9C613CD611D8CDD3CFD3F6A033F1764CD3029AD5435525D8BDD1B45100D61986BF8DBD8290AEC82FE15DBBBF00850AE58137383EEAFF9C9EDEDF8CCD42840E5D57C006F37AA3493FBA1E1719C7BDFC5EE22275A4D0415FD0DAB28E5CD6062755797851949E393D6B
16820170623142309 2 6 100 4095 2 DCFD3F9E0CF8187E955D8AEB347A5E4250C2B78E67E73E1DCDB99D67EC98180AE5FEF9119D38E50CBDBF46C8B2F62240FF5E1B28FB01276B82DB7422A777AA30AC5A9423D9AC3D33C9FECCC85823BD1138919E8F831364B093CF13B11CDD11394AA8D2256D58264266F780EABBA494E99EF63EC1F69997D180ABBA50B091AFD7FF478DAFF435CE2529E5F8FC81316AB0EA636014E125715FC77D653B142734C93FCD825C28CB928D579E9ED2C6C11E89C64B9C4B91CA962FB11C824F302BDEF7F67D1F7AC95F52B49FD4A044101BA3BDDD59C7663AB270D24DC846B90925F615EBFA5182F261938182E301C83FDC027381BD0FA753C84E57CC51531E7D0C468988B67D0B312E73C65E21D93C69C7862553F60BC9B26C6B5FB68BEDA3D7B0770C1116FF2B88484C7FB29A9D46D01719E89CB76A25C1B8349E3F8DA38CC00B3C1502BA6775BE363D27FA71A72DE0094E6805DEABB343B4A6DC98CD5F5191017B4E1CB0E5EE2FA979642305B8FDE9EE6A26E469C03C8B806F9492C0C544D7A0FE7773B3940812AE6B76C447BC28AA8127D9A7FEB7F98B9720C889CE2FF4806225B012B06F2FC0737D2A73A3046BD7ACBF0A8CF02BB3FAB81A60A29C0AA5B3B731541F62B542F4EF8224C6BAF6A087D0A9FE43492E5CE13F855E80457A516155CCA04A6144E402A1A3D71D657556B9124837730953505EB479984819069935BCCF33 16820171129105252 2 6 100 3071 5 E5B2496BAE5BB80230B69F3FCDC4E4D64BEFCD390B3D2F4A774F3ED4CBDB333B81930CBAF737164C13615CC0BE2EC320E34B8312ADCAA5D9644C0F054DD446C6299262BC184374B516DE3613628A8FB2606ECBCCE08BEE2ABE5D4B7B4CED22910635B723FFDC9381C8F87D0A471F935B62AF4CBEA3C329DF758BEE99F07C33AD6499CDCDDD64E3105F689C831D566296C978F27F0DB2F44389D9E0256790A0E4976FE38192C4BCB20FAF5853ED8AB04B16FFA478AB5945A3E98B12D014509039AB2F05629C48CA9E2272F71AE6AF07E7FBD92CD944A656731FB783E8EB38DF15630CA074D8CB41ECE91AA8A0D756690813C1DDFBE58CCCE7A50F4C83479C85B11908F80768F76F2FB8870B70F498F3235A044A80F32CE9AA9C613CD611D8CDD3CFD3F6A033F1764CD3029AD5435525D8BDD1B45100D61986BF8DBD8290AEC82FE15DBBBF00850AE58137383EEAFF9C9EDEDF8CCD42840E5D57C006F37AA3493FBA1E1719C7BDFC5EE22275A4D0415FD0DAB28E5CD6062755797851949E9CF297
16920170623142743 2 6 100 4095 2 DCFD3F9E0CF8187E955D8AEB347A5E4250C2B78E67E73E1DCDB99D67EC98180AE5FEF9119D38E50CBDBF46C8B2F62240FF5E1B28FB01276B82DB7422A777AA30AC5A9423D9AC3D33C9FECCC85823BD1138919E8F831364B093CF13B11CDD11394AA8D2256D58264266F780EABBA494E99EF63EC1F69997D180ABBA50B091AFD7FF478DAFF435CE2529E5F8FC81316AB0EA636014E125715FC77D653B142734C93FCD825C28CB928D579E9ED2C6C11E89C64B9C4B91CA962FB11C824F302BDEF7F67D1F7AC95F52B49FD4A044101BA3BDDD59C7663AB270D24DC846B90925F615EBFA5182F261938182E301C83FDC027381BD0FA753C84E57CC51531E7D0C468988B67D0B312E73C65E21D93C69C7862553F60BC9B26C6B5FB68BEDA3D7B0770C1116FF2B88484C7FB29A9D46D01719E89CB76A25C1B8349E3F8DA38CC00B3C1502BA6775BE363D27FA71A72DE0094E6805DEABB343B4A6DC98CD5F5191017B4E1CB0E5EE2FA979642305B8FDE9EE6A26E469C03C8B806F9492C0C544D7A0FE7773B3940812AE6B76C447BC28AA8127D9A7FEB7F98B9720C889CE2FF4806225B012B06F2FC0737D2A73A3046BD7ACBF0A8CF02BB3FAB81A60A29C0AA5B3B731541F62B542F4EF8224C6BAF6A087D0A9FE43492E5CE13F855E80457A516155CCA04A6144E402A1A3D71D657556B9124837730953505EB47998481906993611A26B 16920171129114245 2 6 100 4095 2 FADF655A8C18F13858C1C774D0060DD6FF25EAC29084E6A0A1E0D1218FD17F8800F697434FF377BC9ACB86AB48BDC139C51630956017D96CB0CC5C2D22604CABCBA881260B3A1F00A9F328DE35AC41638728AE65A1829F90AEE08237C971608AB5A7F3B50C53B3313FD68C774AAE29BCC1DA02BE0766D62DDE586169BAACB485CADC4F16EA0648E67D4D0F8DEFD9CCA4CC2B4000CD0C6372205F97C78F270F7E75A18DE0D3C8A3A1C1C606337BF6BEC94DD93D2646462E5F23AA4C292C00761D06FE220616A50C042A39351EBB2373EF21A35D5279D82E78B016A538B99CC166A148BABD91BCBE318A7987A5DA51B8B72D038F2D77668D48150A25ADC84018ADC7F36563E82D9DAA3B04593A989F9F05BBC0183DCE1BF6D6E2F9E4EFD5B52DF56B20AC035E36D57DFE521E9B3D256DE7F55C78837C0F5036DEC0581DF76CE7990A87F25113148BA1FF3502D82FC127B8134D3573BB8711B7891EF0C56B5C95037C9FBA6698219D63F5244A2E5D3479D0887CF5296900A23B344F3D804DF82712ABBD8A42218943957FA29966DBDB3A829959D08588FB670EEA4BF17605F928391B6BD36239CBE217CE278D2068D845F0B619CE726F2E9CA46ECA76180A90FFFFFA400D8F2956F3801FAADC49D9B05A786CA5D860A9B3AF3521842AB2C8C67CF7C9D966863B61AB2AA02970BD03F828980FEADEE067C4E7448FADC980424F9ADB
17020170623150027 2 6 100 4095 2 DCFD3F9E0CF8187E955D8AEB347A5E4250C2B78E67E73E1DCDB99D67EC98180AE5FEF9119D38E50CBDBF46C8B2F62240FF5E1B28FB01276B82DB7422A777AA30AC5A9423D9AC3D33C9FECCC85823BD1138919E8F831364B093CF13B11CDD11394AA8D2256D58264266F780EABBA494E99EF63EC1F69997D180ABBA50B091AFD7FF478DAFF435CE2529E5F8FC81316AB0EA636014E125715FC77D653B142734C93FCD825C28CB928D579E9ED2C6C11E89C64B9C4B91CA962FB11C824F302BDEF7F67D1F7AC95F52B49FD4A044101BA3BDDD59C7663AB270D24DC846B90925F615EBFA5182F261938182E301C83FDC027381BD0FA753C84E57CC51531E7D0C468988B67D0B312E73C65E21D93C69C7862553F60BC9B26C6B5FB68BEDA3D7B0770C1116FF2B88484C7FB29A9D46D01719E89CB76A25C1B8349E3F8DA38CC00B3C1502BA6775BE363D27FA71A72DE0094E6805DEABB343B4A6DC98CD5F5191017B4E1CB0E5EE2FA979642305B8FDE9EE6A26E469C03C8B806F9492C0C544D7A0FE7773B3940812AE6B76C447BC28AA8127D9A7FEB7F98B9720C889CE2FF4806225B012B06F2FC0737D2A73A3046BD7ACBF0A8CF02BB3FAB81A60A29C0AA5B3B731541F62B542F4EF8224C6BAF6A087D0A9FE43492E5CE13F855E80457A516155CCA04A6144E402A1A3D71D657556B9124837730953505EB479984819069938A6965B 17020171129114850 2 6 100 4095 2 FADF655A8C18F13858C1C774D0060DD6FF25EAC29084E6A0A1E0D1218FD17F8800F697434FF377BC9ACB86AB48BDC139C51630956017D96CB0CC5C2D22604CABCBA881260B3A1F00A9F328DE35AC41638728AE65A1829F90AEE08237C971608AB5A7F3B50C53B3313FD68C774AAE29BCC1DA02BE0766D62DDE586169BAACB485CADC4F16EA0648E67D4D0F8DEFD9CCA4CC2B4000CD0C6372205F97C78F270F7E75A18DE0D3C8A3A1C1C606337BF6BEC94DD93D2646462E5F23AA4C292C00761D06FE220616A50C042A39351EBB2373EF21A35D5279D82E78B016A538B99CC166A148BABD91BCBE318A7987A5DA51B8B72D038F2D77668D48150A25ADC84018ADC7F36563E82D9DAA3B04593A989F9F05BBC0183DCE1BF6D6E2F9E4EFD5B52DF56B20AC035E36D57DFE521E9B3D256DE7F55C78837C0F5036DEC0581DF76CE7990A87F25113148BA1FF3502D82FC127B8134D3573BB8711B7891EF0C56B5C95037C9FBA6698219D63F5244A2E5D3479D0887CF5296900A23B344F3D804DF82712ABBD8A42218943957FA29966DBDB3A829959D08588FB670EEA4BF17605F928391B6BD36239CBE217CE278D2068D845F0B619CE726F2E9CA46ECA76180A90FFFFFA400D8F2956F3801FAADC49D9B05A786CA5D860A9B3AF3521842AB2C8C67CF7C9D966863B61AB2AA02970BD03F828980FEADEE067C4E7448FADC98042BB88F3
17120170623150107 2 6 100 4095 2 DCFD3F9E0CF8187E955D8AEB347A5E4250C2B78E67E73E1DCDB99D67EC98180AE5FEF9119D38E50CBDBF46C8B2F62240FF5E1B28FB01276B82DB7422A777AA30AC5A9423D9AC3D33C9FECCC85823BD1138919E8F831364B093CF13B11CDD11394AA8D2256D58264266F780EABBA494E99EF63EC1F69997D180ABBA50B091AFD7FF478DAFF435CE2529E5F8FC81316AB0EA636014E125715FC77D653B142734C93FCD825C28CB928D579E9ED2C6C11E89C64B9C4B91CA962FB11C824F302BDEF7F67D1F7AC95F52B49FD4A044101BA3BDDD59C7663AB270D24DC846B90925F615EBFA5182F261938182E301C83FDC027381BD0FA753C84E57CC51531E7D0C468988B67D0B312E73C65E21D93C69C7862553F60BC9B26C6B5FB68BEDA3D7B0770C1116FF2B88484C7FB29A9D46D01719E89CB76A25C1B8349E3F8DA38CC00B3C1502BA6775BE363D27FA71A72DE0094E6805DEABB343B4A6DC98CD5F5191017B4E1CB0E5EE2FA979642305B8FDE9EE6A26E469C03C8B806F9492C0C544D7A0FE7773B3940812AE6B76C447BC28AA8127D9A7FEB7F98B9720C889CE2FF4806225B012B06F2FC0737D2A73A3046BD7ACBF0A8CF02BB3FAB81A60A29C0AA5B3B731541F62B542F4EF8224C6BAF6A087D0A9FE43492E5CE13F855E80457A516155CCA04A6144E402A1A3D71D657556B9124837730953505EB479984819069938AB78CB 17120171129121702 2 6 100 4095 2 FADF655A8C18F13858C1C774D0060DD6FF25EAC29084E6A0A1E0D1218FD17F8800F697434FF377BC9ACB86AB48BDC139C51630956017D96CB0CC5C2D22604CABCBA881260B3A1F00A9F328DE35AC41638728AE65A1829F90AEE08237C971608AB5A7F3B50C53B3313FD68C774AAE29BCC1DA02BE0766D62DDE586169BAACB485CADC4F16EA0648E67D4D0F8DEFD9CCA4CC2B4000CD0C6372205F97C78F270F7E75A18DE0D3C8A3A1C1C606337BF6BEC94DD93D2646462E5F23AA4C292C00761D06FE220616A50C042A39351EBB2373EF21A35D5279D82E78B016A538B99CC166A148BABD91BCBE318A7987A5DA51B8B72D038F2D77668D48150A25ADC84018ADC7F36563E82D9DAA3B04593A989F9F05BBC0183DCE1BF6D6E2F9E4EFD5B52DF56B20AC035E36D57DFE521E9B3D256DE7F55C78837C0F5036DEC0581DF76CE7990A87F25113148BA1FF3502D82FC127B8134D3573BB8711B7891EF0C56B5C95037C9FBA6698219D63F5244A2E5D3479D0887CF5296900A23B344F3D804DF82712ABBD8A42218943957FA29966DBDB3A829959D08588FB670EEA4BF17605F928391B6BD36239CBE217CE278D2068D845F0B619CE726F2E9CA46ECA76180A90FFFFFA400D8F2956F3801FAADC49D9B05A786CA5D860A9B3AF3521842AB2C8C67CF7C9D966863B61AB2AA02970BD03F828980FEADEE067C4E7448FADC98044D9C36B
17220170623150738 2 6 100 4095 5 DCFD3F9E0CF8187E955D8AEB347A5E4250C2B78E67E73E1DCDB99D67EC98180AE5FEF9119D38E50CBDBF46C8B2F62240FF5E1B28FB01276B82DB7422A777AA30AC5A9423D9AC3D33C9FECCC85823BD1138919E8F831364B093CF13B11CDD11394AA8D2256D58264266F780EABBA494E99EF63EC1F69997D180ABBA50B091AFD7FF478DAFF435CE2529E5F8FC81316AB0EA636014E125715FC77D653B142734C93FCD825C28CB928D579E9ED2C6C11E89C64B9C4B91CA962FB11C824F302BDEF7F67D1F7AC95F52B49FD4A044101BA3BDDD59C7663AB270D24DC846B90925F615EBFA5182F261938182E301C83FDC027381BD0FA753C84E57CC51531E7D0C468988B67D0B312E73C65E21D93C69C7862553F60BC9B26C6B5FB68BEDA3D7B0770C1116FF2B88484C7FB29A9D46D01719E89CB76A25C1B8349E3F8DA38CC00B3C1502BA6775BE363D27FA71A72DE0094E6805DEABB343B4A6DC98CD5F5191017B4E1CB0E5EE2FA979642305B8FDE9EE6A26E469C03C8B806F9492C0C544D7A0FE7773B3940812AE6B76C447BC28AA8127D9A7FEB7F98B9720C889CE2FF4806225B012B06F2FC0737D2A73A3046BD7ACBF0A8CF02BB3FAB81A60A29C0AA5B3B731541F62B542F4EF8224C6BAF6A087D0A9FE43492E5CE13F855E80457A516155CCA04A6144E402A1A3D71D657556B9124837730953505EB4799848190699392AA267 17220171129124238 2 6 100 4095 2 FADF655A8C18F13858C1C774D0060DD6FF25EAC29084E6A0A1E0D1218FD17F8800F697434FF377BC9ACB86AB48BDC139C51630956017D96CB0CC5C2D22604CABCBA881260B3A1F00A9F328DE35AC41638728AE65A1829F90AEE08237C971608AB5A7F3B50C53B3313FD68C774AAE29BCC1DA02BE0766D62DDE586169BAACB485CADC4F16EA0648E67D4D0F8DEFD9CCA4CC2B4000CD0C6372205F97C78F270F7E75A18DE0D3C8A3A1C1C606337BF6BEC94DD93D2646462E5F23AA4C292C00761D06FE220616A50C042A39351EBB2373EF21A35D5279D82E78B016A538B99CC166A148BABD91BCBE318A7987A5DA51B8B72D038F2D77668D48150A25ADC84018ADC7F36563E82D9DAA3B04593A989F9F05BBC0183DCE1BF6D6E2F9E4EFD5B52DF56B20AC035E36D57DFE521E9B3D256DE7F55C78837C0F5036DEC0581DF76CE7990A87F25113148BA1FF3502D82FC127B8134D3573BB8711B7891EF0C56B5C95037C9FBA6698219D63F5244A2E5D3479D0887CF5296900A23B344F3D804DF82712ABBD8A42218943957FA29966DBDB3A829959D08588FB670EEA4BF17605F928391B6BD36239CBE217CE278D2068D845F0B619CE726F2E9CA46ECA76180A90FFFFFA400D8F2956F3801FAADC49D9B05A786CA5D860A9B3AF3521842AB2C8C67CF7C9D966863B61AB2AA02970BD03F828980FEADEE067C4E7448FADC98046CAF153
17320170623152234 2 6 100 4095 2 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988DA657F33 17320171129125253 2 6 100 4095 2 FADF655A8C18F13858C1C774D0060DD6FF25EAC29084E6A0A1E0D1218FD17F8800F697434FF377BC9ACB86AB48BDC139C51630956017D96CB0CC5C2D22604CABCBA881260B3A1F00A9F328DE35AC41638728AE65A1829F90AEE08237C971608AB5A7F3B50C53B3313FD68C774AAE29BCC1DA02BE0766D62DDE586169BAACB485CADC4F16EA0648E67D4D0F8DEFD9CCA4CC2B4000CD0C6372205F97C78F270F7E75A18DE0D3C8A3A1C1C606337BF6BEC94DD93D2646462E5F23AA4C292C00761D06FE220616A50C042A39351EBB2373EF21A35D5279D82E78B016A538B99CC166A148BABD91BCBE318A7987A5DA51B8B72D038F2D77668D48150A25ADC84018ADC7F36563E82D9DAA3B04593A989F9F05BBC0183DCE1BF6D6E2F9E4EFD5B52DF56B20AC035E36D57DFE521E9B3D256DE7F55C78837C0F5036DEC0581DF76CE7990A87F25113148BA1FF3502D82FC127B8134D3573BB8711B7891EF0C56B5C95037C9FBA6698219D63F5244A2E5D3479D0887CF5296900A23B344F3D804DF82712ABBD8A42218943957FA29966DBDB3A829959D08588FB670EEA4BF17605F928391B6BD36239CBE217CE278D2068D845F0B619CE726F2E9CA46ECA76180A90FFFFFA400D8F2956F3801FAADC49D9B05A786CA5D860A9B3AF3521842AB2C8C67CF7C9D966863B61AB2AA02970BD03F828980FEADEE067C4E7448FADC980478C8AA3
17420170623152823 2 6 100 4095 5 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988DAD58DFF 17420171129130704 2 6 100 4095 5 FADF655A8C18F13858C1C774D0060DD6FF25EAC29084E6A0A1E0D1218FD17F8800F697434FF377BC9ACB86AB48BDC139C51630956017D96CB0CC5C2D22604CABCBA881260B3A1F00A9F328DE35AC41638728AE65A1829F90AEE08237C971608AB5A7F3B50C53B3313FD68C774AAE29BCC1DA02BE0766D62DDE586169BAACB485CADC4F16EA0648E67D4D0F8DEFD9CCA4CC2B4000CD0C6372205F97C78F270F7E75A18DE0D3C8A3A1C1C606337BF6BEC94DD93D2646462E5F23AA4C292C00761D06FE220616A50C042A39351EBB2373EF21A35D5279D82E78B016A538B99CC166A148BABD91BCBE318A7987A5DA51B8B72D038F2D77668D48150A25ADC84018ADC7F36563E82D9DAA3B04593A989F9F05BBC0183DCE1BF6D6E2F9E4EFD5B52DF56B20AC035E36D57DFE521E9B3D256DE7F55C78837C0F5036DEC0581DF76CE7990A87F25113148BA1FF3502D82FC127B8134D3573BB8711B7891EF0C56B5C95037C9FBA6698219D63F5244A2E5D3479D0887CF5296900A23B344F3D804DF82712ABBD8A42218943957FA29966DBDB3A829959D08588FB670EEA4BF17605F928391B6BD36239CBE217CE278D2068D845F0B619CE726F2E9CA46ECA76180A90FFFFFA400D8F2956F3801FAADC49D9B05A786CA5D860A9B3AF3521842AB2C8C67CF7C9D966863B61AB2AA02970BD03F828980FEADEE067C4E7448FADC980489794E7
17520170623153243 2 6 100 4095 2 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988DB1F719B 17520171129133140 2 6 100 4095 2 FADF655A8C18F13858C1C774D0060DD6FF25EAC29084E6A0A1E0D1218FD17F8800F697434FF377BC9ACB86AB48BDC139C51630956017D96CB0CC5C2D22604CABCBA881260B3A1F00A9F328DE35AC41638728AE65A1829F90AEE08237C971608AB5A7F3B50C53B3313FD68C774AAE29BCC1DA02BE0766D62DDE586169BAACB485CADC4F16EA0648E67D4D0F8DEFD9CCA4CC2B4000CD0C6372205F97C78F270F7E75A18DE0D3C8A3A1C1C606337BF6BEC94DD93D2646462E5F23AA4C292C00761D06FE220616A50C042A39351EBB2373EF21A35D5279D82E78B016A538B99CC166A148BABD91BCBE318A7987A5DA51B8B72D038F2D77668D48150A25ADC84018ADC7F36563E82D9DAA3B04593A989F9F05BBC0183DCE1BF6D6E2F9E4EFD5B52DF56B20AC035E36D57DFE521E9B3D256DE7F55C78837C0F5036DEC0581DF76CE7990A87F25113148BA1FF3502D82FC127B8134D3573BB8711B7891EF0C56B5C95037C9FBA6698219D63F5244A2E5D3479D0887CF5296900A23B344F3D804DF82712ABBD8A42218943957FA29966DBDB3A829959D08588FB670EEA4BF17605F928391B6BD36239CBE217CE278D2068D845F0B619CE726F2E9CA46ECA76180A90FFFFFA400D8F2956F3801FAADC49D9B05A786CA5D860A9B3AF3521842AB2C8C67CF7C9D966863B61AB2AA02970BD03F828980FEADEE067C4E7448FADC9804A64C06B
17620170623153719 2 6 100 4095 5 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988DB76316F 17620171129140253 2 6 100 4095 5 FADF655A8C18F13858C1C774D0060DD6FF25EAC29084E6A0A1E0D1218FD17F8800F697434FF377BC9ACB86AB48BDC139C51630956017D96CB0CC5C2D22604CABCBA881260B3A1F00A9F328DE35AC41638728AE65A1829F90AEE08237C971608AB5A7F3B50C53B3313FD68C774AAE29BCC1DA02BE0766D62DDE586169BAACB485CADC4F16EA0648E67D4D0F8DEFD9CCA4CC2B4000CD0C6372205F97C78F270F7E75A18DE0D3C8A3A1C1C606337BF6BEC94DD93D2646462E5F23AA4C292C00761D06FE220616A50C042A39351EBB2373EF21A35D5279D82E78B016A538B99CC166A148BABD91BCBE318A7987A5DA51B8B72D038F2D77668D48150A25ADC84018ADC7F36563E82D9DAA3B04593A989F9F05BBC0183DCE1BF6D6E2F9E4EFD5B52DF56B20AC035E36D57DFE521E9B3D256DE7F55C78837C0F5036DEC0581DF76CE7990A87F25113148BA1FF3502D82FC127B8134D3573BB8711B7891EF0C56B5C95037C9FBA6698219D63F5244A2E5D3479D0887CF5296900A23B344F3D804DF82712ABBD8A42218943957FA29966DBDB3A829959D08588FB670EEA4BF17605F928391B6BD36239CBE217CE278D2068D845F0B619CE726F2E9CA46ECA76180A90FFFFFA400D8F2956F3801FAADC49D9B05A786CA5D860A9B3AF3521842AB2C8C67CF7C9D966863B61AB2AA02970BD03F828980FEADEE067C4E7448FADC9804C68CB3F
17720170623154606 2 6 100 4095 2 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988DC289BA3 17720171129144402 2 6 100 4095 2 FADF655A8C18F13858C1C774D0060DD6FF25EAC29084E6A0A1E0D1218FD17F8800F697434FF377BC9ACB86AB48BDC139C51630956017D96CB0CC5C2D22604CABCBA881260B3A1F00A9F328DE35AC41638728AE65A1829F90AEE08237C971608AB5A7F3B50C53B3313FD68C774AAE29BCC1DA02BE0766D62DDE586169BAACB485CADC4F16EA0648E67D4D0F8DEFD9CCA4CC2B4000CD0C6372205F97C78F270F7E75A18DE0D3C8A3A1C1C606337BF6BEC94DD93D2646462E5F23AA4C292C00761D06FE220616A50C042A39351EBB2373EF21A35D5279D82E78B016A538B99CC166A148BABD91BCBE318A7987A5DA51B8B72D038F2D77668D48150A25ADC84018ADC7F36563E82D9DAA3B04593A989F9F05BBC0183DCE1BF6D6E2F9E4EFD5B52DF56B20AC035E36D57DFE521E9B3D256DE7F55C78837C0F5036DEC0581DF76CE7990A87F25113148BA1FF3502D82FC127B8134D3573BB8711B7891EF0C56B5C95037C9FBA6698219D63F5244A2E5D3479D0887CF5296900A23B344F3D804DF82712ABBD8A42218943957FA29966DBDB3A829959D08588FB670EEA4BF17605F928391B6BD36239CBE217CE278D2068D845F0B619CE726F2E9CA46ECA76180A90FFFFFA400D8F2956F3801FAADC49D9B05A786CA5D860A9B3AF3521842AB2C8C67CF7C9D966863B61AB2AA02970BD03F828980FEADEE067C4E7448FADC9804F74F3CB
17820170623155435 2 6 100 4095 5 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988DCCFF757 17820171129145354 2 6 100 4095 5 FADF655A8C18F13858C1C774D0060DD6FF25EAC29084E6A0A1E0D1218FD17F8800F697434FF377BC9ACB86AB48BDC139C51630956017D96CB0CC5C2D22604CABCBA881260B3A1F00A9F328DE35AC41638728AE65A1829F90AEE08237C971608AB5A7F3B50C53B3313FD68C774AAE29BCC1DA02BE0766D62DDE586169BAACB485CADC4F16EA0648E67D4D0F8DEFD9CCA4CC2B4000CD0C6372205F97C78F270F7E75A18DE0D3C8A3A1C1C606337BF6BEC94DD93D2646462E5F23AA4C292C00761D06FE220616A50C042A39351EBB2373EF21A35D5279D82E78B016A538B99CC166A148BABD91BCBE318A7987A5DA51B8B72D038F2D77668D48150A25ADC84018ADC7F36563E82D9DAA3B04593A989F9F05BBC0183DCE1BF6D6E2F9E4EFD5B52DF56B20AC035E36D57DFE521E9B3D256DE7F55C78837C0F5036DEC0581DF76CE7990A87F25113148BA1FF3502D82FC127B8134D3573BB8711B7891EF0C56B5C95037C9FBA6698219D63F5244A2E5D3479D0887CF5296900A23B344F3D804DF82712ABBD8A42218943957FA29966DBDB3A829959D08588FB670EEA4BF17605F928391B6BD36239CBE217CE278D2068D845F0B619CE726F2E9CA46ECA76180A90FFFFFA400D8F2956F3801FAADC49D9B05A786CA5D860A9B3AF3521842AB2C8C67CF7C9D966863B61AB2AA02970BD03F828980FEADEE067C4E7448FADC980502DC987
17920170623161905 2 6 100 4095 2 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988DEC7BD43 17920171129150624 2 6 100 4095 2 FADF655A8C18F13858C1C774D0060DD6FF25EAC29084E6A0A1E0D1218FD17F8800F697434FF377BC9ACB86AB48BDC139C51630956017D96CB0CC5C2D22604CABCBA881260B3A1F00A9F328DE35AC41638728AE65A1829F90AEE08237C971608AB5A7F3B50C53B3313FD68C774AAE29BCC1DA02BE0766D62DDE586169BAACB485CADC4F16EA0648E67D4D0F8DEFD9CCA4CC2B4000CD0C6372205F97C78F270F7E75A18DE0D3C8A3A1C1C606337BF6BEC94DD93D2646462E5F23AA4C292C00761D06FE220616A50C042A39351EBB2373EF21A35D5279D82E78B016A538B99CC166A148BABD91BCBE318A7987A5DA51B8B72D038F2D77668D48150A25ADC84018ADC7F36563E82D9DAA3B04593A989F9F05BBC0183DCE1BF6D6E2F9E4EFD5B52DF56B20AC035E36D57DFE521E9B3D256DE7F55C78837C0F5036DEC0581DF76CE7990A87F25113148BA1FF3502D82FC127B8134D3573BB8711B7891EF0C56B5C95037C9FBA6698219D63F5244A2E5D3479D0887CF5296900A23B344F3D804DF82712ABBD8A42218943957FA29966DBDB3A829959D08588FB670EEA4BF17605F928391B6BD36239CBE217CE278D2068D845F0B619CE726F2E9CA46ECA76180A90FFFFFA400D8F2956F3801FAADC49D9B05A786CA5D860A9B3AF3521842AB2C8C67CF7C9D966863B61AB2AA02970BD03F828980FEADEE067C4E7448FADC9805112DBB3
18020170623163928 2 6 100 4095 2 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988E064A38B 18020171129150654 2 6 100 4095 2 FADF655A8C18F13858C1C774D0060DD6FF25EAC29084E6A0A1E0D1218FD17F8800F697434FF377BC9ACB86AB48BDC139C51630956017D96CB0CC5C2D22604CABCBA881260B3A1F00A9F328DE35AC41638728AE65A1829F90AEE08237C971608AB5A7F3B50C53B3313FD68C774AAE29BCC1DA02BE0766D62DDE586169BAACB485CADC4F16EA0648E67D4D0F8DEFD9CCA4CC2B4000CD0C6372205F97C78F270F7E75A18DE0D3C8A3A1C1C606337BF6BEC94DD93D2646462E5F23AA4C292C00761D06FE220616A50C042A39351EBB2373EF21A35D5279D82E78B016A538B99CC166A148BABD91BCBE318A7987A5DA51B8B72D038F2D77668D48150A25ADC84018ADC7F36563E82D9DAA3B04593A989F9F05BBC0183DCE1BF6D6E2F9E4EFD5B52DF56B20AC035E36D57DFE521E9B3D256DE7F55C78837C0F5036DEC0581DF76CE7990A87F25113148BA1FF3502D82FC127B8134D3573BB8711B7891EF0C56B5C95037C9FBA6698219D63F5244A2E5D3479D0887CF5296900A23B344F3D804DF82712ABBD8A42218943957FA29966DBDB3A829959D08588FB670EEA4BF17605F928391B6BD36239CBE217CE278D2068D845F0B619CE726F2E9CA46ECA76180A90FFFFFA400D8F2956F3801FAADC49D9B05A786CA5D860A9B3AF3521842AB2C8C67CF7C9D966863B61AB2AA02970BD03F828980FEADEE067C4E7448FADC9805113FE53
18120170623164410 2 6 100 4095 2 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988E0BD160B 18120171129151512 2 6 100 4095 5 FADF655A8C18F13858C1C774D0060DD6FF25EAC29084E6A0A1E0D1218FD17F8800F697434FF377BC9ACB86AB48BDC139C51630956017D96CB0CC5C2D22604CABCBA881260B3A1F00A9F328DE35AC41638728AE65A1829F90AEE08237C971608AB5A7F3B50C53B3313FD68C774AAE29BCC1DA02BE0766D62DDE586169BAACB485CADC4F16EA0648E67D4D0F8DEFD9CCA4CC2B4000CD0C6372205F97C78F270F7E75A18DE0D3C8A3A1C1C606337BF6BEC94DD93D2646462E5F23AA4C292C00761D06FE220616A50C042A39351EBB2373EF21A35D5279D82E78B016A538B99CC166A148BABD91BCBE318A7987A5DA51B8B72D038F2D77668D48150A25ADC84018ADC7F36563E82D9DAA3B04593A989F9F05BBC0183DCE1BF6D6E2F9E4EFD5B52DF56B20AC035E36D57DFE521E9B3D256DE7F55C78837C0F5036DEC0581DF76CE7990A87F25113148BA1FF3502D82FC127B8134D3573BB8711B7891EF0C56B5C95037C9FBA6698219D63F5244A2E5D3479D0887CF5296900A23B344F3D804DF82712ABBD8A42218943957FA29966DBDB3A829959D08588FB670EEA4BF17605F928391B6BD36239CBE217CE278D2068D845F0B619CE726F2E9CA46ECA76180A90FFFFFA400D8F2956F3801FAADC49D9B05A786CA5D860A9B3AF3521842AB2C8C67CF7C9D966863B61AB2AA02970BD03F828980FEADEE067C4E7448FADC98051AA1CA7
18220170623172908 2 6 100 4095 2 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988E467E87B 18220171129153640 2 6 100 4095 5 FADF655A8C18F13858C1C774D0060DD6FF25EAC29084E6A0A1E0D1218FD17F8800F697434FF377BC9ACB86AB48BDC139C51630956017D96CB0CC5C2D22604CABCBA881260B3A1F00A9F328DE35AC41638728AE65A1829F90AEE08237C971608AB5A7F3B50C53B3313FD68C774AAE29BCC1DA02BE0766D62DDE586169BAACB485CADC4F16EA0648E67D4D0F8DEFD9CCA4CC2B4000CD0C6372205F97C78F270F7E75A18DE0D3C8A3A1C1C606337BF6BEC94DD93D2646462E5F23AA4C292C00761D06FE220616A50C042A39351EBB2373EF21A35D5279D82E78B016A538B99CC166A148BABD91BCBE318A7987A5DA51B8B72D038F2D77668D48150A25ADC84018ADC7F36563E82D9DAA3B04593A989F9F05BBC0183DCE1BF6D6E2F9E4EFD5B52DF56B20AC035E36D57DFE521E9B3D256DE7F55C78837C0F5036DEC0581DF76CE7990A87F25113148BA1FF3502D82FC127B8134D3573BB8711B7891EF0C56B5C95037C9FBA6698219D63F5244A2E5D3479D0887CF5296900A23B344F3D804DF82712ABBD8A42218943957FA29966DBDB3A829959D08588FB670EEA4BF17605F928391B6BD36239CBE217CE278D2068D845F0B619CE726F2E9CA46ECA76180A90FFFFFA400D8F2956F3801FAADC49D9B05A786CA5D860A9B3AF3521842AB2C8C67CF7C9D966863B61AB2AA02970BD03F828980FEADEE067C4E7448FADC9805342345F
18320170623174045 2 6 100 4095 5 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988E54CE16F 18320171129160526 2 6 100 4095 2 FADF655A8C18F13858C1C774D0060DD6FF25EAC29084E6A0A1E0D1218FD17F8800F697434FF377BC9ACB86AB48BDC139C51630956017D96CB0CC5C2D22604CABCBA881260B3A1F00A9F328DE35AC41638728AE65A1829F90AEE08237C971608AB5A7F3B50C53B3313FD68C774AAE29BCC1DA02BE0766D62DDE586169BAACB485CADC4F16EA0648E67D4D0F8DEFD9CCA4CC2B4000CD0C6372205F97C78F270F7E75A18DE0D3C8A3A1C1C606337BF6BEC94DD93D2646462E5F23AA4C292C00761D06FE220616A50C042A39351EBB2373EF21A35D5279D82E78B016A538B99CC166A148BABD91BCBE318A7987A5DA51B8B72D038F2D77668D48150A25ADC84018ADC7F36563E82D9DAA3B04593A989F9F05BBC0183DCE1BF6D6E2F9E4EFD5B52DF56B20AC035E36D57DFE521E9B3D256DE7F55C78837C0F5036DEC0581DF76CE7990A87F25113148BA1FF3502D82FC127B8134D3573BB8711B7891EF0C56B5C95037C9FBA6698219D63F5244A2E5D3479D0887CF5296900A23B344F3D804DF82712ABBD8A42218943957FA29966DBDB3A829959D08588FB670EEA4BF17605F928391B6BD36239CBE217CE278D2068D845F0B619CE726F2E9CA46ECA76180A90FFFFFA400D8F2956F3801FAADC49D9B05A786CA5D860A9B3AF3521842AB2C8C67CF7C9D966863B61AB2AA02970BD03F828980FEADEE067C4E7448FADC980555FD073
18420170623175902 2 6 100 4095 5 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988E6CA185F 18420171129163211 2 6 100 4095 2 FADF655A8C18F13858C1C774D0060DD6FF25EAC29084E6A0A1E0D1218FD17F8800F697434FF377BC9ACB86AB48BDC139C51630956017D96CB0CC5C2D22604CABCBA881260B3A1F00A9F328DE35AC41638728AE65A1829F90AEE08237C971608AB5A7F3B50C53B3313FD68C774AAE29BCC1DA02BE0766D62DDE586169BAACB485CADC4F16EA0648E67D4D0F8DEFD9CCA4CC2B4000CD0C6372205F97C78F270F7E75A18DE0D3C8A3A1C1C606337BF6BEC94DD93D2646462E5F23AA4C292C00761D06FE220616A50C042A39351EBB2373EF21A35D5279D82E78B016A538B99CC166A148BABD91BCBE318A7987A5DA51B8B72D038F2D77668D48150A25ADC84018ADC7F36563E82D9DAA3B04593A989F9F05BBC0183DCE1BF6D6E2F9E4EFD5B52DF56B20AC035E36D57DFE521E9B3D256DE7F55C78837C0F5036DEC0581DF76CE7990A87F25113148BA1FF3502D82FC127B8134D3573BB8711B7891EF0C56B5C95037C9FBA6698219D63F5244A2E5D3479D0887CF5296900A23B344F3D804DF82712ABBD8A42218943957FA29966DBDB3A829959D08588FB670EEA4BF17605F928391B6BD36239CBE217CE278D2068D845F0B619CE726F2E9CA46ECA76180A90FFFFFA400D8F2956F3801FAADC49D9B05A786CA5D860A9B3AF3521842AB2C8C67CF7C9D966863B61AB2AA02970BD03F828980FEADEE067C4E7448FADC980575A8F7B
18520170623180229 2 6 100 4095 2 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988E706D14B 18520171129165338 2 6 100 4095 2 FADF655A8C18F13858C1C774D0060DD6FF25EAC29084E6A0A1E0D1218FD17F8800F697434FF377BC9ACB86AB48BDC139C51630956017D96CB0CC5C2D22604CABCBA881260B3A1F00A9F328DE35AC41638728AE65A1829F90AEE08237C971608AB5A7F3B50C53B3313FD68C774AAE29BCC1DA02BE0766D62DDE586169BAACB485CADC4F16EA0648E67D4D0F8DEFD9CCA4CC2B4000CD0C6372205F97C78F270F7E75A18DE0D3C8A3A1C1C606337BF6BEC94DD93D2646462E5F23AA4C292C00761D06FE220616A50C042A39351EBB2373EF21A35D5279D82E78B016A538B99CC166A148BABD91BCBE318A7987A5DA51B8B72D038F2D77668D48150A25ADC84018ADC7F36563E82D9DAA3B04593A989F9F05BBC0183DCE1BF6D6E2F9E4EFD5B52DF56B20AC035E36D57DFE521E9B3D256DE7F55C78837C0F5036DEC0581DF76CE7990A87F25113148BA1FF3502D82FC127B8134D3573BB8711B7891EF0C56B5C95037C9FBA6698219D63F5244A2E5D3479D0887CF5296900A23B344F3D804DF82712ABBD8A42218943957FA29966DBDB3A829959D08588FB670EEA4BF17605F928391B6BD36239CBE217CE278D2068D845F0B619CE726F2E9CA46ECA76180A90FFFFFA400D8F2956F3801FAADC49D9B05A786CA5D860A9B3AF3521842AB2C8C67CF7C9D966863B61AB2AA02970BD03F828980FEADEE067C4E7448FADC98058EDA363
18620170623180811 2 6 100 4095 2 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988E76F7CD3 18620171129171055 2 6 100 4095 5 FADF655A8C18F13858C1C774D0060DD6FF25EAC29084E6A0A1E0D1218FD17F8800F697434FF377BC9ACB86AB48BDC139C51630956017D96CB0CC5C2D22604CABCBA881260B3A1F00A9F328DE35AC41638728AE65A1829F90AEE08237C971608AB5A7F3B50C53B3313FD68C774AAE29BCC1DA02BE0766D62DDE586169BAACB485CADC4F16EA0648E67D4D0F8DEFD9CCA4CC2B4000CD0C6372205F97C78F270F7E75A18DE0D3C8A3A1C1C606337BF6BEC94DD93D2646462E5F23AA4C292C00761D06FE220616A50C042A39351EBB2373EF21A35D5279D82E78B016A538B99CC166A148BABD91BCBE318A7987A5DA51B8B72D038F2D77668D48150A25ADC84018ADC7F36563E82D9DAA3B04593A989F9F05BBC0183DCE1BF6D6E2F9E4EFD5B52DF56B20AC035E36D57DFE521E9B3D256DE7F55C78837C0F5036DEC0581DF76CE7990A87F25113148BA1FF3502D82FC127B8134D3573BB8711B7891EF0C56B5C95037C9FBA6698219D63F5244A2E5D3479D0887CF5296900A23B344F3D804DF82712ABBD8A42218943957FA29966DBDB3A829959D08588FB670EEA4BF17605F928391B6BD36239CBE217CE278D2068D845F0B619CE726F2E9CA46ECA76180A90FFFFFA400D8F2956F3801FAADC49D9B05A786CA5D860A9B3AF3521842AB2C8C67CF7C9D966863B61AB2AA02970BD03F828980FEADEE067C4E7448FADC98059F788C7
18720170623180923 2 6 100 4095 2 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988E77E8123 18720171129171346 2 6 100 4095 2 FADF655A8C18F13858C1C774D0060DD6FF25EAC29084E6A0A1E0D1218FD17F8800F697434FF377BC9ACB86AB48BDC139C51630956017D96CB0CC5C2D22604CABCBA881260B3A1F00A9F328DE35AC41638728AE65A1829F90AEE08237C971608AB5A7F3B50C53B3313FD68C774AAE29BCC1DA02BE0766D62DDE586169BAACB485CADC4F16EA0648E67D4D0F8DEFD9CCA4CC2B4000CD0C6372205F97C78F270F7E75A18DE0D3C8A3A1C1C606337BF6BEC94DD93D2646462E5F23AA4C292C00761D06FE220616A50C042A39351EBB2373EF21A35D5279D82E78B016A538B99CC166A148BABD91BCBE318A7987A5DA51B8B72D038F2D77668D48150A25ADC84018ADC7F36563E82D9DAA3B04593A989F9F05BBC0183DCE1BF6D6E2F9E4EFD5B52DF56B20AC035E36D57DFE521E9B3D256DE7F55C78837C0F5036DEC0581DF76CE7990A87F25113148BA1FF3502D82FC127B8134D3573BB8711B7891EF0C56B5C95037C9FBA6698219D63F5244A2E5D3479D0887CF5296900A23B344F3D804DF82712ABBD8A42218943957FA29966DBDB3A829959D08588FB670EEA4BF17605F928391B6BD36239CBE217CE278D2068D845F0B619CE726F2E9CA46ECA76180A90FFFFFA400D8F2956F3801FAADC49D9B05A786CA5D860A9B3AF3521842AB2C8C67CF7C9D966863B61AB2AA02970BD03F828980FEADEE067C4E7448FADC9805A15681B
18820170623182724 2 6 100 4095 2 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988E8D82A2B 18820171129171648 2 6 100 4095 5 FADF655A8C18F13858C1C774D0060DD6FF25EAC29084E6A0A1E0D1218FD17F8800F697434FF377BC9ACB86AB48BDC139C51630956017D96CB0CC5C2D22604CABCBA881260B3A1F00A9F328DE35AC41638728AE65A1829F90AEE08237C971608AB5A7F3B50C53B3313FD68C774AAE29BCC1DA02BE0766D62DDE586169BAACB485CADC4F16EA0648E67D4D0F8DEFD9CCA4CC2B4000CD0C6372205F97C78F270F7E75A18DE0D3C8A3A1C1C606337BF6BEC94DD93D2646462E5F23AA4C292C00761D06FE220616A50C042A39351EBB2373EF21A35D5279D82E78B016A538B99CC166A148BABD91BCBE318A7987A5DA51B8B72D038F2D77668D48150A25ADC84018ADC7F36563E82D9DAA3B04593A989F9F05BBC0183DCE1BF6D6E2F9E4EFD5B52DF56B20AC035E36D57DFE521E9B3D256DE7F55C78837C0F5036DEC0581DF76CE7990A87F25113148BA1FF3502D82FC127B8134D3573BB8711B7891EF0C56B5C95037C9FBA6698219D63F5244A2E5D3479D0887CF5296900A23B344F3D804DF82712ABBD8A42218943957FA29966DBDB3A829959D08588FB670EEA4BF17605F928391B6BD36239CBE217CE278D2068D845F0B619CE726F2E9CA46ECA76180A90FFFFFA400D8F2956F3801FAADC49D9B05A786CA5D860A9B3AF3521842AB2C8C67CF7C9D966863B61AB2AA02970BD03F828980FEADEE067C4E7448FADC9805A3C890F
18920170623185420 2 6 100 4095 5 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988EAF9DAE7 18920171129173802 2 6 100 4095 5 FADF655A8C18F13858C1C774D0060DD6FF25EAC29084E6A0A1E0D1218FD17F8800F697434FF377BC9ACB86AB48BDC139C51630956017D96CB0CC5C2D22604CABCBA881260B3A1F00A9F328DE35AC41638728AE65A1829F90AEE08237C971608AB5A7F3B50C53B3313FD68C774AAE29BCC1DA02BE0766D62DDE586169BAACB485CADC4F16EA0648E67D4D0F8DEFD9CCA4CC2B4000CD0C6372205F97C78F270F7E75A18DE0D3C8A3A1C1C606337BF6BEC94DD93D2646462E5F23AA4C292C00761D06FE220616A50C042A39351EBB2373EF21A35D5279D82E78B016A538B99CC166A148BABD91BCBE318A7987A5DA51B8B72D038F2D77668D48150A25ADC84018ADC7F36563E82D9DAA3B04593A989F9F05BBC0183DCE1BF6D6E2F9E4EFD5B52DF56B20AC035E36D57DFE521E9B3D256DE7F55C78837C0F5036DEC0581DF76CE7990A87F25113148BA1FF3502D82FC127B8134D3573BB8711B7891EF0C56B5C95037C9FBA6698219D63F5244A2E5D3479D0887CF5296900A23B344F3D804DF82712ABBD8A42218943957FA29966DBDB3A829959D08588FB670EEA4BF17605F928391B6BD36239CBE217CE278D2068D845F0B619CE726F2E9CA46ECA76180A90FFFFFA400D8F2956F3801FAADC49D9B05A786CA5D860A9B3AF3521842AB2C8C67CF7C9D966863B61AB2AA02970BD03F828980FEADEE067C4E7448FADC9805B983947
19020170623195226 2 6 100 4095 2 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988EFA2202B 19020171129174541 2 6 100 4095 2 FADF655A8C18F13858C1C774D0060DD6FF25EAC29084E6A0A1E0D1218FD17F8800F697434FF377BC9ACB86AB48BDC139C51630956017D96CB0CC5C2D22604CABCBA881260B3A1F00A9F328DE35AC41638728AE65A1829F90AEE08237C971608AB5A7F3B50C53B3313FD68C774AAE29BCC1DA02BE0766D62DDE586169BAACB485CADC4F16EA0648E67D4D0F8DEFD9CCA4CC2B4000CD0C6372205F97C78F270F7E75A18DE0D3C8A3A1C1C606337BF6BEC94DD93D2646462E5F23AA4C292C00761D06FE220616A50C042A39351EBB2373EF21A35D5279D82E78B016A538B99CC166A148BABD91BCBE318A7987A5DA51B8B72D038F2D77668D48150A25ADC84018ADC7F36563E82D9DAA3B04593A989F9F05BBC0183DCE1BF6D6E2F9E4EFD5B52DF56B20AC035E36D57DFE521E9B3D256DE7F55C78837C0F5036DEC0581DF76CE7990A87F25113148BA1FF3502D82FC127B8134D3573BB8711B7891EF0C56B5C95037C9FBA6698219D63F5244A2E5D3479D0887CF5296900A23B344F3D804DF82712ABBD8A42218943957FA29966DBDB3A829959D08588FB670EEA4BF17605F928391B6BD36239CBE217CE278D2068D845F0B619CE726F2E9CA46ECA76180A90FFFFFA400D8F2956F3801FAADC49D9B05A786CA5D860A9B3AF3521842AB2C8C67CF7C9D966863B61AB2AA02970BD03F828980FEADEE067C4E7448FADC9805C1B745B
19120170623195633 2 6 100 4095 5 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988EFEED5BF 19120171129182644 2 6 100 4095 5 FADF655A8C18F13858C1C774D0060DD6FF25EAC29084E6A0A1E0D1218FD17F8800F697434FF377BC9ACB86AB48BDC139C51630956017D96CB0CC5C2D22604CABCBA881260B3A1F00A9F328DE35AC41638728AE65A1829F90AEE08237C971608AB5A7F3B50C53B3313FD68C774AAE29BCC1DA02BE0766D62DDE586169BAACB485CADC4F16EA0648E67D4D0F8DEFD9CCA4CC2B4000CD0C6372205F97C78F270F7E75A18DE0D3C8A3A1C1C606337BF6BEC94DD93D2646462E5F23AA4C292C00761D06FE220616A50C042A39351EBB2373EF21A35D5279D82E78B016A538B99CC166A148BABD91BCBE318A7987A5DA51B8B72D038F2D77668D48150A25ADC84018ADC7F36563E82D9DAA3B04593A989F9F05BBC0183DCE1BF6D6E2F9E4EFD5B52DF56B20AC035E36D57DFE521E9B3D256DE7F55C78837C0F5036DEC0581DF76CE7990A87F25113148BA1FF3502D82FC127B8134D3573BB8711B7891EF0C56B5C95037C9FBA6698219D63F5244A2E5D3479D0887CF5296900A23B344F3D804DF82712ABBD8A42218943957FA29966DBDB3A829959D08588FB670EEA4BF17605F928391B6BD36239CBE217CE278D2068D845F0B619CE726F2E9CA46ECA76180A90FFFFFA400D8F2956F3801FAADC49D9B05A786CA5D860A9B3AF3521842AB2C8C67CF7C9D966863B61AB2AA02970BD03F828980FEADEE067C4E7448FADC9805EF8CFA7
19220170623201051 2 6 100 4095 2 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988F10F59CB 19220171129183105 2 6 100 4095 5 FADF655A8C18F13858C1C774D0060DD6FF25EAC29084E6A0A1E0D1218FD17F8800F697434FF377BC9ACB86AB48BDC139C51630956017D96CB0CC5C2D22604CABCBA881260B3A1F00A9F328DE35AC41638728AE65A1829F90AEE08237C971608AB5A7F3B50C53B3313FD68C774AAE29BCC1DA02BE0766D62DDE586169BAACB485CADC4F16EA0648E67D4D0F8DEFD9CCA4CC2B4000CD0C6372205F97C78F270F7E75A18DE0D3C8A3A1C1C606337BF6BEC94DD93D2646462E5F23AA4C292C00761D06FE220616A50C042A39351EBB2373EF21A35D5279D82E78B016A538B99CC166A148BABD91BCBE318A7987A5DA51B8B72D038F2D77668D48150A25ADC84018ADC7F36563E82D9DAA3B04593A989F9F05BBC0183DCE1BF6D6E2F9E4EFD5B52DF56B20AC035E36D57DFE521E9B3D256DE7F55C78837C0F5036DEC0581DF76CE7990A87F25113148BA1FF3502D82FC127B8134D3573BB8711B7891EF0C56B5C95037C9FBA6698219D63F5244A2E5D3479D0887CF5296900A23B344F3D804DF82712ABBD8A42218943957FA29966DBDB3A829959D08588FB670EEA4BF17605F928391B6BD36239CBE217CE278D2068D845F0B619CE726F2E9CA46ECA76180A90FFFFFA400D8F2956F3801FAADC49D9B05A786CA5D860A9B3AF3521842AB2C8C67CF7C9D966863B61AB2AA02970BD03F828980FEADEE067C4E7448FADC9805F423DD7
19320170623202959 2 6 100 4095 5 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988F2921927 19320171129183151 2 6 100 4095 2 FADF655A8C18F13858C1C774D0060DD6FF25EAC29084E6A0A1E0D1218FD17F8800F697434FF377BC9ACB86AB48BDC139C51630956017D96CB0CC5C2D22604CABCBA881260B3A1F00A9F328DE35AC41638728AE65A1829F90AEE08237C971608AB5A7F3B50C53B3313FD68C774AAE29BCC1DA02BE0766D62DDE586169BAACB485CADC4F16EA0648E67D4D0F8DEFD9CCA4CC2B4000CD0C6372205F97C78F270F7E75A18DE0D3C8A3A1C1C606337BF6BEC94DD93D2646462E5F23AA4C292C00761D06FE220616A50C042A39351EBB2373EF21A35D5279D82E78B016A538B99CC166A148BABD91BCBE318A7987A5DA51B8B72D038F2D77668D48150A25ADC84018ADC7F36563E82D9DAA3B04593A989F9F05BBC0183DCE1BF6D6E2F9E4EFD5B52DF56B20AC035E36D57DFE521E9B3D256DE7F55C78837C0F5036DEC0581DF76CE7990A87F25113148BA1FF3502D82FC127B8134D3573BB8711B7891EF0C56B5C95037C9FBA6698219D63F5244A2E5D3479D0887CF5296900A23B344F3D804DF82712ABBD8A42218943957FA29966DBDB3A829959D08588FB670EEA4BF17605F928391B6BD36239CBE217CE278D2068D845F0B619CE726F2E9CA46ECA76180A90FFFFFA400D8F2956F3801FAADC49D9B05A786CA5D860A9B3AF3521842AB2C8C67CF7C9D966863B61AB2AA02970BD03F828980FEADEE067C4E7448FADC9805F48127B
19420170623203734 2 6 100 4095 2 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988F32287EB 19420171129183501 2 6 100 4095 2 FADF655A8C18F13858C1C774D0060DD6FF25EAC29084E6A0A1E0D1218FD17F8800F697434FF377BC9ACB86AB48BDC139C51630956017D96CB0CC5C2D22604CABCBA881260B3A1F00A9F328DE35AC41638728AE65A1829F90AEE08237C971608AB5A7F3B50C53B3313FD68C774AAE29BCC1DA02BE0766D62DDE586169BAACB485CADC4F16EA0648E67D4D0F8DEFD9CCA4CC2B4000CD0C6372205F97C78F270F7E75A18DE0D3C8A3A1C1C606337BF6BEC94DD93D2646462E5F23AA4C292C00761D06FE220616A50C042A39351EBB2373EF21A35D5279D82E78B016A538B99CC166A148BABD91BCBE318A7987A5DA51B8B72D038F2D77668D48150A25ADC84018ADC7F36563E82D9DAA3B04593A989F9F05BBC0183DCE1BF6D6E2F9E4EFD5B52DF56B20AC035E36D57DFE521E9B3D256DE7F55C78837C0F5036DEC0581DF76CE7990A87F25113148BA1FF3502D82FC127B8134D3573BB8711B7891EF0C56B5C95037C9FBA6698219D63F5244A2E5D3479D0887CF5296900A23B344F3D804DF82712ABBD8A42218943957FA29966DBDB3A829959D08588FB670EEA4BF17605F928391B6BD36239CBE217CE278D2068D845F0B619CE726F2E9CA46ECA76180A90FFFFFA400D8F2956F3801FAADC49D9B05A786CA5D860A9B3AF3521842AB2C8C67CF7C9D966863B61AB2AA02970BD03F828980FEADEE067C4E7448FADC9805F7A0D7B
19520170623204218 2 6 100 4095 2 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988F37F8B03 19520171129184425 2 6 100 4095 5 FADF655A8C18F13858C1C774D0060DD6FF25EAC29084E6A0A1E0D1218FD17F8800F697434FF377BC9ACB86AB48BDC139C51630956017D96CB0CC5C2D22604CABCBA881260B3A1F00A9F328DE35AC41638728AE65A1829F90AEE08237C971608AB5A7F3B50C53B3313FD68C774AAE29BCC1DA02BE0766D62DDE586169BAACB485CADC4F16EA0648E67D4D0F8DEFD9CCA4CC2B4000CD0C6372205F97C78F270F7E75A18DE0D3C8A3A1C1C606337BF6BEC94DD93D2646462E5F23AA4C292C00761D06FE220616A50C042A39351EBB2373EF21A35D5279D82E78B016A538B99CC166A148BABD91BCBE318A7987A5DA51B8B72D038F2D77668D48150A25ADC84018ADC7F36563E82D9DAA3B04593A989F9F05BBC0183DCE1BF6D6E2F9E4EFD5B52DF56B20AC035E36D57DFE521E9B3D256DE7F55C78837C0F5036DEC0581DF76CE7990A87F25113148BA1FF3502D82FC127B8134D3573BB8711B7891EF0C56B5C95037C9FBA6698219D63F5244A2E5D3479D0887CF5296900A23B344F3D804DF82712ABBD8A42218943957FA29966DBDB3A829959D08588FB670EEA4BF17605F928391B6BD36239CBE217CE278D2068D845F0B619CE726F2E9CA46ECA76180A90FFFFFA400D8F2956F3801FAADC49D9B05A786CA5D860A9B3AF3521842AB2C8C67CF7C9D966863B61AB2AA02970BD03F828980FEADEE067C4E7448FADC980601F06C7
19620170623204329 2 6 100 4095 5 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988F38F411F 19620171129190009 2 6 100 4095 5 D693DF66A6AA48BBECF942D3453355A19560938DE0A34C3E1158E5B9ECD70272CAE9686FAC4B6F64149C85607C158A67DB1C9B7FABD46379269492CB6B7E484D8AD4EA76D75EAD74F6A1E64D29206EC7BFF0630F3663C338039F8D10751AB8A177EEBB41E68434EAE03F7CA3761DE111900DC75F03209D8F6A92E178D94ADC7791D1BA55E7B6943A70D19957E348CA4B2407F89427D3B90979868732C69C221A3747ABCC7A9116D92237A1FDBE81E1ADDDA92F7FC0C15E7436B7C222E7759589919788B718B1F9F48356230B8F061F01FF21CD2DFEB2A1C744F8CBA3765364F1F417E105EDA7EB0ADBF1FD4CF4415B41CDA9BEF3CF6607A097EA2CFE32FA5376C01D1DF3B003FDEAE7571D0C54B5DED4DBBA2C753FB5ED889DD832085D75661CC762BBA28567CD080FB738B61C58ABF9962935C44322F1B96BEBEB594681CD2F20CA9F4D71C23D48E69725D37A4718924C4F145FBE0D841BE7C410A29C45810E240C319BADC04F990C4A84592FF925A73B6FE898F861B0E84D1146EB6856ADF066B11A0AE6915230F8A8E8234B33B5BAC1F3D1C3C05C8562DB51ACCAE2890C937F412D6E963C96965AA36350E8AB2901EE705B25407BC60711D9FC17E7885E5ED413ABBE2C207D55647F82C44367C13F489AD520A2A8FFA64C4F6EAF7AA816717F3019C6D240A4B9D788AFB73EA403523222D1E5940C47CAF304ED907E91691F
19720170623204840 2 6 100 4095 2 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988F3EE7B13 19720171129190047 2 6 100 4095 2 D693DF66A6AA48BBECF942D3453355A19560938DE0A34C3E1158E5B9ECD70272CAE9686FAC4B6F64149C85607C158A67DB1C9B7FABD46379269492CB6B7E484D8AD4EA76D75EAD74F6A1E64D29206EC7BFF0630F3663C338039F8D10751AB8A177EEBB41E68434EAE03F7CA3761DE111900DC75F03209D8F6A92E178D94ADC7791D1BA55E7B6943A70D19957E348CA4B2407F89427D3B90979868732C69C221A3747ABCC7A9116D92237A1FDBE81E1ADDDA92F7FC0C15E7436B7C222E7759589919788B718B1F9F48356230B8F061F01FF21CD2DFEB2A1C744F8CBA3765364F1F417E105EDA7EB0ADBF1FD4CF4415B41CDA9BEF3CF6607A097EA2CFE32FA5376C01D1DF3B003FDEAE7571D0C54B5DED4DBBA2C753FB5ED889DD832085D75661CC762BBA28567CD080FB738B61C58ABF9962935C44322F1B96BEBEB594681CD2F20CA9F4D71C23D48E69725D37A4718924C4F145FBE0D841BE7C410A29C45810E240C319BADC04F990C4A84592FF925A73B6FE898F861B0E84D1146EB6856ADF066B11A0AE6915230F8A8E8234B33B5BAC1F3D1C3C05C8562DB51ACCAE2890C937F412D6E963C96965AA36350E8AB2901EE705B25407BC60711D9FC17E7885E5ED413ABBE2C207D55647F82C44367C13F489AD520A2A8FFA64C4F6EAF7AA816717F3019C6D240A4B9D788AFB73EA403523222D1E5940C47CAF304ED907E94D7B3
19820170623205709 2 6 100 4095 2 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988F493374B 19820171129191357 2 6 100 4095 5 D693DF66A6AA48BBECF942D3453355A19560938DE0A34C3E1158E5B9ECD70272CAE9686FAC4B6F64149C85607C158A67DB1C9B7FABD46379269492CB6B7E484D8AD4EA76D75EAD74F6A1E64D29206EC7BFF0630F3663C338039F8D10751AB8A177EEBB41E68434EAE03F7CA3761DE111900DC75F03209D8F6A92E178D94ADC7791D1BA55E7B6943A70D19957E348CA4B2407F89427D3B90979868732C69C221A3747ABCC7A9116D92237A1FDBE81E1ADDDA92F7FC0C15E7436B7C222E7759589919788B718B1F9F48356230B8F061F01FF21CD2DFEB2A1C744F8CBA3765364F1F417E105EDA7EB0ADBF1FD4CF4415B41CDA9BEF3CF6607A097EA2CFE32FA5376C01D1DF3B003FDEAE7571D0C54B5DED4DBBA2C753FB5ED889DD832085D75661CC762BBA28567CD080FB738B61C58ABF9962935C44322F1B96BEBEB594681CD2F20CA9F4D71C23D48E69725D37A4718924C4F145FBE0D841BE7C410A29C45810E240C319BADC04F990C4A84592FF925A73B6FE898F861B0E84D1146EB6856ADF066B11A0AE6915230F8A8E8234B33B5BAC1F3D1C3C05C8562DB51ACCAE2890C937F412D6E963C96965AA36350E8AB2901EE705B25407BC60711D9FC17E7885E5ED413ABBE2C207D55647F82C44367C13F489AD520A2A8FFA64C4F6EAF7AA816717F3019C6D240A4B9D788AFB73EA403523222D1E5940C47CAF304ED907F80F827
19920170623205814 2 6 100 4095 2 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988F4A24813 19920171129191536 2 6 100 4095 2 D693DF66A6AA48BBECF942D3453355A19560938DE0A34C3E1158E5B9ECD70272CAE9686FAC4B6F64149C85607C158A67DB1C9B7FABD46379269492CB6B7E484D8AD4EA76D75EAD74F6A1E64D29206EC7BFF0630F3663C338039F8D10751AB8A177EEBB41E68434EAE03F7CA3761DE111900DC75F03209D8F6A92E178D94ADC7791D1BA55E7B6943A70D19957E348CA4B2407F89427D3B90979868732C69C221A3747ABCC7A9116D92237A1FDBE81E1ADDDA92F7FC0C15E7436B7C222E7759589919788B718B1F9F48356230B8F061F01FF21CD2DFEB2A1C744F8CBA3765364F1F417E105EDA7EB0ADBF1FD4CF4415B41CDA9BEF3CF6607A097EA2CFE32FA5376C01D1DF3B003FDEAE7571D0C54B5DED4DBBA2C753FB5ED889DD832085D75661CC762BBA28567CD080FB738B61C58ABF9962935C44322F1B96BEBEB594681CD2F20CA9F4D71C23D48E69725D37A4718924C4F145FBE0D841BE7C410A29C45810E240C319BADC04F990C4A84592FF925A73B6FE898F861B0E84D1146EB6856ADF066B11A0AE6915230F8A8E8234B33B5BAC1F3D1C3C05C8562DB51ACCAE2890C937F412D6E963C96965AA36350E8AB2901EE705B25407BC60711D9FC17E7885E5ED413ABBE2C207D55647F82C44367C13F489AD520A2A8FFA64C4F6EAF7AA816717F3019C6D240A4B9D788AFB73EA403523222D1E5940C47CAF304ED907F970063
20020170623210627 2 6 100 4095 2 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988F53F787B 20020171129201007 2 6 100 4095 5 D693DF66A6AA48BBECF942D3453355A19560938DE0A34C3E1158E5B9ECD70272CAE9686FAC4B6F64149C85607C158A67DB1C9B7FABD46379269492CB6B7E484D8AD4EA76D75EAD74F6A1E64D29206EC7BFF0630F3663C338039F8D10751AB8A177EEBB41E68434EAE03F7CA3761DE111900DC75F03209D8F6A92E178D94ADC7791D1BA55E7B6943A70D19957E348CA4B2407F89427D3B90979868732C69C221A3747ABCC7A9116D92237A1FDBE81E1ADDDA92F7FC0C15E7436B7C222E7759589919788B718B1F9F48356230B8F061F01FF21CD2DFEB2A1C744F8CBA3765364F1F417E105EDA7EB0ADBF1FD4CF4415B41CDA9BEF3CF6607A097EA2CFE32FA5376C01D1DF3B003FDEAE7571D0C54B5DED4DBBA2C753FB5ED889DD832085D75661CC762BBA28567CD080FB738B61C58ABF9962935C44322F1B96BEBEB594681CD2F20CA9F4D71C23D48E69725D37A4718924C4F145FBE0D841BE7C410A29C45810E240C319BADC04F990C4A84592FF925A73B6FE898F861B0E84D1146EB6856ADF066B11A0AE6915230F8A8E8234B33B5BAC1F3D1C3C05C8562DB51ACCAE2890C937F412D6E963C96965AA36350E8AB2901EE705B25407BC60711D9FC17E7885E5ED413ABBE2C207D55647F82C44367C13F489AD520A2A8FFA64C4F6EAF7AA816717F3019C6D240A4B9D788AFB73EA403523222D1E5940C47CAF304ED9083AC9B87
20120170623210958 2 6 100 4095 2 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988F57EC8EB 20120171129202520 2 6 100 4095 5 D693DF66A6AA48BBECF942D3453355A19560938DE0A34C3E1158E5B9ECD70272CAE9686FAC4B6F64149C85607C158A67DB1C9B7FABD46379269492CB6B7E484D8AD4EA76D75EAD74F6A1E64D29206EC7BFF0630F3663C338039F8D10751AB8A177EEBB41E68434EAE03F7CA3761DE111900DC75F03209D8F6A92E178D94ADC7791D1BA55E7B6943A70D19957E348CA4B2407F89427D3B90979868732C69C221A3747ABCC7A9116D92237A1FDBE81E1ADDDA92F7FC0C15E7436B7C222E7759589919788B718B1F9F48356230B8F061F01FF21CD2DFEB2A1C744F8CBA3765364F1F417E105EDA7EB0ADBF1FD4CF4415B41CDA9BEF3CF6607A097EA2CFE32FA5376C01D1DF3B003FDEAE7571D0C54B5DED4DBBA2C753FB5ED889DD832085D75661CC762BBA28567CD080FB738B61C58ABF9962935C44322F1B96BEBEB594681CD2F20CA9F4D71C23D48E69725D37A4718924C4F145FBE0D841BE7C410A29C45810E240C319BADC04F990C4A84592FF925A73B6FE898F861B0E84D1146EB6856ADF066B11A0AE6915230F8A8E8234B33B5BAC1F3D1C3C05C8562DB51ACCAE2890C937F412D6E963C96965AA36350E8AB2901EE705B25407BC60711D9FC17E7885E5ED413ABBE2C207D55647F82C44367C13F489AD520A2A8FFA64C4F6EAF7AA816717F3019C6D240A4B9D788AFB73EA403523222D1E5940C47CAF304ED9084C8A5FF
20220170623211248 2 6 100 4095 5 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988F5B1A9D7 20220171129202732 2 6 100 4095 5 D693DF66A6AA48BBECF942D3453355A19560938DE0A34C3E1158E5B9ECD70272CAE9686FAC4B6F64149C85607C158A67DB1C9B7FABD46379269492CB6B7E484D8AD4EA76D75EAD74F6A1E64D29206EC7BFF0630F3663C338039F8D10751AB8A177EEBB41E68434EAE03F7CA3761DE111900DC75F03209D8F6A92E178D94ADC7791D1BA55E7B6943A70D19957E348CA4B2407F89427D3B90979868732C69C221A3747ABCC7A9116D92237A1FDBE81E1ADDDA92F7FC0C15E7436B7C222E7759589919788B718B1F9F48356230B8F061F01FF21CD2DFEB2A1C744F8CBA3765364F1F417E105EDA7EB0ADBF1FD4CF4415B41CDA9BEF3CF6607A097EA2CFE32FA5376C01D1DF3B003FDEAE7571D0C54B5DED4DBBA2C753FB5ED889DD832085D75661CC762BBA28567CD080FB738B61C58ABF9962935C44322F1B96BEBEB594681CD2F20CA9F4D71C23D48E69725D37A4718924C4F145FBE0D841BE7C410A29C45810E240C319BADC04F990C4A84592FF925A73B6FE898F861B0E84D1146EB6856ADF066B11A0AE6915230F8A8E8234B33B5BAC1F3D1C3C05C8562DB51ACCAE2890C937F412D6E963C96965AA36350E8AB2901EE705B25407BC60711D9FC17E7885E5ED413ABBE2C207D55647F82C44367C13F489AD520A2A8FFA64C4F6EAF7AA816717F3019C6D240A4B9D788AFB73EA403523222D1E5940C47CAF304ED9084EB4BAF
20320170623213826 2 6 100 4095 5 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988F7B2A7AF 20320171129203556 2 6 100 4095 5 D693DF66A6AA48BBECF942D3453355A19560938DE0A34C3E1158E5B9ECD70272CAE9686FAC4B6F64149C85607C158A67DB1C9B7FABD46379269492CB6B7E484D8AD4EA76D75EAD74F6A1E64D29206EC7BFF0630F3663C338039F8D10751AB8A177EEBB41E68434EAE03F7CA3761DE111900DC75F03209D8F6A92E178D94ADC7791D1BA55E7B6943A70D19957E348CA4B2407F89427D3B90979868732C69C221A3747ABCC7A9116D92237A1FDBE81E1ADDDA92F7FC0C15E7436B7C222E7759589919788B718B1F9F48356230B8F061F01FF21CD2DFEB2A1C744F8CBA3765364F1F417E105EDA7EB0ADBF1FD4CF4415B41CDA9BEF3CF6607A097EA2CFE32FA5376C01D1DF3B003FDEAE7571D0C54B5DED4DBBA2C753FB5ED889DD832085D75661CC762BBA28567CD080FB738B61C58ABF9962935C44322F1B96BEBEB594681CD2F20CA9F4D71C23D48E69725D37A4718924C4F145FBE0D841BE7C410A29C45810E240C319BADC04F990C4A84592FF925A73B6FE898F861B0E84D1146EB6856ADF066B11A0AE6915230F8A8E8234B33B5BAC1F3D1C3C05C8562DB51ACCAE2890C937F412D6E963C96965AA36350E8AB2901EE705B25407BC60711D9FC17E7885E5ED413ABBE2C207D55647F82C44367C13F489AD520A2A8FFA64C4F6EAF7AA816717F3019C6D240A4B9D788AFB73EA403523222D1E5940C47CAF304ED9085801D57
20420170623213924 2 6 100 4095 2 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988F7BDBA73 20420171129204816 2 6 100 4095 2 D693DF66A6AA48BBECF942D3453355A19560938DE0A34C3E1158E5B9ECD70272CAE9686FAC4B6F64149C85607C158A67DB1C9B7FABD46379269492CB6B7E484D8AD4EA76D75EAD74F6A1E64D29206EC7BFF0630F3663C338039F8D10751AB8A177EEBB41E68434EAE03F7CA3761DE111900DC75F03209D8F6A92E178D94ADC7791D1BA55E7B6943A70D19957E348CA4B2407F89427D3B90979868732C69C221A3747ABCC7A9116D92237A1FDBE81E1ADDDA92F7FC0C15E7436B7C222E7759589919788B718B1F9F48356230B8F061F01FF21CD2DFEB2A1C744F8CBA3765364F1F417E105EDA7EB0ADBF1FD4CF4415B41CDA9BEF3CF6607A097EA2CFE32FA5376C01D1DF3B003FDEAE7571D0C54B5DED4DBBA2C753FB5ED889DD832085D75661CC762BBA28567CD080FB738B61C58ABF9962935C44322F1B96BEBEB594681CD2F20CA9F4D71C23D48E69725D37A4718924C4F145FBE0D841BE7C410A29C45810E240C319BADC04F990C4A84592FF925A73B6FE898F861B0E84D1146EB6856ADF066B11A0AE6915230F8A8E8234B33B5BAC1F3D1C3C05C8562DB51ACCAE2890C937F412D6E963C96965AA36350E8AB2901EE705B25407BC60711D9FC17E7885E5ED413ABBE2C207D55647F82C44367C13F489AD520A2A8FFA64C4F6EAF7AA816717F3019C6D240A4B9D788AFB73EA403523222D1E5940C47CAF304ED908664D7C3
20520170623214723 2 6 100 4095 5 F2D0058FA043FB189699D118DE484B66A10DCE703B27209CFC6D23D9178067C9D560D7D8BA9D4439A22AED66322F25D886C0A5CD41821B49AAE3D7A7B72F9B0E2D823709AF5444C7E9474DF5867E605E638923A2FAD546A86B8014BA460D238A939B445D7489C91977B54AB531D75B0F4264F187218F885129751EC78654F4B21191365FEA1B7FEFC40842BBC07C4F1D1AD153F6A39B582406F6B5895336A1199F7556EE957EAC716AE6678CBE5390730F0EBB3CC5210242A80CB128BFD747ED1B61AF6BBD5B5DC07B34C5CA7AF73D1EE973B93E13918801AEFD674DF92A0AD84BFA2A8CEE1AD26140DA1D5FC0C450A1EAEBC88F8EA8E703A0F3A814E1F6975AA5BE732473575D16F137D2CE5F7A546CE4371ECB5E8052295E122A9CF89A026E2D09BDE56B8B04CC4CAE66CD0C5E0DFE30695DD798C50E39C911C887FEBACAAEFD2BFE7D454E051C432D66AD84680DA7C126F1A9C7C540283CCB863B9414BB536BA358259104ECB406B4976F97558FA4E5854888A8D13C96A14025DA0C55F869F6AF954B1E7AA1D317262C52099860E870A7EAF72F9910ACA809FF2DEA37FCA3EFB31FD43A308E4138E40178BEAC0FBB0E79ED7D1DCF8F8A81A4ABBFE6749F4C1B96BD65A14822490BC0A71E854BC8077C7A8F2C6FE308F86DEC97F600A4A0015F086B021F7F0BCAFDE3DA4D7E38A9AA1E992539389E99412FD22988F8513E37 20520171129205307 2 6 100 4095 2 D693DF66A6AA48BBECF942D3453355A19560938DE0A34C3E1158E5B9ECD70272CAE9686FAC4B6F64149C85607C158A67DB1C9B7FABD46379269492CB6B7E484D8AD4EA76D75EAD74F6A1E64D29206EC7BFF0630F3663C338039F8D10751AB8A177EEBB41E68434EAE03F7CA3761DE111900DC75F03209D8F6A92E178D94ADC7791D1BA55E7B6943A70D19957E348CA4B2407F89427D3B90979868732C69C221A3747ABCC7A9116D92237A1FDBE81E1ADDDA92F7FC0C15E7436B7C222E7759589919788B718B1F9F48356230B8F061F01FF21CD2DFEB2A1C744F8CBA3765364F1F417E105EDA7EB0ADBF1FD4CF4415B41CDA9BEF3CF6607A097EA2CFE32FA5376C01D1DF3B003FDEAE7571D0C54B5DED4DBBA2C753FB5ED889DD832085D75661CC762BBA28567CD080FB738B61C58ABF9962935C44322F1B96BEBEB594681CD2F20CA9F4D71C23D48E69725D37A4718924C4F145FBE0D841BE7C410A29C45810E240C319BADC04F990C4A84592FF925A73B6FE898F861B0E84D1146EB6856ADF066B11A0AE6915230F8A8E8234B33B5BAC1F3D1C3C05C8562DB51ACCAE2890C937F412D6E963C96965AA36350E8AB2901EE705B25407BC60711D9FC17E7885E5ED413ABBE2C207D55647F82C44367C13F489AD520A2A8FFA64C4F6EAF7AA816717F3019C6D240A4B9D788AFB73EA403523222D1E5940C47CAF304ED9086BA916B
20620170623233949 2 6 100 6143 2 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D915376BC3 20620171129211738 2 6 100 4095 2 D693DF66A6AA48BBECF942D3453355A19560938DE0A34C3E1158E5B9ECD70272CAE9686FAC4B6F64149C85607C158A67DB1C9B7FABD46379269492CB6B7E484D8AD4EA76D75EAD74F6A1E64D29206EC7BFF0630F3663C338039F8D10751AB8A177EEBB41E68434EAE03F7CA3761DE111900DC75F03209D8F6A92E178D94ADC7791D1BA55E7B6943A70D19957E348CA4B2407F89427D3B90979868732C69C221A3747ABCC7A9116D92237A1FDBE81E1ADDDA92F7FC0C15E7436B7C222E7759589919788B718B1F9F48356230B8F061F01FF21CD2DFEB2A1C744F8CBA3765364F1F417E105EDA7EB0ADBF1FD4CF4415B41CDA9BEF3CF6607A097EA2CFE32FA5376C01D1DF3B003FDEAE7571D0C54B5DED4DBBA2C753FB5ED889DD832085D75661CC762BBA28567CD080FB738B61C58ABF9962935C44322F1B96BEBEB594681CD2F20CA9F4D71C23D48E69725D37A4718924C4F145FBE0D841BE7C410A29C45810E240C319BADC04F990C4A84592FF925A73B6FE898F861B0E84D1146EB6856ADF066B11A0AE6915230F8A8E8234B33B5BAC1F3D1C3C05C8562DB51ACCAE2890C937F412D6E963C96965AA36350E8AB2901EE705B25407BC60711D9FC17E7885E5ED413ABBE2C207D55647F82C44367C13F489AD520A2A8FFA64C4F6EAF7AA816717F3019C6D240A4B9D788AFB73EA403523222D1E5940C47CAF304ED9088852733
20720170624020214 2 6 100 6143 5 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D918FF036F 20720171129212245 2 6 100 4095 2 D693DF66A6AA48BBECF942D3453355A19560938DE0A34C3E1158E5B9ECD70272CAE9686FAC4B6F64149C85607C158A67DB1C9B7FABD46379269492CB6B7E484D8AD4EA76D75EAD74F6A1E64D29206EC7BFF0630F3663C338039F8D10751AB8A177EEBB41E68434EAE03F7CA3761DE111900DC75F03209D8F6A92E178D94ADC7791D1BA55E7B6943A70D19957E348CA4B2407F89427D3B90979868732C69C221A3747ABCC7A9116D92237A1FDBE81E1ADDDA92F7FC0C15E7436B7C222E7759589919788B718B1F9F48356230B8F061F01FF21CD2DFEB2A1C744F8CBA3765364F1F417E105EDA7EB0ADBF1FD4CF4415B41CDA9BEF3CF6607A097EA2CFE32FA5376C01D1DF3B003FDEAE7571D0C54B5DED4DBBA2C753FB5ED889DD832085D75661CC762BBA28567CD080FB738B61C58ABF9962935C44322F1B96BEBEB594681CD2F20CA9F4D71C23D48E69725D37A4718924C4F145FBE0D841BE7C410A29C45810E240C319BADC04F990C4A84592FF925A73B6FE898F861B0E84D1146EB6856ADF066B11A0AE6915230F8A8E8234B33B5BAC1F3D1C3C05C8562DB51ACCAE2890C937F412D6E963C96965AA36350E8AB2901EE705B25407BC60711D9FC17E7885E5ED413ABBE2C207D55647F82C44367C13F489AD520A2A8FFA64C4F6EAF7AA816717F3019C6D240A4B9D788AFB73EA403523222D1E5940C47CAF304ED9088DFD4A3
20820170624030028 2 6 100 6143 5 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D91A80668F 20820171129212444 2 6 100 4095 2 D693DF66A6AA48BBECF942D3453355A19560938DE0A34C3E1158E5B9ECD70272CAE9686FAC4B6F64149C85607C158A67DB1C9B7FABD46379269492CB6B7E484D8AD4EA76D75EAD74F6A1E64D29206EC7BFF0630F3663C338039F8D10751AB8A177EEBB41E68434EAE03F7CA3761DE111900DC75F03209D8F6A92E178D94ADC7791D1BA55E7B6943A70D19957E348CA4B2407F89427D3B90979868732C69C221A3747ABCC7A9116D92237A1FDBE81E1ADDDA92F7FC0C15E7436B7C222E7759589919788B718B1F9F48356230B8F061F01FF21CD2DFEB2A1C744F8CBA3765364F1F417E105EDA7EB0ADBF1FD4CF4415B41CDA9BEF3CF6607A097EA2CFE32FA5376C01D1DF3B003FDEAE7571D0C54B5DED4DBBA2C753FB5ED889DD832085D75661CC762BBA28567CD080FB738B61C58ABF9962935C44322F1B96BEBEB594681CD2F20CA9F4D71C23D48E69725D37A4718924C4F145FBE0D841BE7C410A29C45810E240C319BADC04F990C4A84592FF925A73B6FE898F861B0E84D1146EB6856ADF066B11A0AE6915230F8A8E8234B33B5BAC1F3D1C3C05C8562DB51ACCAE2890C937F412D6E963C96965AA36350E8AB2901EE705B25407BC60711D9FC17E7885E5ED413ABBE2C207D55647F82C44367C13F489AD520A2A8FFA64C4F6EAF7AA816717F3019C6D240A4B9D788AFB73EA403523222D1E5940C47CAF304ED9088FEF233
20920170624033630 2 6 100 6143 2 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D91B697BC3 20920171129213520 2 6 100 4095 2 D693DF66A6AA48BBECF942D3453355A19560938DE0A34C3E1158E5B9ECD70272CAE9686FAC4B6F64149C85607C158A67DB1C9B7FABD46379269492CB6B7E484D8AD4EA76D75EAD74F6A1E64D29206EC7BFF0630F3663C338039F8D10751AB8A177EEBB41E68434EAE03F7CA3761DE111900DC75F03209D8F6A92E178D94ADC7791D1BA55E7B6943A70D19957E348CA4B2407F89427D3B90979868732C69C221A3747ABCC7A9116D92237A1FDBE81E1ADDDA92F7FC0C15E7436B7C222E7759589919788B718B1F9F48356230B8F061F01FF21CD2DFEB2A1C744F8CBA3765364F1F417E105EDA7EB0ADBF1FD4CF4415B41CDA9BEF3CF6607A097EA2CFE32FA5376C01D1DF3B003FDEAE7571D0C54B5DED4DBBA2C753FB5ED889DD832085D75661CC762BBA28567CD080FB738B61C58ABF9962935C44322F1B96BEBEB594681CD2F20CA9F4D71C23D48E69725D37A4718924C4F145FBE0D841BE7C410A29C45810E240C319BADC04F990C4A84592FF925A73B6FE898F861B0E84D1146EB6856ADF066B11A0AE6915230F8A8E8234B33B5BAC1F3D1C3C05C8562DB51ACCAE2890C937F412D6E963C96965AA36350E8AB2901EE705B25407BC60711D9FC17E7885E5ED413ABBE2C207D55647F82C44367C13F489AD520A2A8FFA64C4F6EAF7AA816717F3019C6D240A4B9D788AFB73EA403523222D1E5940C47CAF304ED9089C4756B
21020170624052652 2 6 100 6143 2 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D91E5556DB 21020171129214659 2 6 100 4095 5 D693DF66A6AA48BBECF942D3453355A19560938DE0A34C3E1158E5B9ECD70272CAE9686FAC4B6F64149C85607C158A67DB1C9B7FABD46379269492CB6B7E484D8AD4EA76D75EAD74F6A1E64D29206EC7BFF0630F3663C338039F8D10751AB8A177EEBB41E68434EAE03F7CA3761DE111900DC75F03209D8F6A92E178D94ADC7791D1BA55E7B6943A70D19957E348CA4B2407F89427D3B90979868732C69C221A3747ABCC7A9116D92237A1FDBE81E1ADDDA92F7FC0C15E7436B7C222E7759589919788B718B1F9F48356230B8F061F01FF21CD2DFEB2A1C744F8CBA3765364F1F417E105EDA7EB0ADBF1FD4CF4415B41CDA9BEF3CF6607A097EA2CFE32FA5376C01D1DF3B003FDEAE7571D0C54B5DED4DBBA2C753FB5ED889DD832085D75661CC762BBA28567CD080FB738B61C58ABF9962935C44322F1B96BEBEB594681CD2F20CA9F4D71C23D48E69725D37A4718924C4F145FBE0D841BE7C410A29C45810E240C319BADC04F990C4A84592FF925A73B6FE898F861B0E84D1146EB6856ADF066B11A0AE6915230F8A8E8234B33B5BAC1F3D1C3C05C8562DB51ACCAE2890C937F412D6E963C96965AA36350E8AB2901EE705B25407BC60711D9FC17E7885E5ED413ABBE2C207D55647F82C44367C13F489AD520A2A8FFA64C4F6EAF7AA816717F3019C6D240A4B9D788AFB73EA403523222D1E5940C47CAF304ED908A9732EF
21120170624075515 2 6 100 6143 2 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D922262F73 21120171129215106 2 6 100 4095 2 D693DF66A6AA48BBECF942D3453355A19560938DE0A34C3E1158E5B9ECD70272CAE9686FAC4B6F64149C85607C158A67DB1C9B7FABD46379269492CB6B7E484D8AD4EA76D75EAD74F6A1E64D29206EC7BFF0630F3663C338039F8D10751AB8A177EEBB41E68434EAE03F7CA3761DE111900DC75F03209D8F6A92E178D94ADC7791D1BA55E7B6943A70D19957E348CA4B2407F89427D3B90979868732C69C221A3747ABCC7A9116D92237A1FDBE81E1ADDDA92F7FC0C15E7436B7C222E7759589919788B718B1F9F48356230B8F061F01FF21CD2DFEB2A1C744F8CBA3765364F1F417E105EDA7EB0ADBF1FD4CF4415B41CDA9BEF3CF6607A097EA2CFE32FA5376C01D1DF3B003FDEAE7571D0C54B5DED4DBBA2C753FB5ED889DD832085D75661CC762BBA28567CD080FB738B61C58ABF9962935C44322F1B96BEBEB594681CD2F20CA9F4D71C23D48E69725D37A4718924C4F145FBE0D841BE7C410A29C45810E240C319BADC04F990C4A84592FF925A73B6FE898F861B0E84D1146EB6856ADF066B11A0AE6915230F8A8E8234B33B5BAC1F3D1C3C05C8562DB51ACCAE2890C937F412D6E963C96965AA36350E8AB2901EE705B25407BC60711D9FC17E7885E5ED413ABBE2C207D55647F82C44367C13F489AD520A2A8FFA64C4F6EAF7AA816717F3019C6D240A4B9D788AFB73EA403523222D1E5940C47CAF304ED908ADCE773
21220170624103157 2 6 100 6143 5 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D92638CCD7 21220171129215630 2 6 100 4095 5 D693DF66A6AA48BBECF942D3453355A19560938DE0A34C3E1158E5B9ECD70272CAE9686FAC4B6F64149C85607C158A67DB1C9B7FABD46379269492CB6B7E484D8AD4EA76D75EAD74F6A1E64D29206EC7BFF0630F3663C338039F8D10751AB8A177EEBB41E68434EAE03F7CA3761DE111900DC75F03209D8F6A92E178D94ADC7791D1BA55E7B6943A70D19957E348CA4B2407F89427D3B90979868732C69C221A3747ABCC7A9116D92237A1FDBE81E1ADDDA92F7FC0C15E7436B7C222E7759589919788B718B1F9F48356230B8F061F01FF21CD2DFEB2A1C744F8CBA3765364F1F417E105EDA7EB0ADBF1FD4CF4415B41CDA9BEF3CF6607A097EA2CFE32FA5376C01D1DF3B003FDEAE7571D0C54B5DED4DBBA2C753FB5ED889DD832085D75661CC762BBA28567CD080FB738B61C58ABF9962935C44322F1B96BEBEB594681CD2F20CA9F4D71C23D48E69725D37A4718924C4F145FBE0D841BE7C410A29C45810E240C319BADC04F990C4A84592FF925A73B6FE898F861B0E84D1146EB6856ADF066B11A0AE6915230F8A8E8234B33B5BAC1F3D1C3C05C8562DB51ACCAE2890C937F412D6E963C96965AA36350E8AB2901EE705B25407BC60711D9FC17E7885E5ED413ABBE2C207D55647F82C44367C13F489AD520A2A8FFA64C4F6EAF7AA816717F3019C6D240A4B9D788AFB73EA403523222D1E5940C47CAF304ED908B3A5BEF
21320170624120558 2 6 100 6143 2 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D92895C273 21320171129220756 2 6 100 4095 2 D693DF66A6AA48BBECF942D3453355A19560938DE0A34C3E1158E5B9ECD70272CAE9686FAC4B6F64149C85607C158A67DB1C9B7FABD46379269492CB6B7E484D8AD4EA76D75EAD74F6A1E64D29206EC7BFF0630F3663C338039F8D10751AB8A177EEBB41E68434EAE03F7CA3761DE111900DC75F03209D8F6A92E178D94ADC7791D1BA55E7B6943A70D19957E348CA4B2407F89427D3B90979868732C69C221A3747ABCC7A9116D92237A1FDBE81E1ADDDA92F7FC0C15E7436B7C222E7759589919788B718B1F9F48356230B8F061F01FF21CD2DFEB2A1C744F8CBA3765364F1F417E105EDA7EB0ADBF1FD4CF4415B41CDA9BEF3CF6607A097EA2CFE32FA5376C01D1DF3B003FDEAE7571D0C54B5DED4DBBA2C753FB5ED889DD832085D75661CC762BBA28567CD080FB738B61C58ABF9962935C44322F1B96BEBEB594681CD2F20CA9F4D71C23D48E69725D37A4718924C4F145FBE0D841BE7C410A29C45810E240C319BADC04F990C4A84592FF925A73B6FE898F861B0E84D1146EB6856ADF066B11A0AE6915230F8A8E8234B33B5BAC1F3D1C3C05C8562DB51ACCAE2890C937F412D6E963C96965AA36350E8AB2901EE705B25407BC60711D9FC17E7885E5ED413ABBE2C207D55647F82C44367C13F489AD520A2A8FFA64C4F6EAF7AA816717F3019C6D240A4B9D788AFB73EA403523222D1E5940C47CAF304ED908C0BB263
21420170624130210 2 6 100 6143 5 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D92A0429E7 21420171129221730 2 6 100 4095 2 D693DF66A6AA48BBECF942D3453355A19560938DE0A34C3E1158E5B9ECD70272CAE9686FAC4B6F64149C85607C158A67DB1C9B7FABD46379269492CB6B7E484D8AD4EA76D75EAD74F6A1E64D29206EC7BFF0630F3663C338039F8D10751AB8A177EEBB41E68434EAE03F7CA3761DE111900DC75F03209D8F6A92E178D94ADC7791D1BA55E7B6943A70D19957E348CA4B2407F89427D3B90979868732C69C221A3747ABCC7A9116D92237A1FDBE81E1ADDDA92F7FC0C15E7436B7C222E7759589919788B718B1F9F48356230B8F061F01FF21CD2DFEB2A1C744F8CBA3765364F1F417E105EDA7EB0ADBF1FD4CF4415B41CDA9BEF3CF6607A097EA2CFE32FA5376C01D1DF3B003FDEAE7571D0C54B5DED4DBBA2C753FB5ED889DD832085D75661CC762BBA28567CD080FB738B61C58ABF9962935C44322F1B96BEBEB594681CD2F20CA9F4D71C23D48E69725D37A4718924C4F145FBE0D841BE7C410A29C45810E240C319BADC04F990C4A84592FF925A73B6FE898F861B0E84D1146EB6856ADF066B11A0AE6915230F8A8E8234B33B5BAC1F3D1C3C05C8562DB51ACCAE2890C937F412D6E963C96965AA36350E8AB2901EE705B25407BC60711D9FC17E7885E5ED413ABBE2C207D55647F82C44367C13F489AD520A2A8FFA64C4F6EAF7AA816717F3019C6D240A4B9D788AFB73EA403523222D1E5940C47CAF304ED908CB5663B
21520170624131317 2 6 100 6143 2 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D92A441063 21520171129223322 2 6 100 4095 2 D693DF66A6AA48BBECF942D3453355A19560938DE0A34C3E1158E5B9ECD70272CAE9686FAC4B6F64149C85607C158A67DB1C9B7FABD46379269492CB6B7E484D8AD4EA76D75EAD74F6A1E64D29206EC7BFF0630F3663C338039F8D10751AB8A177EEBB41E68434EAE03F7CA3761DE111900DC75F03209D8F6A92E178D94ADC7791D1BA55E7B6943A70D19957E348CA4B2407F89427D3B90979868732C69C221A3747ABCC7A9116D92237A1FDBE81E1ADDDA92F7FC0C15E7436B7C222E7759589919788B718B1F9F48356230B8F061F01FF21CD2DFEB2A1C744F8CBA3765364F1F417E105EDA7EB0ADBF1FD4CF4415B41CDA9BEF3CF6607A097EA2CFE32FA5376C01D1DF3B003FDEAE7571D0C54B5DED4DBBA2C753FB5ED889DD832085D75661CC762BBA28567CD080FB738B61C58ABF9962935C44322F1B96BEBEB594681CD2F20CA9F4D71C23D48E69725D37A4718924C4F145FBE0D841BE7C410A29C45810E240C319BADC04F990C4A84592FF925A73B6FE898F861B0E84D1146EB6856ADF066B11A0AE6915230F8A8E8234B33B5BAC1F3D1C3C05C8562DB51ACCAE2890C937F412D6E963C96965AA36350E8AB2901EE705B25407BC60711D9FC17E7885E5ED413ABBE2C207D55647F82C44367C13F489AD520A2A8FFA64C4F6EAF7AA816717F3019C6D240A4B9D788AFB73EA403523222D1E5940C47CAF304ED908DDCC3A3
21620170624132538 2 6 100 6143 5 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D92A8E794F 21620171129224236 2 6 100 4095 2 D693DF66A6AA48BBECF942D3453355A19560938DE0A34C3E1158E5B9ECD70272CAE9686FAC4B6F64149C85607C158A67DB1C9B7FABD46379269492CB6B7E484D8AD4EA76D75EAD74F6A1E64D29206EC7BFF0630F3663C338039F8D10751AB8A177EEBB41E68434EAE03F7CA3761DE111900DC75F03209D8F6A92E178D94ADC7791D1BA55E7B6943A70D19957E348CA4B2407F89427D3B90979868732C69C221A3747ABCC7A9116D92237A1FDBE81E1ADDDA92F7FC0C15E7436B7C222E7759589919788B718B1F9F48356230B8F061F01FF21CD2DFEB2A1C744F8CBA3765364F1F417E105EDA7EB0ADBF1FD4CF4415B41CDA9BEF3CF6607A097EA2CFE32FA5376C01D1DF3B003FDEAE7571D0C54B5DED4DBBA2C753FB5ED889DD832085D75661CC762BBA28567CD080FB738B61C58ABF9962935C44322F1B96BEBEB594681CD2F20CA9F4D71C23D48E69725D37A4718924C4F145FBE0D841BE7C410A29C45810E240C319BADC04F990C4A84592FF925A73B6FE898F861B0E84D1146EB6856ADF066B11A0AE6915230F8A8E8234B33B5BAC1F3D1C3C05C8562DB51ACCAE2890C937F412D6E963C96965AA36350E8AB2901EE705B25407BC60711D9FC17E7885E5ED413ABBE2C207D55647F82C44367C13F489AD520A2A8FFA64C4F6EAF7AA816717F3019C6D240A4B9D788AFB73EA403523222D1E5940C47CAF304ED908E85C73B
21720170624133715 2 6 100 6143 5 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D92AD26E07 21720171129224324 2 6 100 4095 5 D693DF66A6AA48BBECF942D3453355A19560938DE0A34C3E1158E5B9ECD70272CAE9686FAC4B6F64149C85607C158A67DB1C9B7FABD46379269492CB6B7E484D8AD4EA76D75EAD74F6A1E64D29206EC7BFF0630F3663C338039F8D10751AB8A177EEBB41E68434EAE03F7CA3761DE111900DC75F03209D8F6A92E178D94ADC7791D1BA55E7B6943A70D19957E348CA4B2407F89427D3B90979868732C69C221A3747ABCC7A9116D92237A1FDBE81E1ADDDA92F7FC0C15E7436B7C222E7759589919788B718B1F9F48356230B8F061F01FF21CD2DFEB2A1C744F8CBA3765364F1F417E105EDA7EB0ADBF1FD4CF4415B41CDA9BEF3CF6607A097EA2CFE32FA5376C01D1DF3B003FDEAE7571D0C54B5DED4DBBA2C753FB5ED889DD832085D75661CC762BBA28567CD080FB738B61C58ABF9962935C44322F1B96BEBEB594681CD2F20CA9F4D71C23D48E69725D37A4718924C4F145FBE0D841BE7C410A29C45810E240C319BADC04F990C4A84592FF925A73B6FE898F861B0E84D1146EB6856ADF066B11A0AE6915230F8A8E8234B33B5BAC1F3D1C3C05C8562DB51ACCAE2890C937F412D6E963C96965AA36350E8AB2901EE705B25407BC60711D9FC17E7885E5ED413ABBE2C207D55647F82C44367C13F489AD520A2A8FFA64C4F6EAF7AA816717F3019C6D240A4B9D788AFB73EA403523222D1E5940C47CAF304ED908E8D9E2F
21820170624145051 2 6 100 6143 5 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D92CB7412F 21820171129225233 2 6 100 4095 2 D693DF66A6AA48BBECF942D3453355A19560938DE0A34C3E1158E5B9ECD70272CAE9686FAC4B6F64149C85607C158A67DB1C9B7FABD46379269492CB6B7E484D8AD4EA76D75EAD74F6A1E64D29206EC7BFF0630F3663C338039F8D10751AB8A177EEBB41E68434EAE03F7CA3761DE111900DC75F03209D8F6A92E178D94ADC7791D1BA55E7B6943A70D19957E348CA4B2407F89427D3B90979868732C69C221A3747ABCC7A9116D92237A1FDBE81E1ADDDA92F7FC0C15E7436B7C222E7759589919788B718B1F9F48356230B8F061F01FF21CD2DFEB2A1C744F8CBA3765364F1F417E105EDA7EB0ADBF1FD4CF4415B41CDA9BEF3CF6607A097EA2CFE32FA5376C01D1DF3B003FDEAE7571D0C54B5DED4DBBA2C753FB5ED889DD832085D75661CC762BBA28567CD080FB738B61C58ABF9962935C44322F1B96BEBEB594681CD2F20CA9F4D71C23D48E69725D37A4718924C4F145FBE0D841BE7C410A29C45810E240C319BADC04F990C4A84592FF925A73B6FE898F861B0E84D1146EB6856ADF066B11A0AE6915230F8A8E8234B33B5BAC1F3D1C3C05C8562DB51ACCAE2890C937F412D6E963C96965AA36350E8AB2901EE705B25407BC60711D9FC17E7885E5ED413ABBE2C207D55647F82C44367C13F489AD520A2A8FFA64C4F6EAF7AA816717F3019C6D240A4B9D788AFB73EA403523222D1E5940C47CAF304ED908F379CB3
21920170624163751 2 6 100 6143 2 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D92F668E7B 21920171129225757 2 6 100 4095 2 D693DF66A6AA48BBECF942D3453355A19560938DE0A34C3E1158E5B9ECD70272CAE9686FAC4B6F64149C85607C158A67DB1C9B7FABD46379269492CB6B7E484D8AD4EA76D75EAD74F6A1E64D29206EC7BFF0630F3663C338039F8D10751AB8A177EEBB41E68434EAE03F7CA3761DE111900DC75F03209D8F6A92E178D94ADC7791D1BA55E7B6943A70D19957E348CA4B2407F89427D3B90979868732C69C221A3747ABCC7A9116D92237A1FDBE81E1ADDDA92F7FC0C15E7436B7C222E7759589919788B718B1F9F48356230B8F061F01FF21CD2DFEB2A1C744F8CBA3765364F1F417E105EDA7EB0ADBF1FD4CF4415B41CDA9BEF3CF6607A097EA2CFE32FA5376C01D1DF3B003FDEAE7571D0C54B5DED4DBBA2C753FB5ED889DD832085D75661CC762BBA28567CD080FB738B61C58ABF9962935C44322F1B96BEBEB594681CD2F20CA9F4D71C23D48E69725D37A4718924C4F145FBE0D841BE7C410A29C45810E240C319BADC04F990C4A84592FF925A73B6FE898F861B0E84D1146EB6856ADF066B11A0AE6915230F8A8E8234B33B5BAC1F3D1C3C05C8562DB51ACCAE2890C937F412D6E963C96965AA36350E8AB2901EE705B25407BC60711D9FC17E7885E5ED413ABBE2C207D55647F82C44367C13F489AD520A2A8FFA64C4F6EAF7AA816717F3019C6D240A4B9D788AFB73EA403523222D1E5940C47CAF304ED908F98DCDB
22020170624172739 2 6 100 6143 2 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D930A8FC4B 22020171129231535 2 6 100 4095 5 D693DF66A6AA48BBECF942D3453355A19560938DE0A34C3E1158E5B9ECD70272CAE9686FAC4B6F64149C85607C158A67DB1C9B7FABD46379269492CB6B7E484D8AD4EA76D75EAD74F6A1E64D29206EC7BFF0630F3663C338039F8D10751AB8A177EEBB41E68434EAE03F7CA3761DE111900DC75F03209D8F6A92E178D94ADC7791D1BA55E7B6943A70D19957E348CA4B2407F89427D3B90979868732C69C221A3747ABCC7A9116D92237A1FDBE81E1ADDDA92F7FC0C15E7436B7C222E7759589919788B718B1F9F48356230B8F061F01FF21CD2DFEB2A1C744F8CBA3765364F1F417E105EDA7EB0ADBF1FD4CF4415B41CDA9BEF3CF6607A097EA2CFE32FA5376C01D1DF3B003FDEAE7571D0C54B5DED4DBBA2C753FB5ED889DD832085D75661CC762BBA28567CD080FB738B61C58ABF9962935C44322F1B96BEBEB594681CD2F20CA9F4D71C23D48E69725D37A4718924C4F145FBE0D841BE7C410A29C45810E240C319BADC04F990C4A84592FF925A73B6FE898F861B0E84D1146EB6856ADF066B11A0AE6915230F8A8E8234B33B5BAC1F3D1C3C05C8562DB51ACCAE2890C937F412D6E963C96965AA36350E8AB2901EE705B25407BC60711D9FC17E7885E5ED413ABBE2C207D55647F82C44367C13F489AD520A2A8FFA64C4F6EAF7AA816717F3019C6D240A4B9D788AFB73EA403523222D1E5940C47CAF304ED9090E1233F
22120170624174055 2 6 100 6143 2 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D930F6B80B 22120171129232541 2 6 100 4095 2 D693DF66A6AA48BBECF942D3453355A19560938DE0A34C3E1158E5B9ECD70272CAE9686FAC4B6F64149C85607C158A67DB1C9B7FABD46379269492CB6B7E484D8AD4EA76D75EAD74F6A1E64D29206EC7BFF0630F3663C338039F8D10751AB8A177EEBB41E68434EAE03F7CA3761DE111900DC75F03209D8F6A92E178D94ADC7791D1BA55E7B6943A70D19957E348CA4B2407F89427D3B90979868732C69C221A3747ABCC7A9116D92237A1FDBE81E1ADDDA92F7FC0C15E7436B7C222E7759589919788B718B1F9F48356230B8F061F01FF21CD2DFEB2A1C744F8CBA3765364F1F417E105EDA7EB0ADBF1FD4CF4415B41CDA9BEF3CF6607A097EA2CFE32FA5376C01D1DF3B003FDEAE7571D0C54B5DED4DBBA2C753FB5ED889DD832085D75661CC762BBA28567CD080FB738B61C58ABF9962935C44322F1B96BEBEB594681CD2F20CA9F4D71C23D48E69725D37A4718924C4F145FBE0D841BE7C410A29C45810E240C319BADC04F990C4A84592FF925A73B6FE898F861B0E84D1146EB6856ADF066B11A0AE6915230F8A8E8234B33B5BAC1F3D1C3C05C8562DB51ACCAE2890C937F412D6E963C96965AA36350E8AB2901EE705B25407BC60711D9FC17E7885E5ED413ABBE2C207D55647F82C44367C13F489AD520A2A8FFA64C4F6EAF7AA816717F3019C6D240A4B9D788AFB73EA403523222D1E5940C47CAF304ED909198027B
22220170624185924 2 6 100 6143 5 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D932ED85B7 22220171129233438 2 6 100 4095 2 D693DF66A6AA48BBECF942D3453355A19560938DE0A34C3E1158E5B9ECD70272CAE9686FAC4B6F64149C85607C158A67DB1C9B7FABD46379269492CB6B7E484D8AD4EA76D75EAD74F6A1E64D29206EC7BFF0630F3663C338039F8D10751AB8A177EEBB41E68434EAE03F7CA3761DE111900DC75F03209D8F6A92E178D94ADC7791D1BA55E7B6943A70D19957E348CA4B2407F89427D3B90979868732C69C221A3747ABCC7A9116D92237A1FDBE81E1ADDDA92F7FC0C15E7436B7C222E7759589919788B718B1F9F48356230B8F061F01FF21CD2DFEB2A1C744F8CBA3765364F1F417E105EDA7EB0ADBF1FD4CF4415B41CDA9BEF3CF6607A097EA2CFE32FA5376C01D1DF3B003FDEAE7571D0C54B5DED4DBBA2C753FB5ED889DD832085D75661CC762BBA28567CD080FB738B61C58ABF9962935C44322F1B96BEBEB594681CD2F20CA9F4D71C23D48E69725D37A4718924C4F145FBE0D841BE7C410A29C45810E240C319BADC04F990C4A84592FF925A73B6FE898F861B0E84D1146EB6856ADF066B11A0AE6915230F8A8E8234B33B5BAC1F3D1C3C05C8562DB51ACCAE2890C937F412D6E963C96965AA36350E8AB2901EE705B25407BC60711D9FC17E7885E5ED413ABBE2C207D55647F82C44367C13F489AD520A2A8FFA64C4F6EAF7AA816717F3019C6D240A4B9D788AFB73EA403523222D1E5940C47CAF304ED90923CF07B
22320170624220917 2 6 100 6143 2 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D937BF2B3B 22320171129233904 2 6 100 4095 2 D693DF66A6AA48BBECF942D3453355A19560938DE0A34C3E1158E5B9ECD70272CAE9686FAC4B6F64149C85607C158A67DB1C9B7FABD46379269492CB6B7E484D8AD4EA76D75EAD74F6A1E64D29206EC7BFF0630F3663C338039F8D10751AB8A177EEBB41E68434EAE03F7CA3761DE111900DC75F03209D8F6A92E178D94ADC7791D1BA55E7B6943A70D19957E348CA4B2407F89427D3B90979868732C69C221A3747ABCC7A9116D92237A1FDBE81E1ADDDA92F7FC0C15E7436B7C222E7759589919788B718B1F9F48356230B8F061F01FF21CD2DFEB2A1C744F8CBA3765364F1F417E105EDA7EB0ADBF1FD4CF4415B41CDA9BEF3CF6607A097EA2CFE32FA5376C01D1DF3B003FDEAE7571D0C54B5DED4DBBA2C753FB5ED889DD832085D75661CC762BBA28567CD080FB738B61C58ABF9962935C44322F1B96BEBEB594681CD2F20CA9F4D71C23D48E69725D37A4718924C4F145FBE0D841BE7C410A29C45810E240C319BADC04F990C4A84592FF925A73B6FE898F861B0E84D1146EB6856ADF066B11A0AE6915230F8A8E8234B33B5BAC1F3D1C3C05C8562DB51ACCAE2890C937F412D6E963C96965AA36350E8AB2901EE705B25407BC60711D9FC17E7885E5ED413ABBE2C207D55647F82C44367C13F489AD520A2A8FFA64C4F6EAF7AA816717F3019C6D240A4B9D788AFB73EA403523222D1E5940C47CAF304ED90928C0D7B
22420170624222456 2 6 100 6143 2 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D9381B839B 22420171129235019 2 6 100 4095 2 D693DF66A6AA48BBECF942D3453355A19560938DE0A34C3E1158E5B9ECD70272CAE9686FAC4B6F64149C85607C158A67DB1C9B7FABD46379269492CB6B7E484D8AD4EA76D75EAD74F6A1E64D29206EC7BFF0630F3663C338039F8D10751AB8A177EEBB41E68434EAE03F7CA3761DE111900DC75F03209D8F6A92E178D94ADC7791D1BA55E7B6943A70D19957E348CA4B2407F89427D3B90979868732C69C221A3747ABCC7A9116D92237A1FDBE81E1ADDDA92F7FC0C15E7436B7C222E7759589919788B718B1F9F48356230B8F061F01FF21CD2DFEB2A1C744F8CBA3765364F1F417E105EDA7EB0ADBF1FD4CF4415B41CDA9BEF3CF6607A097EA2CFE32FA5376C01D1DF3B003FDEAE7571D0C54B5DED4DBBA2C753FB5ED889DD832085D75661CC762BBA28567CD080FB738B61C58ABF9962935C44322F1B96BEBEB594681CD2F20CA9F4D71C23D48E69725D37A4718924C4F145FBE0D841BE7C410A29C45810E240C319BADC04F990C4A84592FF925A73B6FE898F861B0E84D1146EB6856ADF066B11A0AE6915230F8A8E8234B33B5BAC1F3D1C3C05C8562DB51ACCAE2890C937F412D6E963C96965AA36350E8AB2901EE705B25407BC60711D9FC17E7885E5ED413ABBE2C207D55647F82C44367C13F489AD520A2A8FFA64C4F6EAF7AA816717F3019C6D240A4B9D788AFB73EA403523222D1E5940C47CAF304ED90935B1963
22520170625033902 2 6 100 6143 2 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D94007305B 22520171130000155 2 6 100 4095 2 D693DF66A6AA48BBECF942D3453355A19560938DE0A34C3E1158E5B9ECD70272CAE9686FAC4B6F64149C85607C158A67DB1C9B7FABD46379269492CB6B7E484D8AD4EA76D75EAD74F6A1E64D29206EC7BFF0630F3663C338039F8D10751AB8A177EEBB41E68434EAE03F7CA3761DE111900DC75F03209D8F6A92E178D94ADC7791D1BA55E7B6943A70D19957E348CA4B2407F89427D3B90979868732C69C221A3747ABCC7A9116D92237A1FDBE81E1ADDDA92F7FC0C15E7436B7C222E7759589919788B718B1F9F48356230B8F061F01FF21CD2DFEB2A1C744F8CBA3765364F1F417E105EDA7EB0ADBF1FD4CF4415B41CDA9BEF3CF6607A097EA2CFE32FA5376C01D1DF3B003FDEAE7571D0C54B5DED4DBBA2C753FB5ED889DD832085D75661CC762BBA28567CD080FB738B61C58ABF9962935C44322F1B96BEBEB594681CD2F20CA9F4D71C23D48E69725D37A4718924C4F145FBE0D841BE7C410A29C45810E240C319BADC04F990C4A84592FF925A73B6FE898F861B0E84D1146EB6856ADF066B11A0AE6915230F8A8E8234B33B5BAC1F3D1C3C05C8562DB51ACCAE2890C937F412D6E963C96965AA36350E8AB2901EE705B25407BC60711D9FC17E7885E5ED413ABBE2C207D55647F82C44367C13F489AD520A2A8FFA64C4F6EAF7AA816717F3019C6D240A4B9D788AFB73EA403523222D1E5940C47CAF304ED90942FB1FB
22620170625053719 2 6 100 6143 5 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D942F8C1E7 22620171130000803 2 6 100 4095 2 D693DF66A6AA48BBECF942D3453355A19560938DE0A34C3E1158E5B9ECD70272CAE9686FAC4B6F64149C85607C158A67DB1C9B7FABD46379269492CB6B7E484D8AD4EA76D75EAD74F6A1E64D29206EC7BFF0630F3663C338039F8D10751AB8A177EEBB41E68434EAE03F7CA3761DE111900DC75F03209D8F6A92E178D94ADC7791D1BA55E7B6943A70D19957E348CA4B2407F89427D3B90979868732C69C221A3747ABCC7A9116D92237A1FDBE81E1ADDDA92F7FC0C15E7436B7C222E7759589919788B718B1F9F48356230B8F061F01FF21CD2DFEB2A1C744F8CBA3765364F1F417E105EDA7EB0ADBF1FD4CF4415B41CDA9BEF3CF6607A097EA2CFE32FA5376C01D1DF3B003FDEAE7571D0C54B5DED4DBBA2C753FB5ED889DD832085D75661CC762BBA28567CD080FB738B61C58ABF9962935C44322F1B96BEBEB594681CD2F20CA9F4D71C23D48E69725D37A4718924C4F145FBE0D841BE7C410A29C45810E240C319BADC04F990C4A84592FF925A73B6FE898F861B0E84D1146EB6856ADF066B11A0AE6915230F8A8E8234B33B5BAC1F3D1C3C05C8562DB51ACCAE2890C937F412D6E963C96965AA36350E8AB2901EE705B25407BC60711D9FC17E7885E5ED413ABBE2C207D55647F82C44367C13F489AD520A2A8FFA64C4F6EAF7AA816717F3019C6D240A4B9D788AFB73EA403523222D1E5940C47CAF304ED90949B573B
22720170625062259 2 6 100 6143 2 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D944178FAB 22720171130003235 2 6 100 4095 5 D693DF66A6AA48BBECF942D3453355A19560938DE0A34C3E1158E5B9ECD70272CAE9686FAC4B6F64149C85607C158A67DB1C9B7FABD46379269492CB6B7E484D8AD4EA76D75EAD74F6A1E64D29206EC7BFF0630F3663C338039F8D10751AB8A177EEBB41E68434EAE03F7CA3761DE111900DC75F03209D8F6A92E178D94ADC7791D1BA55E7B6943A70D19957E348CA4B2407F89427D3B90979868732C69C221A3747ABCC7A9116D92237A1FDBE81E1ADDDA92F7FC0C15E7436B7C222E7759589919788B718B1F9F48356230B8F061F01FF21CD2DFEB2A1C744F8CBA3765364F1F417E105EDA7EB0ADBF1FD4CF4415B41CDA9BEF3CF6607A097EA2CFE32FA5376C01D1DF3B003FDEAE7571D0C54B5DED4DBBA2C753FB5ED889DD832085D75661CC762BBA28567CD080FB738B61C58ABF9962935C44322F1B96BEBEB594681CD2F20CA9F4D71C23D48E69725D37A4718924C4F145FBE0D841BE7C410A29C45810E240C319BADC04F990C4A84592FF925A73B6FE898F861B0E84D1146EB6856ADF066B11A0AE6915230F8A8E8234B33B5BAC1F3D1C3C05C8562DB51ACCAE2890C937F412D6E963C96965AA36350E8AB2901EE705B25407BC60711D9FC17E7885E5ED413ABBE2C207D55647F82C44367C13F489AD520A2A8FFA64C4F6EAF7AA816717F3019C6D240A4B9D788AFB73EA403523222D1E5940C47CAF304ED90966596E7
22820170625072908 2 6 100 6143 5 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D945B1B3DF 22820171130005040 2 6 100 4095 2 D693DF66A6AA48BBECF942D3453355A19560938DE0A34C3E1158E5B9ECD70272CAE9686FAC4B6F64149C85607C158A67DB1C9B7FABD46379269492CB6B7E484D8AD4EA76D75EAD74F6A1E64D29206EC7BFF0630F3663C338039F8D10751AB8A177EEBB41E68434EAE03F7CA3761DE111900DC75F03209D8F6A92E178D94ADC7791D1BA55E7B6943A70D19957E348CA4B2407F89427D3B90979868732C69C221A3747ABCC7A9116D92237A1FDBE81E1ADDDA92F7FC0C15E7436B7C222E7759589919788B718B1F9F48356230B8F061F01FF21CD2DFEB2A1C744F8CBA3765364F1F417E105EDA7EB0ADBF1FD4CF4415B41CDA9BEF3CF6607A097EA2CFE32FA5376C01D1DF3B003FDEAE7571D0C54B5DED4DBBA2C753FB5ED889DD832085D75661CC762BBA28567CD080FB738B61C58ABF9962935C44322F1B96BEBEB594681CD2F20CA9F4D71C23D48E69725D37A4718924C4F145FBE0D841BE7C410A29C45810E240C319BADC04F990C4A84592FF925A73B6FE898F861B0E84D1146EB6856ADF066B11A0AE6915230F8A8E8234B33B5BAC1F3D1C3C05C8562DB51ACCAE2890C937F412D6E963C96965AA36350E8AB2901EE705B25407BC60711D9FC17E7885E5ED413ABBE2C207D55647F82C44367C13F489AD520A2A8FFA64C4F6EAF7AA816717F3019C6D240A4B9D788AFB73EA403523222D1E5940C47CAF304ED9097B63323
22920170625075138 2 6 100 6143 2 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D9463A10C3 22920171130005620 2 6 100 4095 5 D693DF66A6AA48BBECF942D3453355A19560938DE0A34C3E1158E5B9ECD70272CAE9686FAC4B6F64149C85607C158A67DB1C9B7FABD46379269492CB6B7E484D8AD4EA76D75EAD74F6A1E64D29206EC7BFF0630F3663C338039F8D10751AB8A177EEBB41E68434EAE03F7CA3761DE111900DC75F03209D8F6A92E178D94ADC7791D1BA55E7B6943A70D19957E348CA4B2407F89427D3B90979868732C69C221A3747ABCC7A9116D92237A1FDBE81E1ADDDA92F7FC0C15E7436B7C222E7759589919788B718B1F9F48356230B8F061F01FF21CD2DFEB2A1C744F8CBA3765364F1F417E105EDA7EB0ADBF1FD4CF4415B41CDA9BEF3CF6607A097EA2CFE32FA5376C01D1DF3B003FDEAE7571D0C54B5DED4DBBA2C753FB5ED889DD832085D75661CC762BBA28567CD080FB738B61C58ABF9962935C44322F1B96BEBEB594681CD2F20CA9F4D71C23D48E69725D37A4718924C4F145FBE0D841BE7C410A29C45810E240C319BADC04F990C4A84592FF925A73B6FE898F861B0E84D1146EB6856ADF066B11A0AE6915230F8A8E8234B33B5BAC1F3D1C3C05C8562DB51ACCAE2890C937F412D6E963C96965AA36350E8AB2901EE705B25407BC60711D9FC17E7885E5ED413ABBE2C207D55647F82C44367C13F489AD520A2A8FFA64C4F6EAF7AA816717F3019C6D240A4B9D788AFB73EA403523222D1E5940C47CAF304ED909818E76F
23020170625080610 2 6 100 6143 2 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D94691AE5B 23020171130012144 2 6 100 4095 5 D693DF66A6AA48BBECF942D3453355A19560938DE0A34C3E1158E5B9ECD70272CAE9686FAC4B6F64149C85607C158A67DB1C9B7FABD46379269492CB6B7E484D8AD4EA76D75EAD74F6A1E64D29206EC7BFF0630F3663C338039F8D10751AB8A177EEBB41E68434EAE03F7CA3761DE111900DC75F03209D8F6A92E178D94ADC7791D1BA55E7B6943A70D19957E348CA4B2407F89427D3B90979868732C69C221A3747ABCC7A9116D92237A1FDBE81E1ADDDA92F7FC0C15E7436B7C222E7759589919788B718B1F9F48356230B8F061F01FF21CD2DFEB2A1C744F8CBA3765364F1F417E105EDA7EB0ADBF1FD4CF4415B41CDA9BEF3CF6607A097EA2CFE32FA5376C01D1DF3B003FDEAE7571D0C54B5DED4DBBA2C753FB5ED889DD832085D75661CC762BBA28567CD080FB738B61C58ABF9962935C44322F1B96BEBEB594681CD2F20CA9F4D71C23D48E69725D37A4718924C4F145FBE0D841BE7C410A29C45810E240C319BADC04F990C4A84592FF925A73B6FE898F861B0E84D1146EB6856ADF066B11A0AE6915230F8A8E8234B33B5BAC1F3D1C3C05C8562DB51ACCAE2890C937F412D6E963C96965AA36350E8AB2901EE705B25407BC60711D9FC17E7885E5ED413ABBE2C207D55647F82C44367C13F489AD520A2A8FFA64C4F6EAF7AA816717F3019C6D240A4B9D788AFB73EA403523222D1E5940C47CAF304ED9099F4FB5F
23120170625112146 2 6 100 6143 2 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D94B5B8CDB 23120171130014001 2 6 100 4095 2 D693DF66A6AA48BBECF942D3453355A19560938DE0A34C3E1158E5B9ECD70272CAE9686FAC4B6F64149C85607C158A67DB1C9B7FABD46379269492CB6B7E484D8AD4EA76D75EAD74F6A1E64D29206EC7BFF0630F3663C338039F8D10751AB8A177EEBB41E68434EAE03F7CA3761DE111900DC75F03209D8F6A92E178D94ADC7791D1BA55E7B6943A70D19957E348CA4B2407F89427D3B90979868732C69C221A3747ABCC7A9116D92237A1FDBE81E1ADDDA92F7FC0C15E7436B7C222E7759589919788B718B1F9F48356230B8F061F01FF21CD2DFEB2A1C744F8CBA3765364F1F417E105EDA7EB0ADBF1FD4CF4415B41CDA9BEF3CF6607A097EA2CFE32FA5376C01D1DF3B003FDEAE7571D0C54B5DED4DBBA2C753FB5ED889DD832085D75661CC762BBA28567CD080FB738B61C58ABF9962935C44322F1B96BEBEB594681CD2F20CA9F4D71C23D48E69725D37A4718924C4F145FBE0D841BE7C410A29C45810E240C319BADC04F990C4A84592FF925A73B6FE898F861B0E84D1146EB6856ADF066B11A0AE6915230F8A8E8234B33B5BAC1F3D1C3C05C8562DB51ACCAE2890C937F412D6E963C96965AA36350E8AB2901EE705B25407BC60711D9FC17E7885E5ED413ABBE2C207D55647F82C44367C13F489AD520A2A8FFA64C4F6EAF7AA816717F3019C6D240A4B9D788AFB73EA403523222D1E5940C47CAF304ED909B4379EB
23220170625113648 2 6 100 6143 5 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D94BB43777 23220171130014931 2 6 100 4095 2 D693DF66A6AA48BBECF942D3453355A19560938DE0A34C3E1158E5B9ECD70272CAE9686FAC4B6F64149C85607C158A67DB1C9B7FABD46379269492CB6B7E484D8AD4EA76D75EAD74F6A1E64D29206EC7BFF0630F3663C338039F8D10751AB8A177EEBB41E68434EAE03F7CA3761DE111900DC75F03209D8F6A92E178D94ADC7791D1BA55E7B6943A70D19957E348CA4B2407F89427D3B90979868732C69C221A3747ABCC7A9116D92237A1FDBE81E1ADDDA92F7FC0C15E7436B7C222E7759589919788B718B1F9F48356230B8F061F01FF21CD2DFEB2A1C744F8CBA3765364F1F417E105EDA7EB0ADBF1FD4CF4415B41CDA9BEF3CF6607A097EA2CFE32FA5376C01D1DF3B003FDEAE7571D0C54B5DED4DBBA2C753FB5ED889DD832085D75661CC762BBA28567CD080FB738B61C58ABF9962935C44322F1B96BEBEB594681CD2F20CA9F4D71C23D48E69725D37A4718924C4F145FBE0D841BE7C410A29C45810E240C319BADC04F990C4A84592FF925A73B6FE898F861B0E84D1146EB6856ADF066B11A0AE6915230F8A8E8234B33B5BAC1F3D1C3C05C8562DB51ACCAE2890C937F412D6E963C96965AA36350E8AB2901EE705B25407BC60711D9FC17E7885E5ED413ABBE2C207D55647F82C44367C13F489AD520A2A8FFA64C4F6EAF7AA816717F3019C6D240A4B9D788AFB73EA403523222D1E5940C47CAF304ED909BF25ABB
23320170625131459 2 6 100 6143 5 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D94E2020A7 23320171130015813 2 6 100 4095 2 D693DF66A6AA48BBECF942D3453355A19560938DE0A34C3E1158E5B9ECD70272CAE9686FAC4B6F64149C85607C158A67DB1C9B7FABD46379269492CB6B7E484D8AD4EA76D75EAD74F6A1E64D29206EC7BFF0630F3663C338039F8D10751AB8A177EEBB41E68434EAE03F7CA3761DE111900DC75F03209D8F6A92E178D94ADC7791D1BA55E7B6943A70D19957E348CA4B2407F89427D3B90979868732C69C221A3747ABCC7A9116D92237A1FDBE81E1ADDDA92F7FC0C15E7436B7C222E7759589919788B718B1F9F48356230B8F061F01FF21CD2DFEB2A1C744F8CBA3765364F1F417E105EDA7EB0ADBF1FD4CF4415B41CDA9BEF3CF6607A097EA2CFE32FA5376C01D1DF3B003FDEAE7571D0C54B5DED4DBBA2C753FB5ED889DD832085D75661CC762BBA28567CD080FB738B61C58ABF9962935C44322F1B96BEBEB594681CD2F20CA9F4D71C23D48E69725D37A4718924C4F145FBE0D841BE7C410A29C45810E240C319BADC04F990C4A84592FF925A73B6FE898F861B0E84D1146EB6856ADF066B11A0AE6915230F8A8E8234B33B5BAC1F3D1C3C05C8562DB51ACCAE2890C937F412D6E963C96965AA36350E8AB2901EE705B25407BC60711D9FC17E7885E5ED413ABBE2C207D55647F82C44367C13F489AD520A2A8FFA64C4F6EAF7AA816717F3019C6D240A4B9D788AFB73EA403523222D1E5940C47CAF304ED909C91146B
23420170625141110 2 6 100 6143 5 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D94F7F2B87 23420171130055239 2 6 100 6143 5 F2F9DF4571769305CF3128D1F3B27E0B51064C0D70472B4B834907A11B6C76DAA091DDD058F56E7E5A1A144CBAD246C592ADB38DB36673E636E06043CF3776DE42B2A3C52B29A5378A538205F863CBCE489A9D26209B2679B7C10179193C7B50CC806D8FEA57F761D54F010EDBDCBC7624B989AD0C894E9ABA77744E164CB92A615919DA4E66C41F0D7DE03C2C8C89077E8E712CB867993110D1DAC8F8CC87AEC5F98E0A46D2DA94727D432D4406AE31F8FB2B9DAD9E882994E41FA2B46D364B416F05BE0D579DC31D0ABD89EBA6789835C4B4CE6B8F0E9C19E2B99BBB55211D9392F18A210686F487C38F6ED33CAFA7F2468B423CC7F36DE73655CE7B94D681409616C94E55B31AB6DC3422956DB8F00490A539D95F1BF4965340CB90B5BA03104F643F96B9ABDCB5D34920E4E675DBAB81C038C11AB28459E1F10F15EBE9C21BA47427C72C2960DD8763BFCE27D47C4A06B24EBD911DED8A0ADE710930F87132830B1B8E0675447A48E519FB18FD66D4012DE35E03533CB9C13B7D19823092F7F0D9C0E5C0EF7BCF9017817CEBB550168BB846E91AA5FFF1E44B7F42215890A26157EFA5647AF412924BFC0F6CD278261BA1F959AE90F165DB11AD56CEB5223AF8BCCD5760AAB2ED5F11C56B517FFBC96B178E46EF11E7A4E8209C1CA887218600B8B20FAA80AA0B00816969A0AE25807374C24566AC03F8DFB417D0C3E43AC9BDA056AD0562A28C9F7C5EEC7AC847699170668113DF07F22A875C40D570B8CCF09EE00D91B9841A7D10F1763EE48C0BABA0F76EAD940AB5FB376C685E2EF4A81717F8ACDA8ED205FB819E62598FB343451EE47D73B9541D9F8FB6DF4029FC8FCEC0F5B94258DB49B39717B0FEB5DB3BA8FB1D28F4FE0319F84111BE08E9D251791A0A1809B55C307B0D337923EDB8CA4F2018DE38A3B7AADDFB938D93C4F3F287DBFDD542D11C747A319AAA9CA8446EA4D5A3B8B91B48B850009A9353596F2352839D55FD45F442272123402D58C80411E5113C50E35D28EDAD3C7271E9ABB4E7152C70B306571433323661D4D12B2FAB10304F721B07FF480431DB8C972F
23520170625144415 2 6 100 6143 2 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D9504A46D3 23520171130062757 2 6 100 6143 5 F2F9DF4571769305CF3128D1F3B27E0B51064C0D70472B4B834907A11B6C76DAA091DDD058F56E7E5A1A144CBAD246C592ADB38DB36673E636E06043CF3776DE42B2A3C52B29A5378A538205F863CBCE489A9D26209B2679B7C10179193C7B50CC806D8FEA57F761D54F010EDBDCBC7624B989AD0C894E9ABA77744E164CB92A615919DA4E66C41F0D7DE03C2C8C89077E8E712CB867993110D1DAC8F8CC87AEC5F98E0A46D2DA94727D432D4406AE31F8FB2B9DAD9E882994E41FA2B46D364B416F05BE0D579DC31D0ABD89EBA6789835C4B4CE6B8F0E9C19E2B99BBB55211D9392F18A210686F487C38F6ED33CAFA7F2468B423CC7F36DE73655CE7B94D681409616C94E55B31AB6DC3422956DB8F00490A539D95F1BF4965340CB90B5BA03104F643F96B9ABDCB5D34920E4E675DBAB81C038C11AB28459E1F10F15EBE9C21BA47427C72C2960DD8763BFCE27D47C4A06B24EBD911DED8A0ADE710930F87132830B1B8E0675447A48E519FB18FD66D4012DE35E03533CB9C13B7D19823092F7F0D9C0E5C0EF7BCF9017817CEBB550168BB846E91AA5FFF1E44B7F42215890A26157EFA5647AF412924BFC0F6CD278261BA1F959AE90F165DB11AD56CEB5223AF8BCCD5760AAB2ED5F11C56B517FFBC96B178E46EF11E7A4E8209C1CA887218600B8B20FAA80AA0B00816969A0AE25807374C24566AC03F8DFB417D0C3E43AC9BDA056AD0562A28C9F7C5EEC7AC847699170668113DF07F22A875C40D570B8CCF09EE00D91B9841A7D10F1763EE48C0BABA0F76EAD940AB5FB376C685E2EF4A81717F8ACDA8ED205FB819E62598FB343451EE47D73B9541D9F8FB6DF4029FC8FCEC0F5B94258DB49B39717B0FEB5DB3BA8FB1D28F4FE0319F84111BE08E9D251791A0A1809B55C307B0D337923EDB8CA4F2018DE38A3B7AADDFB938D93C4F3F287DBFDD542D11C747A319AAA9CA8446EA4D5A3B8B91B48B850009A9353596F2352839D55FD45F442272123402D58C80411E5113C50E35D28EDAD3C7271E9ABB4E7152C70B306571433323661D4D12B2FAB10304F721B07FF480431DC5AB557
23620170625145639 2 6 100 6143 5 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D9508CDF97 23620171130090503 2 6 100 6143 5 F2F9DF4571769305CF3128D1F3B27E0B51064C0D70472B4B834907A11B6C76DAA091DDD058F56E7E5A1A144CBAD246C592ADB38DB36673E636E06043CF3776DE42B2A3C52B29A5378A538205F863CBCE489A9D26209B2679B7C10179193C7B50CC806D8FEA57F761D54F010EDBDCBC7624B989AD0C894E9ABA77744E164CB92A615919DA4E66C41F0D7DE03C2C8C89077E8E712CB867993110D1DAC8F8CC87AEC5F98E0A46D2DA94727D432D4406AE31F8FB2B9DAD9E882994E41FA2B46D364B416F05BE0D579DC31D0ABD89EBA6789835C4B4CE6B8F0E9C19E2B99BBB55211D9392F18A210686F487C38F6ED33CAFA7F2468B423CC7F36DE73655CE7B94D681409616C94E55B31AB6DC3422956DB8F00490A539D95F1BF4965340CB90B5BA03104F643F96B9ABDCB5D34920E4E675DBAB81C038C11AB28459E1F10F15EBE9C21BA47427C72C2960DD8763BFCE27D47C4A06B24EBD911DED8A0ADE710930F87132830B1B8E0675447A48E519FB18FD66D4012DE35E03533CB9C13B7D19823092F7F0D9C0E5C0EF7BCF9017817CEBB550168BB846E91AA5FFF1E44B7F42215890A26157EFA5647AF412924BFC0F6CD278261BA1F959AE90F165DB11AD56CEB5223AF8BCCD5760AAB2ED5F11C56B517FFBC96B178E46EF11E7A4E8209C1CA887218600B8B20FAA80AA0B00816969A0AE25807374C24566AC03F8DFB417D0C3E43AC9BDA056AD0562A28C9F7C5EEC7AC847699170668113DF07F22A875C40D570B8CCF09EE00D91B9841A7D10F1763EE48C0BABA0F76EAD940AB5FB376C685E2EF4A81717F8ACDA8ED205FB819E62598FB343451EE47D73B9541D9F8FB6DF4029FC8FCEC0F5B94258DB49B39717B0FEB5DB3BA8FB1D28F4FE0319F84111BE08E9D251791A0A1809B55C307B0D337923EDB8CA4F2018DE38A3B7AADDFB938D93C4F3F287DBFDD542D11C747A319AAA9CA8446EA4D5A3B8B91B48B850009A9353596F2352839D55FD45F442272123402D58C80411E5113C50E35D28EDAD3C7271E9ABB4E7152C70B306571433323661D4D12B2FAB10304F721B07FF480431E0222F57
23720170625203254 2 6 100 6143 2 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D958CDC1DB 23720171130104830 2 6 100 6143 5 F2F9DF4571769305CF3128D1F3B27E0B51064C0D70472B4B834907A11B6C76DAA091DDD058F56E7E5A1A144CBAD246C592ADB38DB36673E636E06043CF3776DE42B2A3C52B29A5378A538205F863CBCE489A9D26209B2679B7C10179193C7B50CC806D8FEA57F761D54F010EDBDCBC7624B989AD0C894E9ABA77744E164CB92A615919DA4E66C41F0D7DE03C2C8C89077E8E712CB867993110D1DAC8F8CC87AEC5F98E0A46D2DA94727D432D4406AE31F8FB2B9DAD9E882994E41FA2B46D364B416F05BE0D579DC31D0ABD89EBA6789835C4B4CE6B8F0E9C19E2B99BBB55211D9392F18A210686F487C38F6ED33CAFA7F2468B423CC7F36DE73655CE7B94D681409616C94E55B31AB6DC3422956DB8F00490A539D95F1BF4965340CB90B5BA03104F643F96B9ABDCB5D34920E4E675DBAB81C038C11AB28459E1F10F15EBE9C21BA47427C72C2960DD8763BFCE27D47C4A06B24EBD911DED8A0ADE710930F87132830B1B8E0675447A48E519FB18FD66D4012DE35E03533CB9C13B7D19823092F7F0D9C0E5C0EF7BCF9017817CEBB550168BB846E91AA5FFF1E44B7F42215890A26157EFA5647AF412924BFC0F6CD278261BA1F959AE90F165DB11AD56CEB5223AF8BCCD5760AAB2ED5F11C56B517FFBC96B178E46EF11E7A4E8209C1CA887218600B8B20FAA80AA0B00816969A0AE25807374C24566AC03F8DFB417D0C3E43AC9BDA056AD0562A28C9F7C5EEC7AC847699170668113DF07F22A875C40D570B8CCF09EE00D91B9841A7D10F1763EE48C0BABA0F76EAD940AB5FB376C685E2EF4A81717F8ACDA8ED205FB819E62598FB343451EE47D73B9541D9F8FB6DF4029FC8FCEC0F5B94258DB49B39717B0FEB5DB3BA8FB1D28F4FE0319F84111BE08E9D251791A0A1809B55C307B0D337923EDB8CA4F2018DE38A3B7AADDFB938D93C4F3F287DBFDD542D11C747A319AAA9CA8446EA4D5A3B8B91B48B850009A9353596F2352839D55FD45F442272123402D58C80411E5113C50E35D28EDAD3C7271E9ABB4E7152C70B306571433323661D4D12B2FAB10304F721B07FF480431E2966E47
23820170625215049 2 6 100 6143 2 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D95AA6BE13 23820171130131919 2 6 100 6143 2 F2F9DF4571769305CF3128D1F3B27E0B51064C0D70472B4B834907A11B6C76DAA091DDD058F56E7E5A1A144CBAD246C592ADB38DB36673E636E06043CF3776DE42B2A3C52B29A5378A538205F863CBCE489A9D26209B2679B7C10179193C7B50CC806D8FEA57F761D54F010EDBDCBC7624B989AD0C894E9ABA77744E164CB92A615919DA4E66C41F0D7DE03C2C8C89077E8E712CB867993110D1DAC8F8CC87AEC5F98E0A46D2DA94727D432D4406AE31F8FB2B9DAD9E882994E41FA2B46D364B416F05BE0D579DC31D0ABD89EBA6789835C4B4CE6B8F0E9C19E2B99BBB55211D9392F18A210686F487C38F6ED33CAFA7F2468B423CC7F36DE73655CE7B94D681409616C94E55B31AB6DC3422956DB8F00490A539D95F1BF4965340CB90B5BA03104F643F96B9ABDCB5D34920E4E675DBAB81C038C11AB28459E1F10F15EBE9C21BA47427C72C2960DD8763BFCE27D47C4A06B24EBD911DED8A0ADE710930F87132830B1B8E0675447A48E519FB18FD66D4012DE35E03533CB9C13B7D19823092F7F0D9C0E5C0EF7BCF9017817CEBB550168BB846E91AA5FFF1E44B7F42215890A26157EFA5647AF412924BFC0F6CD278261BA1F959AE90F165DB11AD56CEB5223AF8BCCD5760AAB2ED5F11C56B517FFBC96B178E46EF11E7A4E8209C1CA887218600B8B20FAA80AA0B00816969A0AE25807374C24566AC03F8DFB417D0C3E43AC9BDA056AD0562A28C9F7C5EEC7AC847699170668113DF07F22A875C40D570B8CCF09EE00D91B9841A7D10F1763EE48C0BABA0F76EAD940AB5FB376C685E2EF4A81717F8ACDA8ED205FB819E62598FB343451EE47D73B9541D9F8FB6DF4029FC8FCEC0F5B94258DB49B39717B0FEB5DB3BA8FB1D28F4FE0319F84111BE08E9D251791A0A1809B55C307B0D337923EDB8CA4F2018DE38A3B7AADDFB938D93C4F3F287DBFDD542D11C747A319AAA9CA8446EA4D5A3B8B91B48B850009A9353596F2352839D55FD45F442272123402D58C80411E5113C50E35D28EDAD3C7271E9ABB4E7152C70B306571433323661D4D12B2FAB10304F721B07FF480431E65A304B
23920170625220255 2 6 100 6143 5 E30D9BCD65DA0EAEF6A1D4D083834D4724538836AE04DFB6A7DAF235F5D9992B7E42128D43E229BF4906EF0C6A27F60B95A1FC514C2D55A0D616B3B6924F08E9C0BCD8AE1CB624F645785C2AA552C94E125D6602CF63CF52014A1B0A4AE0DE823B03B6ABFA25839ABC3E8E050C295B8B3471EC58EAD9B659294C72EA65229E4E8EB21CA79CBB41BB552118A3CD32108E51D5FCE5C46A6CD03E4246CB57E32BAA09B15503FBFA4F4C943B2378F10EE312C1F12A14010AFD1698B8EBCCFC8D0DF17829A153199154EBF9E40FD81B8E1AF5881D0EC1D3BEDB2D0F1DB9C44C9D8E7047310623D4FAAE28D2C16612CFB9AE9A8FD05B8FE22930346ECF7B21B5800778EA0D5D3B7BDF18B03ABF33C9D0B4648CF687ED229C811CE290CFAF94F9C9AF4EC3E47480955E5C81E85DA9EBCE99652DA07225C7CCEF39E224556E48D6371981C7232E00F3419F7B335FF36FE3989558277654DB356063ABC8F7BD0EF828B40D3BFC06D12FEC51278ACD32C3B67D4E2A0BBA1E20BDDA06DB9AF6AB250179DE3332EAC0A6D381963B51E8E167B8285BA3E6538B1D38B16B32196ABE009ADFDAF5E686E0107F76ED10414B6249D6895188456505CDB897FFCCEB8931802F87C02DFDC62825C6255DF2654712BE230CC86A30229D9E3438DB35CEED8F8447B9209CDECFC1776D2C43B4B98E9EEA3F4C049C1287CDB4540D395A4BC992602150CCC0479597E221E201B778DCA9701C517C89B95004FC19373ED9755C90FF32C44013678876EAD3FE5E637BF2F1959130EAF79E7A93088F52AA0AC993324294536CF3787C3A3F06F2DC201A070967E6F4525803DC83F5160B560465A4CE4BF20315858BE0E62A07C55B3A772CBF93DE99AADFCB304D2B544A9F17A22C2BEB791D98F714CA7CFF701CB7CAEC55C292A25A147935D7BBD1E66F2ED3EBC66E763209169033CE5A2D9884DC0CBAFF37517372544E1EB780A26CC71E5649EDFD5DA2FCFB58093D74D76FC2DAEC54567104701C31E3872C15BAC5F2A96833EEDAB9B7FF731F827DB3273D271BA8F9DE06181C1E38D031896971D801C571954337D95AE8D4FF 23920171130151632 2 6 100 6143 2 F2F9DF4571769305CF3128D1F3B27E0B51064C0D70472B4B834907A11B6C76DAA091DDD058F56E7E5A1A144CBAD246C592ADB38DB36673E636E06043CF3776DE42B2A3C52B29A5378A538205F863CBCE489A9D26209B2679B7C10179193C7B50CC806D8FEA57F761D54F010EDBDCBC7624B989AD0C894E9ABA77744E164CB92A615919DA4E66C41F0D7DE03C2C8C89077E8E712CB867993110D1DAC8F8CC87AEC5F98E0A46D2DA94727D432D4406AE31F8FB2B9DAD9E882994E41FA2B46D364B416F05BE0D579DC31D0ABD89EBA6789835C4B4CE6B8F0E9C19E2B99BBB55211D9392F18A210686F487C38F6ED33CAFA7F2468B423CC7F36DE73655CE7B94D681409616C94E55B31AB6DC3422956DB8F00490A539D95F1BF4965340CB90B5BA03104F643F96B9ABDCB5D34920E4E675DBAB81C038C11AB28459E1F10F15EBE9C21BA47427C72C2960DD8763BFCE27D47C4A06B24EBD911DED8A0ADE710930F87132830B1B8E0675447A48E519FB18FD66D4012DE35E03533CB9C13B7D19823092F7F0D9C0E5C0EF7BCF9017817CEBB550168BB846E91AA5FFF1E44B7F42215890A26157EFA5647AF412924BFC0F6CD278261BA1F959AE90F165DB11AD56CEB5223AF8BCCD5760AAB2ED5F11C56B517FFBC96B178E46EF11E7A4E8209C1CA887218600B8B20FAA80AA0B00816969A0AE25807374C24566AC03F8DFB417D0C3E43AC9BDA056AD0562A28C9F7C5EEC7AC847699170668113DF07F22A875C40D570B8CCF09EE00D91B9841A7D10F1763EE48C0BABA0F76EAD940AB5FB376C685E2EF4A81717F8ACDA8ED205FB819E62598FB343451EE47D73B9541D9F8FB6DF4029FC8FCEC0F5B94258DB49B39717B0FEB5DB3BA8FB1D28F4FE0319F84111BE08E9D251791A0A1809B55C307B0D337923EDB8CA4F2018DE38A3B7AADDFB938D93C4F3F287DBFDD542D11C747A319AAA9CA8446EA4D5A3B8B91B48B850009A9353596F2352839D55FD45F442272123402D58C80411E5113C50E35D28EDAD3C7271E9ABB4E7152C70B306571433323661D4D12B2FAB10304F721B07FF480431E9314BFB
24020170626000351 2 6 100 6143 2 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973A06777EB 24020171130154516 2 6 100 6143 5 F2F9DF4571769305CF3128D1F3B27E0B51064C0D70472B4B834907A11B6C76DAA091DDD058F56E7E5A1A144CBAD246C592ADB38DB36673E636E06043CF3776DE42B2A3C52B29A5378A538205F863CBCE489A9D26209B2679B7C10179193C7B50CC806D8FEA57F761D54F010EDBDCBC7624B989AD0C894E9ABA77744E164CB92A615919DA4E66C41F0D7DE03C2C8C89077E8E712CB867993110D1DAC8F8CC87AEC5F98E0A46D2DA94727D432D4406AE31F8FB2B9DAD9E882994E41FA2B46D364B416F05BE0D579DC31D0ABD89EBA6789835C4B4CE6B8F0E9C19E2B99BBB55211D9392F18A210686F487C38F6ED33CAFA7F2468B423CC7F36DE73655CE7B94D681409616C94E55B31AB6DC3422956DB8F00490A539D95F1BF4965340CB90B5BA03104F643F96B9ABDCB5D34920E4E675DBAB81C038C11AB28459E1F10F15EBE9C21BA47427C72C2960DD8763BFCE27D47C4A06B24EBD911DED8A0ADE710930F87132830B1B8E0675447A48E519FB18FD66D4012DE35E03533CB9C13B7D19823092F7F0D9C0E5C0EF7BCF9017817CEBB550168BB846E91AA5FFF1E44B7F42215890A26157EFA5647AF412924BFC0F6CD278261BA1F959AE90F165DB11AD56CEB5223AF8BCCD5760AAB2ED5F11C56B517FFBC96B178E46EF11E7A4E8209C1CA887218600B8B20FAA80AA0B00816969A0AE25807374C24566AC03F8DFB417D0C3E43AC9BDA056AD0562A28C9F7C5EEC7AC847699170668113DF07F22A875C40D570B8CCF09EE00D91B9841A7D10F1763EE48C0BABA0F76EAD940AB5FB376C685E2EF4A81717F8ACDA8ED205FB819E62598FB343451EE47D73B9541D9F8FB6DF4029FC8FCEC0F5B94258DB49B39717B0FEB5DB3BA8FB1D28F4FE0319F84111BE08E9D251791A0A1809B55C307B0D337923EDB8CA4F2018DE38A3B7AADDFB938D93C4F3F287DBFDD542D11C747A319AAA9CA8446EA4D5A3B8B91B48B850009A9353596F2352839D55FD45F442272123402D58C80411E5113C50E35D28EDAD3C7271E9ABB4E7152C70B306571433323661D4D12B2FAB10304F721B07FF480431E9DF731F
24120170626010044 2 6 100 6143 2 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973A1E685DB 24120171130170406 2 6 100 6143 2 F2F9DF4571769305CF3128D1F3B27E0B51064C0D70472B4B834907A11B6C76DAA091DDD058F56E7E5A1A144CBAD246C592ADB38DB36673E636E06043CF3776DE42B2A3C52B29A5378A538205F863CBCE489A9D26209B2679B7C10179193C7B50CC806D8FEA57F761D54F010EDBDCBC7624B989AD0C894E9ABA77744E164CB92A615919DA4E66C41F0D7DE03C2C8C89077E8E712CB867993110D1DAC8F8CC87AEC5F98E0A46D2DA94727D432D4406AE31F8FB2B9DAD9E882994E41FA2B46D364B416F05BE0D579DC31D0ABD89EBA6789835C4B4CE6B8F0E9C19E2B99BBB55211D9392F18A210686F487C38F6ED33CAFA7F2468B423CC7F36DE73655CE7B94D681409616C94E55B31AB6DC3422956DB8F00490A539D95F1BF4965340CB90B5BA03104F643F96B9ABDCB5D34920E4E675DBAB81C038C11AB28459E1F10F15EBE9C21BA47427C72C2960DD8763BFCE27D47C4A06B24EBD911DED8A0ADE710930F87132830B1B8E0675447A48E519FB18FD66D4012DE35E03533CB9C13B7D19823092F7F0D9C0E5C0EF7BCF9017817CEBB550168BB846E91AA5FFF1E44B7F42215890A26157EFA5647AF412924BFC0F6CD278261BA1F959AE90F165DB11AD56CEB5223AF8BCCD5760AAB2ED5F11C56B517FFBC96B178E46EF11E7A4E8209C1CA887218600B8B20FAA80AA0B00816969A0AE25807374C24566AC03F8DFB417D0C3E43AC9BDA056AD0562A28C9F7C5EEC7AC847699170668113DF07F22A875C40D570B8CCF09EE00D91B9841A7D10F1763EE48C0BABA0F76EAD940AB5FB376C685E2EF4A81717F8ACDA8ED205FB819E62598FB343451EE47D73B9541D9F8FB6DF4029FC8FCEC0F5B94258DB49B39717B0FEB5DB3BA8FB1D28F4FE0319F84111BE08E9D251791A0A1809B55C307B0D337923EDB8CA4F2018DE38A3B7AADDFB938D93C4F3F287DBFDD542D11C747A319AAA9CA8446EA4D5A3B8B91B48B850009A9353596F2352839D55FD45F442272123402D58C80411E5113C50E35D28EDAD3C7271E9ABB4E7152C70B306571433323661D4D12B2FAB10304F721B07FF480431EBBC2FF3
24220170626011405 2 6 100 6143 2 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973A237A0AB 24220171130200258 2 6 100 6143 2 F2F9DF4571769305CF3128D1F3B27E0B51064C0D70472B4B834907A11B6C76DAA091DDD058F56E7E5A1A144CBAD246C592ADB38DB36673E636E06043CF3776DE42B2A3C52B29A5378A538205F863CBCE489A9D26209B2679B7C10179193C7B50CC806D8FEA57F761D54F010EDBDCBC7624B989AD0C894E9ABA77744E164CB92A615919DA4E66C41F0D7DE03C2C8C89077E8E712CB867993110D1DAC8F8CC87AEC5F98E0A46D2DA94727D432D4406AE31F8FB2B9DAD9E882994E41FA2B46D364B416F05BE0D579DC31D0ABD89EBA6789835C4B4CE6B8F0E9C19E2B99BBB55211D9392F18A210686F487C38F6ED33CAFA7F2468B423CC7F36DE73655CE7B94D681409616C94E55B31AB6DC3422956DB8F00490A539D95F1BF4965340CB90B5BA03104F643F96B9ABDCB5D34920E4E675DBAB81C038C11AB28459E1F10F15EBE9C21BA47427C72C2960DD8763BFCE27D47C4A06B24EBD911DED8A0ADE710930F87132830B1B8E0675447A48E519FB18FD66D4012DE35E03533CB9C13B7D19823092F7F0D9C0E5C0EF7BCF9017817CEBB550168BB846E91AA5FFF1E44B7F42215890A26157EFA5647AF412924BFC0F6CD278261BA1F959AE90F165DB11AD56CEB5223AF8BCCD5760AAB2ED5F11C56B517FFBC96B178E46EF11E7A4E8209C1CA887218600B8B20FAA80AA0B00816969A0AE25807374C24566AC03F8DFB417D0C3E43AC9BDA056AD0562A28C9F7C5EEC7AC847699170668113DF07F22A875C40D570B8CCF09EE00D91B9841A7D10F1763EE48C0BABA0F76EAD940AB5FB376C685E2EF4A81717F8ACDA8ED205FB819E62598FB343451EE47D73B9541D9F8FB6DF4029FC8FCEC0F5B94258DB49B39717B0FEB5DB3BA8FB1D28F4FE0319F84111BE08E9D251791A0A1809B55C307B0D337923EDB8CA4F2018DE38A3B7AADDFB938D93C4F3F287DBFDD542D11C747A319AAA9CA8446EA4D5A3B8B91B48B850009A9353596F2352839D55FD45F442272123402D58C80411E5113C50E35D28EDAD3C7271E9ABB4E7152C70B306571433323661D4D12B2FAB10304F721B07FF480431EFD0ED9B
24320170626020723 2 6 100 6143 2 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973A39C76DB 24320171130222515 2 6 100 6143 2 F2F9DF4571769305CF3128D1F3B27E0B51064C0D70472B4B834907A11B6C76DAA091DDD058F56E7E5A1A144CBAD246C592ADB38DB36673E636E06043CF3776DE42B2A3C52B29A5378A538205F863CBCE489A9D26209B2679B7C10179193C7B50CC806D8FEA57F761D54F010EDBDCBC7624B989AD0C894E9ABA77744E164CB92A615919DA4E66C41F0D7DE03C2C8C89077E8E712CB867993110D1DAC8F8CC87AEC5F98E0A46D2DA94727D432D4406AE31F8FB2B9DAD9E882994E41FA2B46D364B416F05BE0D579DC31D0ABD89EBA6789835C4B4CE6B8F0E9C19E2B99BBB55211D9392F18A210686F487C38F6ED33CAFA7F2468B423CC7F36DE73655CE7B94D681409616C94E55B31AB6DC3422956DB8F00490A539D95F1BF4965340CB90B5BA03104F643F96B9ABDCB5D34920E4E675DBAB81C038C11AB28459E1F10F15EBE9C21BA47427C72C2960DD8763BFCE27D47C4A06B24EBD911DED8A0ADE710930F87132830B1B8E0675447A48E519FB18FD66D4012DE35E03533CB9C13B7D19823092F7F0D9C0E5C0EF7BCF9017817CEBB550168BB846E91AA5FFF1E44B7F42215890A26157EFA5647AF412924BFC0F6CD278261BA1F959AE90F165DB11AD56CEB5223AF8BCCD5760AAB2ED5F11C56B517FFBC96B178E46EF11E7A4E8209C1CA887218600B8B20FAA80AA0B00816969A0AE25807374C24566AC03F8DFB417D0C3E43AC9BDA056AD0562A28C9F7C5EEC7AC847699170668113DF07F22A875C40D570B8CCF09EE00D91B9841A7D10F1763EE48C0BABA0F76EAD940AB5FB376C685E2EF4A81717F8ACDA8ED205FB819E62598FB343451EE47D73B9541D9F8FB6DF4029FC8FCEC0F5B94258DB49B39717B0FEB5DB3BA8FB1D28F4FE0319F84111BE08E9D251791A0A1809B55C307B0D337923EDB8CA4F2018DE38A3B7AADDFB938D93C4F3F287DBFDD542D11C747A319AAA9CA8446EA4D5A3B8B91B48B850009A9353596F2352839D55FD45F442272123402D58C80411E5113C50E35D28EDAD3C7271E9ABB4E7152C70B306571433323661D4D12B2FAB10304F721B07FF480431F32CBD03
24420170626021405 2 6 100 6143 5 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973A3C0D837 24420171130230654 2 6 100 6143 2 F2F9DF4571769305CF3128D1F3B27E0B51064C0D70472B4B834907A11B6C76DAA091DDD058F56E7E5A1A144CBAD246C592ADB38DB36673E636E06043CF3776DE42B2A3C52B29A5378A538205F863CBCE489A9D26209B2679B7C10179193C7B50CC806D8FEA57F761D54F010EDBDCBC7624B989AD0C894E9ABA77744E164CB92A615919DA4E66C41F0D7DE03C2C8C89077E8E712CB867993110D1DAC8F8CC87AEC5F98E0A46D2DA94727D432D4406AE31F8FB2B9DAD9E882994E41FA2B46D364B416F05BE0D579DC31D0ABD89EBA6789835C4B4CE6B8F0E9C19E2B99BBB55211D9392F18A210686F487C38F6ED33CAFA7F2468B423CC7F36DE73655CE7B94D681409616C94E55B31AB6DC3422956DB8F00490A539D95F1BF4965340CB90B5BA03104F643F96B9ABDCB5D34920E4E675DBAB81C038C11AB28459E1F10F15EBE9C21BA47427C72C2960DD8763BFCE27D47C4A06B24EBD911DED8A0ADE710930F87132830B1B8E0675447A48E519FB18FD66D4012DE35E03533CB9C13B7D19823092F7F0D9C0E5C0EF7BCF9017817CEBB550168BB846E91AA5FFF1E44B7F42215890A26157EFA5647AF412924BFC0F6CD278261BA1F959AE90F165DB11AD56CEB5223AF8BCCD5760AAB2ED5F11C56B517FFBC96B178E46EF11E7A4E8209C1CA887218600B8B20FAA80AA0B00816969A0AE25807374C24566AC03F8DFB417D0C3E43AC9BDA056AD0562A28C9F7C5EEC7AC847699170668113DF07F22A875C40D570B8CCF09EE00D91B9841A7D10F1763EE48C0BABA0F76EAD940AB5FB376C685E2EF4A81717F8ACDA8ED205FB819E62598FB343451EE47D73B9541D9F8FB6DF4029FC8FCEC0F5B94258DB49B39717B0FEB5DB3BA8FB1D28F4FE0319F84111BE08E9D251791A0A1809B55C307B0D337923EDB8CA4F2018DE38A3B7AADDFB938D93C4F3F287DBFDD542D11C747A319AAA9CA8446EA4D5A3B8B91B48B850009A9353596F2352839D55FD45F442272123402D58C80411E5113C50E35D28EDAD3C7271E9ABB4E7152C70B306571433323661D4D12B2FAB10304F721B07FF480431F4224A5B
24520170626025354 2 6 100 6143 2 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973A4CB1E73 24520171130235630 2 6 100 6143 2 F2F9DF4571769305CF3128D1F3B27E0B51064C0D70472B4B834907A11B6C76DAA091DDD058F56E7E5A1A144CBAD246C592ADB38DB36673E636E06043CF3776DE42B2A3C52B29A5378A538205F863CBCE489A9D26209B2679B7C10179193C7B50CC806D8FEA57F761D54F010EDBDCBC7624B989AD0C894E9ABA77744E164CB92A615919DA4E66C41F0D7DE03C2C8C89077E8E712CB867993110D1DAC8F8CC87AEC5F98E0A46D2DA94727D432D4406AE31F8FB2B9DAD9E882994E41FA2B46D364B416F05BE0D579DC31D0ABD89EBA6789835C4B4CE6B8F0E9C19E2B99BBB55211D9392F18A210686F487C38F6ED33CAFA7F2468B423CC7F36DE73655CE7B94D681409616C94E55B31AB6DC3422956DB8F00490A539D95F1BF4965340CB90B5BA03104F643F96B9ABDCB5D34920E4E675DBAB81C038C11AB28459E1F10F15EBE9C21BA47427C72C2960DD8763BFCE27D47C4A06B24EBD911DED8A0ADE710930F87132830B1B8E0675447A48E519FB18FD66D4012DE35E03533CB9C13B7D19823092F7F0D9C0E5C0EF7BCF9017817CEBB550168BB846E91AA5FFF1E44B7F42215890A26157EFA5647AF412924BFC0F6CD278261BA1F959AE90F165DB11AD56CEB5223AF8BCCD5760AAB2ED5F11C56B517FFBC96B178E46EF11E7A4E8209C1CA887218600B8B20FAA80AA0B00816969A0AE25807374C24566AC03F8DFB417D0C3E43AC9BDA056AD0562A28C9F7C5EEC7AC847699170668113DF07F22A875C40D570B8CCF09EE00D91B9841A7D10F1763EE48C0BABA0F76EAD940AB5FB376C685E2EF4A81717F8ACDA8ED205FB819E62598FB343451EE47D73B9541D9F8FB6DF4029FC8FCEC0F5B94258DB49B39717B0FEB5DB3BA8FB1D28F4FE0319F84111BE08E9D251791A0A1809B55C307B0D337923EDB8CA4F2018DE38A3B7AADDFB938D93C4F3F287DBFDD542D11C747A319AAA9CA8446EA4D5A3B8B91B48B850009A9353596F2352839D55FD45F442272123402D58C80411E5113C50E35D28EDAD3C7271E9ABB4E7152C70B306571433323661D4D12B2FAB10304F721B07FF480431F549CCE3
24620170626025848 2 6 100 6143 5 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973A4E33427 24620171203125416 2 6 100 6143 5 F2F9DF4571769305CF3128D1F3B27E0B51064C0D70472B4B834907A11B6C76DAA091DDD058F56E7E5A1A144CBAD246C592ADB38DB36673E636E06043CF3776DE42B2A3C52B29A5378A538205F863CBCE489A9D26209B2679B7C10179193C7B50CC806D8FEA57F761D54F010EDBDCBC7624B989AD0C894E9ABA77744E164CB92A615919DA4E66C41F0D7DE03C2C8C89077E8E712CB867993110D1DAC8F8CC87AEC5F98E0A46D2DA94727D432D4406AE31F8FB2B9DAD9E882994E41FA2B46D364B416F05BE0D579DC31D0ABD89EBA6789835C4B4CE6B8F0E9C19E2B99BBB55211D9392F18A210686F487C38F6ED33CAFA7F2468B423CC7F36DE73655CE7B94D681409616C94E55B31AB6DC3422956DB8F00490A539D95F1BF4965340CB90B5BA03104F643F96B9ABDCB5D34920E4E675DBAB81C038C11AB28459E1F10F15EBE9C21BA47427C72C2960DD8763BFCE27D47C4A06B24EBD911DED8A0ADE710930F87132830B1B8E0675447A48E519FB18FD66D4012DE35E03533CB9C13B7D19823092F7F0D9C0E5C0EF7BCF9017817CEBB550168BB846E91AA5FFF1E44B7F42215890A26157EFA5647AF412924BFC0F6CD278261BA1F959AE90F165DB11AD56CEB5223AF8BCCD5760AAB2ED5F11C56B517FFBC96B178E46EF11E7A4E8209C1CA887218600B8B20FAA80AA0B00816969A0AE25807374C24566AC03F8DFB417D0C3E43AC9BDA056AD0562A28C9F7C5EEC7AC847699170668113DF07F22A875C40D570B8CCF09EE00D91B9841A7D10F1763EE48C0BABA0F76EAD940AB5FB376C685E2EF4A81717F8ACDA8ED205FB819E62598FB343451EE47D73B9541D9F8FB6DF4029FC8FCEC0F5B94258DB49B39717B0FEB5DB3BA8FB1D28F4FE0319F84111BE08E9D251791A0A1809B55C307B0D337923EDB8CA4F2018DE38A3B7AADDFB938D93C4F3F287DBFDD542D11C747A319AAA9CA8446EA4D5A3B8B91B48B850009A9353596F2352839D55FD45F442272123402D58C80411E5113C50E35D28EDAD3C7271E9ABB4E7152C70B306571433323661D4D12B2FAB10304F721B07FF480431FC1A85BF
24720170626034407 2 6 100 6143 5 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973A60D840F 24720171203150512 2 6 100 6143 5 F2F9DF4571769305CF3128D1F3B27E0B51064C0D70472B4B834907A11B6C76DAA091DDD058F56E7E5A1A144CBAD246C592ADB38DB36673E636E06043CF3776DE42B2A3C52B29A5378A538205F863CBCE489A9D26209B2679B7C10179193C7B50CC806D8FEA57F761D54F010EDBDCBC7624B989AD0C894E9ABA77744E164CB92A615919DA4E66C41F0D7DE03C2C8C89077E8E712CB867993110D1DAC8F8CC87AEC5F98E0A46D2DA94727D432D4406AE31F8FB2B9DAD9E882994E41FA2B46D364B416F05BE0D579DC31D0ABD89EBA6789835C4B4CE6B8F0E9C19E2B99BBB55211D9392F18A210686F487C38F6ED33CAFA7F2468B423CC7F36DE73655CE7B94D681409616C94E55B31AB6DC3422956DB8F00490A539D95F1BF4965340CB90B5BA03104F643F96B9ABDCB5D34920E4E675DBAB81C038C11AB28459E1F10F15EBE9C21BA47427C72C2960DD8763BFCE27D47C4A06B24EBD911DED8A0ADE710930F87132830B1B8E0675447A48E519FB18FD66D4012DE35E03533CB9C13B7D19823092F7F0D9C0E5C0EF7BCF9017817CEBB550168BB846E91AA5FFF1E44B7F42215890A26157EFA5647AF412924BFC0F6CD278261BA1F959AE90F165DB11AD56CEB5223AF8BCCD5760AAB2ED5F11C56B517FFBC96B178E46EF11E7A4E8209C1CA887218600B8B20FAA80AA0B00816969A0AE25807374C24566AC03F8DFB417D0C3E43AC9BDA056AD0562A28C9F7C5EEC7AC847699170668113DF07F22A875C40D570B8CCF09EE00D91B9841A7D10F1763EE48C0BABA0F76EAD940AB5FB376C685E2EF4A81717F8ACDA8ED205FB819E62598FB343451EE47D73B9541D9F8FB6DF4029FC8FCEC0F5B94258DB49B39717B0FEB5DB3BA8FB1D28F4FE0319F84111BE08E9D251791A0A1809B55C307B0D337923EDB8CA4F2018DE38A3B7AADDFB938D93C4F3F287DBFDD542D11C747A319AAA9CA8446EA4D5A3B8B91B48B850009A9353596F2352839D55FD45F442272123402D58C80411E5113C50E35D28EDAD3C7271E9ABB4E7152C70B306571433323661D4D12B2FAB10304F721B07FF480431FF1C415F
24820170626042648 2 6 100 6143 2 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973A7271AD3 24820171203162042 2 6 100 6143 5 F2F9DF4571769305CF3128D1F3B27E0B51064C0D70472B4B834907A11B6C76DAA091DDD058F56E7E5A1A144CBAD246C592ADB38DB36673E636E06043CF3776DE42B2A3C52B29A5378A538205F863CBCE489A9D26209B2679B7C10179193C7B50CC806D8FEA57F761D54F010EDBDCBC7624B989AD0C894E9ABA77744E164CB92A615919DA4E66C41F0D7DE03C2C8C89077E8E712CB867993110D1DAC8F8CC87AEC5F98E0A46D2DA94727D432D4406AE31F8FB2B9DAD9E882994E41FA2B46D364B416F05BE0D579DC31D0ABD89EBA6789835C4B4CE6B8F0E9C19E2B99BBB55211D9392F18A210686F487C38F6ED33CAFA7F2468B423CC7F36DE73655CE7B94D681409616C94E55B31AB6DC3422956DB8F00490A539D95F1BF4965340CB90B5BA03104F643F96B9ABDCB5D34920E4E675DBAB81C038C11AB28459E1F10F15EBE9C21BA47427C72C2960DD8763BFCE27D47C4A06B24EBD911DED8A0ADE710930F87132830B1B8E0675447A48E519FB18FD66D4012DE35E03533CB9C13B7D19823092F7F0D9C0E5C0EF7BCF9017817CEBB550168BB846E91AA5FFF1E44B7F42215890A26157EFA5647AF412924BFC0F6CD278261BA1F959AE90F165DB11AD56CEB5223AF8BCCD5760AAB2ED5F11C56B517FFBC96B178E46EF11E7A4E8209C1CA887218600B8B20FAA80AA0B00816969A0AE25807374C24566AC03F8DFB417D0C3E43AC9BDA056AD0562A28C9F7C5EEC7AC847699170668113DF07F22A875C40D570B8CCF09EE00D91B9841A7D10F1763EE48C0BABA0F76EAD940AB5FB376C685E2EF4A81717F8ACDA8ED205FB819E62598FB343451EE47D73B9541D9F8FB6DF4029FC8FCEC0F5B94258DB49B39717B0FEB5DB3BA8FB1D28F4FE0319F84111BE08E9D251791A0A1809B55C307B0D337923EDB8CA4F2018DE38A3B7AADDFB938D93C4F3F287DBFDD542D11C747A319AAA9CA8446EA4D5A3B8B91B48B850009A9353596F2352839D55FD45F442272123402D58C80411E5113C50E35D28EDAD3C7271E9ABB4E7152C70B306571433323661D4D12B2FAB10304F721B07FF48043200E63AC7
24920170626063327 2 6 100 6143 5 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973AA7A8227 24920171203162245 2 6 100 6143 2 F2F9DF4571769305CF3128D1F3B27E0B51064C0D70472B4B834907A11B6C76DAA091DDD058F56E7E5A1A144CBAD246C592ADB38DB36673E636E06043CF3776DE42B2A3C52B29A5378A538205F863CBCE489A9D26209B2679B7C10179193C7B50CC806D8FEA57F761D54F010EDBDCBC7624B989AD0C894E9ABA77744E164CB92A615919DA4E66C41F0D7DE03C2C8C89077E8E712CB867993110D1DAC8F8CC87AEC5F98E0A46D2DA94727D432D4406AE31F8FB2B9DAD9E882994E41FA2B46D364B416F05BE0D579DC31D0ABD89EBA6789835C4B4CE6B8F0E9C19E2B99BBB55211D9392F18A210686F487C38F6ED33CAFA7F2468B423CC7F36DE73655CE7B94D681409616C94E55B31AB6DC3422956DB8F00490A539D95F1BF4965340CB90B5BA03104F643F96B9ABDCB5D34920E4E675DBAB81C038C11AB28459E1F10F15EBE9C21BA47427C72C2960DD8763BFCE27D47C4A06B24EBD911DED8A0ADE710930F87132830B1B8E0675447A48E519FB18FD66D4012DE35E03533CB9C13B7D19823092F7F0D9C0E5C0EF7BCF9017817CEBB550168BB846E91AA5FFF1E44B7F42215890A26157EFA5647AF412924BFC0F6CD278261BA1F959AE90F165DB11AD56CEB5223AF8BCCD5760AAB2ED5F11C56B517FFBC96B178E46EF11E7A4E8209C1CA887218600B8B20FAA80AA0B00816969A0AE25807374C24566AC03F8DFB417D0C3E43AC9BDA056AD0562A28C9F7C5EEC7AC847699170668113DF07F22A875C40D570B8CCF09EE00D91B9841A7D10F1763EE48C0BABA0F76EAD940AB5FB376C685E2EF4A81717F8ACDA8ED205FB819E62598FB343451EE47D73B9541D9F8FB6DF4029FC8FCEC0F5B94258DB49B39717B0FEB5DB3BA8FB1D28F4FE0319F84111BE08E9D251791A0A1809B55C307B0D337923EDB8CA4F2018DE38A3B7AADDFB938D93C4F3F287DBFDD542D11C747A319AAA9CA8446EA4D5A3B8B91B48B850009A9353596F2352839D55FD45F442272123402D58C80411E5113C50E35D28EDAD3C7271E9ABB4E7152C70B306571433323661D4D12B2FAB10304F721B07FF48043200EA5A8B
25020170626073301 2 6 100 6143 2 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973AC001F7B 25020171203172127 2 6 100 6143 5 F2F9DF4571769305CF3128D1F3B27E0B51064C0D70472B4B834907A11B6C76DAA091DDD058F56E7E5A1A144CBAD246C592ADB38DB36673E636E06043CF3776DE42B2A3C52B29A5378A538205F863CBCE489A9D26209B2679B7C10179193C7B50CC806D8FEA57F761D54F010EDBDCBC7624B989AD0C894E9ABA77744E164CB92A615919DA4E66C41F0D7DE03C2C8C89077E8E712CB867993110D1DAC8F8CC87AEC5F98E0A46D2DA94727D432D4406AE31F8FB2B9DAD9E882994E41FA2B46D364B416F05BE0D579DC31D0ABD89EBA6789835C4B4CE6B8F0E9C19E2B99BBB55211D9392F18A210686F487C38F6ED33CAFA7F2468B423CC7F36DE73655CE7B94D681409616C94E55B31AB6DC3422956DB8F00490A539D95F1BF4965340CB90B5BA03104F643F96B9ABDCB5D34920E4E675DBAB81C038C11AB28459E1F10F15EBE9C21BA47427C72C2960DD8763BFCE27D47C4A06B24EBD911DED8A0ADE710930F87132830B1B8E0675447A48E519FB18FD66D4012DE35E03533CB9C13B7D19823092F7F0D9C0E5C0EF7BCF9017817CEBB550168BB846E91AA5FFF1E44B7F42215890A26157EFA5647AF412924BFC0F6CD278261BA1F959AE90F165DB11AD56CEB5223AF8BCCD5760AAB2ED5F11C56B517FFBC96B178E46EF11E7A4E8209C1CA887218600B8B20FAA80AA0B00816969A0AE25807374C24566AC03F8DFB417D0C3E43AC9BDA056AD0562A28C9F7C5EEC7AC847699170668113DF07F22A875C40D570B8CCF09EE00D91B9841A7D10F1763EE48C0BABA0F76EAD940AB5FB376C685E2EF4A81717F8ACDA8ED205FB819E62598FB343451EE47D73B9541D9F8FB6DF4029FC8FCEC0F5B94258DB49B39717B0FEB5DB3BA8FB1D28F4FE0319F84111BE08E9D251791A0A1809B55C307B0D337923EDB8CA4F2018DE38A3B7AADDFB938D93C4F3F287DBFDD542D11C747A319AAA9CA8446EA4D5A3B8B91B48B850009A9353596F2352839D55FD45F442272123402D58C80411E5113C50E35D28EDAD3C7271E9ABB4E7152C70B306571433323661D4D12B2FAB10304F721B07FF4804320235B727
25120170626073912 2 6 100 6143 5 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973AC204247 25120171203181636 2 6 100 6143 2 F2F9DF4571769305CF3128D1F3B27E0B51064C0D70472B4B834907A11B6C76DAA091DDD058F56E7E5A1A144CBAD246C592ADB38DB36673E636E06043CF3776DE42B2A3C52B29A5378A538205F863CBCE489A9D26209B2679B7C10179193C7B50CC806D8FEA57F761D54F010EDBDCBC7624B989AD0C894E9ABA77744E164CB92A615919DA4E66C41F0D7DE03C2C8C89077E8E712CB867993110D1DAC8F8CC87AEC5F98E0A46D2DA94727D432D4406AE31F8FB2B9DAD9E882994E41FA2B46D364B416F05BE0D579DC31D0ABD89EBA6789835C4B4CE6B8F0E9C19E2B99BBB55211D9392F18A210686F487C38F6ED33CAFA7F2468B423CC7F36DE73655CE7B94D681409616C94E55B31AB6DC3422956DB8F00490A539D95F1BF4965340CB90B5BA03104F643F96B9ABDCB5D34920E4E675DBAB81C038C11AB28459E1F10F15EBE9C21BA47427C72C2960DD8763BFCE27D47C4A06B24EBD911DED8A0ADE710930F87132830B1B8E0675447A48E519FB18FD66D4012DE35E03533CB9C13B7D19823092F7F0D9C0E5C0EF7BCF9017817CEBB550168BB846E91AA5FFF1E44B7F42215890A26157EFA5647AF412924BFC0F6CD278261BA1F959AE90F165DB11AD56CEB5223AF8BCCD5760AAB2ED5F11C56B517FFBC96B178E46EF11E7A4E8209C1CA887218600B8B20FAA80AA0B00816969A0AE25807374C24566AC03F8DFB417D0C3E43AC9BDA056AD0562A28C9F7C5EEC7AC847699170668113DF07F22A875C40D570B8CCF09EE00D91B9841A7D10F1763EE48C0BABA0F76EAD940AB5FB376C685E2EF4A81717F8ACDA8ED205FB819E62598FB343451EE47D73B9541D9F8FB6DF4029FC8FCEC0F5B94258DB49B39717B0FEB5DB3BA8FB1D28F4FE0319F84111BE08E9D251791A0A1809B55C307B0D337923EDB8CA4F2018DE38A3B7AADDFB938D93C4F3F287DBFDD542D11C747A319AAA9CA8446EA4D5A3B8B91B48B850009A9353596F2352839D55FD45F442272123402D58C80411E5113C50E35D28EDAD3C7271E9ABB4E7152C70B306571433323661D4D12B2FAB10304F721B07FF4804320364E433
25220170626083935 2 6 100 6143 5 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973ADB29CEF 25220171203183124 2 6 100 6143 5 F2F9DF4571769305CF3128D1F3B27E0B51064C0D70472B4B834907A11B6C76DAA091DDD058F56E7E5A1A144CBAD246C592ADB38DB36673E636E06043CF3776DE42B2A3C52B29A5378A538205F863CBCE489A9D26209B2679B7C10179193C7B50CC806D8FEA57F761D54F010EDBDCBC7624B989AD0C894E9ABA77744E164CB92A615919DA4E66C41F0D7DE03C2C8C89077E8E712CB867993110D1DAC8F8CC87AEC5F98E0A46D2DA94727D432D4406AE31F8FB2B9DAD9E882994E41FA2B46D364B416F05BE0D579DC31D0ABD89EBA6789835C4B4CE6B8F0E9C19E2B99BBB55211D9392F18A210686F487C38F6ED33CAFA7F2468B423CC7F36DE73655CE7B94D681409616C94E55B31AB6DC3422956DB8F00490A539D95F1BF4965340CB90B5BA03104F643F96B9ABDCB5D34920E4E675DBAB81C038C11AB28459E1F10F15EBE9C21BA47427C72C2960DD8763BFCE27D47C4A06B24EBD911DED8A0ADE710930F87132830B1B8E0675447A48E519FB18FD66D4012DE35E03533CB9C13B7D19823092F7F0D9C0E5C0EF7BCF9017817CEBB550168BB846E91AA5FFF1E44B7F42215890A26157EFA5647AF412924BFC0F6CD278261BA1F959AE90F165DB11AD56CEB5223AF8BCCD5760AAB2ED5F11C56B517FFBC96B178E46EF11E7A4E8209C1CA887218600B8B20FAA80AA0B00816969A0AE25807374C24566AC03F8DFB417D0C3E43AC9BDA056AD0562A28C9F7C5EEC7AC847699170668113DF07F22A875C40D570B8CCF09EE00D91B9841A7D10F1763EE48C0BABA0F76EAD940AB5FB376C685E2EF4A81717F8ACDA8ED205FB819E62598FB343451EE47D73B9541D9F8FB6DF4029FC8FCEC0F5B94258DB49B39717B0FEB5DB3BA8FB1D28F4FE0319F84111BE08E9D251791A0A1809B55C307B0D337923EDB8CA4F2018DE38A3B7AADDFB938D93C4F3F287DBFDD542D11C747A319AAA9CA8446EA4D5A3B8B91B48B850009A9353596F2352839D55FD45F442272123402D58C80411E5113C50E35D28EDAD3C7271E9ABB4E7152C70B306571433323661D4D12B2FAB10304F721B07FF48043203B31AB7
25320170626085130 2 6 100 6143 2 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973ADFA675B 25320171203185109 2 6 100 6143 2 F2F9DF4571769305CF3128D1F3B27E0B51064C0D70472B4B834907A11B6C76DAA091DDD058F56E7E5A1A144CBAD246C592ADB38DB36673E636E06043CF3776DE42B2A3C52B29A5378A538205F863CBCE489A9D26209B2679B7C10179193C7B50CC806D8FEA57F761D54F010EDBDCBC7624B989AD0C894E9ABA77744E164CB92A615919DA4E66C41F0D7DE03C2C8C89077E8E712CB867993110D1DAC8F8CC87AEC5F98E0A46D2DA94727D432D4406AE31F8FB2B9DAD9E882994E41FA2B46D364B416F05BE0D579DC31D0ABD89EBA6789835C4B4CE6B8F0E9C19E2B99BBB55211D9392F18A210686F487C38F6ED33CAFA7F2468B423CC7F36DE73655CE7B94D681409616C94E55B31AB6DC3422956DB8F00490A539D95F1BF4965340CB90B5BA03104F643F96B9ABDCB5D34920E4E675DBAB81C038C11AB28459E1F10F15EBE9C21BA47427C72C2960DD8763BFCE27D47C4A06B24EBD911DED8A0ADE710930F87132830B1B8E0675447A48E519FB18FD66D4012DE35E03533CB9C13B7D19823092F7F0D9C0E5C0EF7BCF9017817CEBB550168BB846E91AA5FFF1E44B7F42215890A26157EFA5647AF412924BFC0F6CD278261BA1F959AE90F165DB11AD56CEB5223AF8BCCD5760AAB2ED5F11C56B517FFBC96B178E46EF11E7A4E8209C1CA887218600B8B20FAA80AA0B00816969A0AE25807374C24566AC03F8DFB417D0C3E43AC9BDA056AD0562A28C9F7C5EEC7AC847699170668113DF07F22A875C40D570B8CCF09EE00D91B9841A7D10F1763EE48C0BABA0F76EAD940AB5FB376C685E2EF4A81717F8ACDA8ED205FB819E62598FB343451EE47D73B9541D9F8FB6DF4029FC8FCEC0F5B94258DB49B39717B0FEB5DB3BA8FB1D28F4FE0319F84111BE08E9D251791A0A1809B55C307B0D337923EDB8CA4F2018DE38A3B7AADDFB938D93C4F3F287DBFDD542D11C747A319AAA9CA8446EA4D5A3B8B91B48B850009A9353596F2352839D55FD45F442272123402D58C80411E5113C50E35D28EDAD3C7271E9ABB4E7152C70B306571433323661D4D12B2FAB10304F721B07FF48043204236403
25420170626103016 2 6 100 6143 2 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973B0702723 25420171203190034 2 6 100 6143 5 F2F9DF4571769305CF3128D1F3B27E0B51064C0D70472B4B834907A11B6C76DAA091DDD058F56E7E5A1A144CBAD246C592ADB38DB36673E636E06043CF3776DE42B2A3C52B29A5378A538205F863CBCE489A9D26209B2679B7C10179193C7B50CC806D8FEA57F761D54F010EDBDCBC7624B989AD0C894E9ABA77744E164CB92A615919DA4E66C41F0D7DE03C2C8C89077E8E712CB867993110D1DAC8F8CC87AEC5F98E0A46D2DA94727D432D4406AE31F8FB2B9DAD9E882994E41FA2B46D364B416F05BE0D579DC31D0ABD89EBA6789835C4B4CE6B8F0E9C19E2B99BBB55211D9392F18A210686F487C38F6ED33CAFA7F2468B423CC7F36DE73655CE7B94D681409616C94E55B31AB6DC3422956DB8F00490A539D95F1BF4965340CB90B5BA03104F643F96B9ABDCB5D34920E4E675DBAB81C038C11AB28459E1F10F15EBE9C21BA47427C72C2960DD8763BFCE27D47C4A06B24EBD911DED8A0ADE710930F87132830B1B8E0675447A48E519FB18FD66D4012DE35E03533CB9C13B7D19823092F7F0D9C0E5C0EF7BCF9017817CEBB550168BB846E91AA5FFF1E44B7F42215890A26157EFA5647AF412924BFC0F6CD278261BA1F959AE90F165DB11AD56CEB5223AF8BCCD5760AAB2ED5F11C56B517FFBC96B178E46EF11E7A4E8209C1CA887218600B8B20FAA80AA0B00816969A0AE25807374C24566AC03F8DFB417D0C3E43AC9BDA056AD0562A28C9F7C5EEC7AC847699170668113DF07F22A875C40D570B8CCF09EE00D91B9841A7D10F1763EE48C0BABA0F76EAD940AB5FB376C685E2EF4A81717F8ACDA8ED205FB819E62598FB343451EE47D73B9541D9F8FB6DF4029FC8FCEC0F5B94258DB49B39717B0FEB5DB3BA8FB1D28F4FE0319F84111BE08E9D251791A0A1809B55C307B0D337923EDB8CA4F2018DE38A3B7AADDFB938D93C4F3F287DBFDD542D11C747A319AAA9CA8446EA4D5A3B8B91B48B850009A9353596F2352839D55FD45F442272123402D58C80411E5113C50E35D28EDAD3C7271E9ABB4E7152C70B306571433323661D4D12B2FAB10304F721B07FF4804320453C2BF
25520170626110918 2 6 100 6143 5 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973B1648BFF 25520171203192853 2 6 100 6143 2 F2F9DF4571769305CF3128D1F3B27E0B51064C0D70472B4B834907A11B6C76DAA091DDD058F56E7E5A1A144CBAD246C592ADB38DB36673E636E06043CF3776DE42B2A3C52B29A5378A538205F863CBCE489A9D26209B2679B7C10179193C7B50CC806D8FEA57F761D54F010EDBDCBC7624B989AD0C894E9ABA77744E164CB92A615919DA4E66C41F0D7DE03C2C8C89077E8E712CB867993110D1DAC8F8CC87AEC5F98E0A46D2DA94727D432D4406AE31F8FB2B9DAD9E882994E41FA2B46D364B416F05BE0D579DC31D0ABD89EBA6789835C4B4CE6B8F0E9C19E2B99BBB55211D9392F18A210686F487C38F6ED33CAFA7F2468B423CC7F36DE73655CE7B94D681409616C94E55B31AB6DC3422956DB8F00490A539D95F1BF4965340CB90B5BA03104F643F96B9ABDCB5D34920E4E675DBAB81C038C11AB28459E1F10F15EBE9C21BA47427C72C2960DD8763BFCE27D47C4A06B24EBD911DED8A0ADE710930F87132830B1B8E0675447A48E519FB18FD66D4012DE35E03533CB9C13B7D19823092F7F0D9C0E5C0EF7BCF9017817CEBB550168BB846E91AA5FFF1E44B7F42215890A26157EFA5647AF412924BFC0F6CD278261BA1F959AE90F165DB11AD56CEB5223AF8BCCD5760AAB2ED5F11C56B517FFBC96B178E46EF11E7A4E8209C1CA887218600B8B20FAA80AA0B00816969A0AE25807374C24566AC03F8DFB417D0C3E43AC9BDA056AD0562A28C9F7C5EEC7AC847699170668113DF07F22A875C40D570B8CCF09EE00D91B9841A7D10F1763EE48C0BABA0F76EAD940AB5FB376C685E2EF4A81717F8ACDA8ED205FB819E62598FB343451EE47D73B9541D9F8FB6DF4029FC8FCEC0F5B94258DB49B39717B0FEB5DB3BA8FB1D28F4FE0319F84111BE08E9D251791A0A1809B55C307B0D337923EDB8CA4F2018DE38A3B7AADDFB938D93C4F3F287DBFDD542D11C747A319AAA9CA8446EA4D5A3B8B91B48B850009A9353596F2352839D55FD45F442272123402D58C80411E5113C50E35D28EDAD3C7271E9ABB4E7152C70B306571433323661D4D12B2FAB10304F721B07FF48043204F5D0C3
25620170626113343 2 6 100 6143 2 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973B1F924B3 25620171203234953 2 6 100 6143 2 F2F9DF4571769305CF3128D1F3B27E0B51064C0D70472B4B834907A11B6C76DAA091DDD058F56E7E5A1A144CBAD246C592ADB38DB36673E636E06043CF3776DE42B2A3C52B29A5378A538205F863CBCE489A9D26209B2679B7C10179193C7B50CC806D8FEA57F761D54F010EDBDCBC7624B989AD0C894E9ABA77744E164CB92A615919DA4E66C41F0D7DE03C2C8C89077E8E712CB867993110D1DAC8F8CC87AEC5F98E0A46D2DA94727D432D4406AE31F8FB2B9DAD9E882994E41FA2B46D364B416F05BE0D579DC31D0ABD89EBA6789835C4B4CE6B8F0E9C19E2B99BBB55211D9392F18A210686F487C38F6ED33CAFA7F2468B423CC7F36DE73655CE7B94D681409616C94E55B31AB6DC3422956DB8F00490A539D95F1BF4965340CB90B5BA03104F643F96B9ABDCB5D34920E4E675DBAB81C038C11AB28459E1F10F15EBE9C21BA47427C72C2960DD8763BFCE27D47C4A06B24EBD911DED8A0ADE710930F87132830B1B8E0675447A48E519FB18FD66D4012DE35E03533CB9C13B7D19823092F7F0D9C0E5C0EF7BCF9017817CEBB550168BB846E91AA5FFF1E44B7F42215890A26157EFA5647AF412924BFC0F6CD278261BA1F959AE90F165DB11AD56CEB5223AF8BCCD5760AAB2ED5F11C56B517FFBC96B178E46EF11E7A4E8209C1CA887218600B8B20FAA80AA0B00816969A0AE25807374C24566AC03F8DFB417D0C3E43AC9BDA056AD0562A28C9F7C5EEC7AC847699170668113DF07F22A875C40D570B8CCF09EE00D91B9841A7D10F1763EE48C0BABA0F76EAD940AB5FB376C685E2EF4A81717F8ACDA8ED205FB819E62598FB343451EE47D73B9541D9F8FB6DF4029FC8FCEC0F5B94258DB49B39717B0FEB5DB3BA8FB1D28F4FE0319F84111BE08E9D251791A0A1809B55C307B0D337923EDB8CA4F2018DE38A3B7AADDFB938D93C4F3F287DBFDD542D11C747A319AAA9CA8446EA4D5A3B8B91B48B850009A9353596F2352839D55FD45F442272123402D58C80411E5113C50E35D28EDAD3C7271E9ABB4E7152C70B306571433323661D4D12B2FAB10304F721B07FF4804320B184C73
25720170626150922 2 6 100 6143 2 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973B78B107B 25720171204012939 2 6 100 6143 5 F2F9DF4571769305CF3128D1F3B27E0B51064C0D70472B4B834907A11B6C76DAA091DDD058F56E7E5A1A144CBAD246C592ADB38DB36673E636E06043CF3776DE42B2A3C52B29A5378A538205F863CBCE489A9D26209B2679B7C10179193C7B50CC806D8FEA57F761D54F010EDBDCBC7624B989AD0C894E9ABA77744E164CB92A615919DA4E66C41F0D7DE03C2C8C89077E8E712CB867993110D1DAC8F8CC87AEC5F98E0A46D2DA94727D432D4406AE31F8FB2B9DAD9E882994E41FA2B46D364B416F05BE0D579DC31D0ABD89EBA6789835C4B4CE6B8F0E9C19E2B99BBB55211D9392F18A210686F487C38F6ED33CAFA7F2468B423CC7F36DE73655CE7B94D681409616C94E55B31AB6DC3422956DB8F00490A539D95F1BF4965340CB90B5BA03104F643F96B9ABDCB5D34920E4E675DBAB81C038C11AB28459E1F10F15EBE9C21BA47427C72C2960DD8763BFCE27D47C4A06B24EBD911DED8A0ADE710930F87132830B1B8E0675447A48E519FB18FD66D4012DE35E03533CB9C13B7D19823092F7F0D9C0E5C0EF7BCF9017817CEBB550168BB846E91AA5FFF1E44B7F42215890A26157EFA5647AF412924BFC0F6CD278261BA1F959AE90F165DB11AD56CEB5223AF8BCCD5760AAB2ED5F11C56B517FFBC96B178E46EF11E7A4E8209C1CA887218600B8B20FAA80AA0B00816969A0AE25807374C24566AC03F8DFB417D0C3E43AC9BDA056AD0562A28C9F7C5EEC7AC847699170668113DF07F22A875C40D570B8CCF09EE00D91B9841A7D10F1763EE48C0BABA0F76EAD940AB5FB376C685E2EF4A81717F8ACDA8ED205FB819E62598FB343451EE47D73B9541D9F8FB6DF4029FC8FCEC0F5B94258DB49B39717B0FEB5DB3BA8FB1D28F4FE0319F84111BE08E9D251791A0A1809B55C307B0D337923EDB8CA4F2018DE38A3B7AADDFB938D93C4F3F287DBFDD542D11C747A319AAA9CA8446EA4D5A3B8B91B48B850009A9353596F2352839D55FD45F442272123402D58C80411E5113C50E35D28EDAD3C7271E9ABB4E7152C70B306571433323661D4D12B2FAB10304F721B07FF4804320D6A5B1F
25820170626162428 2 6 100 6143 2 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973B972EB6B 25820171204015042 2 6 100 6143 2 F2F9DF4571769305CF3128D1F3B27E0B51064C0D70472B4B834907A11B6C76DAA091DDD058F56E7E5A1A144CBAD246C592ADB38DB36673E636E06043CF3776DE42B2A3C52B29A5378A538205F863CBCE489A9D26209B2679B7C10179193C7B50CC806D8FEA57F761D54F010EDBDCBC7624B989AD0C894E9ABA77744E164CB92A615919DA4E66C41F0D7DE03C2C8C89077E8E712CB867993110D1DAC8F8CC87AEC5F98E0A46D2DA94727D432D4406AE31F8FB2B9DAD9E882994E41FA2B46D364B416F05BE0D579DC31D0ABD89EBA6789835C4B4CE6B8F0E9C19E2B99BBB55211D9392F18A210686F487C38F6ED33CAFA7F2468B423CC7F36DE73655CE7B94D681409616C94E55B31AB6DC3422956DB8F00490A539D95F1BF4965340CB90B5BA03104F643F96B9ABDCB5D34920E4E675DBAB81C038C11AB28459E1F10F15EBE9C21BA47427C72C2960DD8763BFCE27D47C4A06B24EBD911DED8A0ADE710930F87132830B1B8E0675447A48E519FB18FD66D4012DE35E03533CB9C13B7D19823092F7F0D9C0E5C0EF7BCF9017817CEBB550168BB846E91AA5FFF1E44B7F42215890A26157EFA5647AF412924BFC0F6CD278261BA1F959AE90F165DB11AD56CEB5223AF8BCCD5760AAB2ED5F11C56B517FFBC96B178E46EF11E7A4E8209C1CA887218600B8B20FAA80AA0B00816969A0AE25807374C24566AC03F8DFB417D0C3E43AC9BDA056AD0562A28C9F7C5EEC7AC847699170668113DF07F22A875C40D570B8CCF09EE00D91B9841A7D10F1763EE48C0BABA0F76EAD940AB5FB376C685E2EF4A81717F8ACDA8ED205FB819E62598FB343451EE47D73B9541D9F8FB6DF4029FC8FCEC0F5B94258DB49B39717B0FEB5DB3BA8FB1D28F4FE0319F84111BE08E9D251791A0A1809B55C307B0D337923EDB8CA4F2018DE38A3B7AADDFB938D93C4F3F287DBFDD542D11C747A319AAA9CA8446EA4D5A3B8B91B48B850009A9353596F2352839D55FD45F442272123402D58C80411E5113C50E35D28EDAD3C7271E9ABB4E7152C70B306571433323661D4D12B2FAB10304F721B07FF4804320DDD6F5B
25920170626171558 2 6 100 6143 5 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973BAC16547 25920171204040850 2 6 100 6143 5 F2F9DF4571769305CF3128D1F3B27E0B51064C0D70472B4B834907A11B6C76DAA091DDD058F56E7E5A1A144CBAD246C592ADB38DB36673E636E06043CF3776DE42B2A3C52B29A5378A538205F863CBCE489A9D26209B2679B7C10179193C7B50CC806D8FEA57F761D54F010EDBDCBC7624B989AD0C894E9ABA77744E164CB92A615919DA4E66C41F0D7DE03C2C8C89077E8E712CB867993110D1DAC8F8CC87AEC5F98E0A46D2DA94727D432D4406AE31F8FB2B9DAD9E882994E41FA2B46D364B416F05BE0D579DC31D0ABD89EBA6789835C4B4CE6B8F0E9C19E2B99BBB55211D9392F18A210686F487C38F6ED33CAFA7F2468B423CC7F36DE73655CE7B94D681409616C94E55B31AB6DC3422956DB8F00490A539D95F1BF4965340CB90B5BA03104F643F96B9ABDCB5D34920E4E675DBAB81C038C11AB28459E1F10F15EBE9C21BA47427C72C2960DD8763BFCE27D47C4A06B24EBD911DED8A0ADE710930F87132830B1B8E0675447A48E519FB18FD66D4012DE35E03533CB9C13B7D19823092F7F0D9C0E5C0EF7BCF9017817CEBB550168BB846E91AA5FFF1E44B7F42215890A26157EFA5647AF412924BFC0F6CD278261BA1F959AE90F165DB11AD56CEB5223AF8BCCD5760AAB2ED5F11C56B517FFBC96B178E46EF11E7A4E8209C1CA887218600B8B20FAA80AA0B00816969A0AE25807374C24566AC03F8DFB417D0C3E43AC9BDA056AD0562A28C9F7C5EEC7AC847699170668113DF07F22A875C40D570B8CCF09EE00D91B9841A7D10F1763EE48C0BABA0F76EAD940AB5FB376C685E2EF4A81717F8ACDA8ED205FB819E62598FB343451EE47D73B9541D9F8FB6DF4029FC8FCEC0F5B94258DB49B39717B0FEB5DB3BA8FB1D28F4FE0319F84111BE08E9D251791A0A1809B55C307B0D337923EDB8CA4F2018DE38A3B7AADDFB938D93C4F3F287DBFDD542D11C747A319AAA9CA8446EA4D5A3B8B91B48B850009A9353596F2352839D55FD45F442272123402D58C80411E5113C50E35D28EDAD3C7271E9ABB4E7152C70B306571433323661D4D12B2FAB10304F721B07FF480432110E46BF
26020170626231518 2 6 100 6143 2 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973C3C4E533 26020171204060221 2 6 100 6143 5 F2F9DF4571769305CF3128D1F3B27E0B51064C0D70472B4B834907A11B6C76DAA091DDD058F56E7E5A1A144CBAD246C592ADB38DB36673E636E06043CF3776DE42B2A3C52B29A5378A538205F863CBCE489A9D26209B2679B7C10179193C7B50CC806D8FEA57F761D54F010EDBDCBC7624B989AD0C894E9ABA77744E164CB92A615919DA4E66C41F0D7DE03C2C8C89077E8E712CB867993110D1DAC8F8CC87AEC5F98E0A46D2DA94727D432D4406AE31F8FB2B9DAD9E882994E41FA2B46D364B416F05BE0D579DC31D0ABD89EBA6789835C4B4CE6B8F0E9C19E2B99BBB55211D9392F18A210686F487C38F6ED33CAFA7F2468B423CC7F36DE73655CE7B94D681409616C94E55B31AB6DC3422956DB8F00490A539D95F1BF4965340CB90B5BA03104F643F96B9ABDCB5D34920E4E675DBAB81C038C11AB28459E1F10F15EBE9C21BA47427C72C2960DD8763BFCE27D47C4A06B24EBD911DED8A0ADE710930F87132830B1B8E0675447A48E519FB18FD66D4012DE35E03533CB9C13B7D19823092F7F0D9C0E5C0EF7BCF9017817CEBB550168BB846E91AA5FFF1E44B7F42215890A26157EFA5647AF412924BFC0F6CD278261BA1F959AE90F165DB11AD56CEB5223AF8BCCD5760AAB2ED5F11C56B517FFBC96B178E46EF11E7A4E8209C1CA887218600B8B20FAA80AA0B00816969A0AE25807374C24566AC03F8DFB417D0C3E43AC9BDA056AD0562A28C9F7C5EEC7AC847699170668113DF07F22A875C40D570B8CCF09EE00D91B9841A7D10F1763EE48C0BABA0F76EAD940AB5FB376C685E2EF4A81717F8ACDA8ED205FB819E62598FB343451EE47D73B9541D9F8FB6DF4029FC8FCEC0F5B94258DB49B39717B0FEB5DB3BA8FB1D28F4FE0319F84111BE08E9D251791A0A1809B55C307B0D337923EDB8CA4F2018DE38A3B7AADDFB938D93C4F3F287DBFDD542D11C747A319AAA9CA8446EA4D5A3B8B91B48B850009A9353596F2352839D55FD45F442272123402D58C80411E5113C50E35D28EDAD3C7271E9ABB4E7152C70B306571433323661D4D12B2FAB10304F721B07FF480432139A662F
26120170627001636 2 6 100 6143 5 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973C53DC917 26120171204093759 2 6 100 6143 2 F2F9DF4571769305CF3128D1F3B27E0B51064C0D70472B4B834907A11B6C76DAA091DDD058F56E7E5A1A144CBAD246C592ADB38DB36673E636E06043CF3776DE42B2A3C52B29A5378A538205F863CBCE489A9D26209B2679B7C10179193C7B50CC806D8FEA57F761D54F010EDBDCBC7624B989AD0C894E9ABA77744E164CB92A615919DA4E66C41F0D7DE03C2C8C89077E8E712CB867993110D1DAC8F8CC87AEC5F98E0A46D2DA94727D432D4406AE31F8FB2B9DAD9E882994E41FA2B46D364B416F05BE0D579DC31D0ABD89EBA6789835C4B4CE6B8F0E9C19E2B99BBB55211D9392F18A210686F487C38F6ED33CAFA7F2468B423CC7F36DE73655CE7B94D681409616C94E55B31AB6DC3422956DB8F00490A539D95F1BF4965340CB90B5BA03104F643F96B9ABDCB5D34920E4E675DBAB81C038C11AB28459E1F10F15EBE9C21BA47427C72C2960DD8763BFCE27D47C4A06B24EBD911DED8A0ADE710930F87132830B1B8E0675447A48E519FB18FD66D4012DE35E03533CB9C13B7D19823092F7F0D9C0E5C0EF7BCF9017817CEBB550168BB846E91AA5FFF1E44B7F42215890A26157EFA5647AF412924BFC0F6CD278261BA1F959AE90F165DB11AD56CEB5223AF8BCCD5760AAB2ED5F11C56B517FFBC96B178E46EF11E7A4E8209C1CA887218600B8B20FAA80AA0B00816969A0AE25807374C24566AC03F8DFB417D0C3E43AC9BDA056AD0562A28C9F7C5EEC7AC847699170668113DF07F22A875C40D570B8CCF09EE00D91B9841A7D10F1763EE48C0BABA0F76EAD940AB5FB376C685E2EF4A81717F8ACDA8ED205FB819E62598FB343451EE47D73B9541D9F8FB6DF4029FC8FCEC0F5B94258DB49B39717B0FEB5DB3BA8FB1D28F4FE0319F84111BE08E9D251791A0A1809B55C307B0D337923EDB8CA4F2018DE38A3B7AADDFB938D93C4F3F287DBFDD542D11C747A319AAA9CA8446EA4D5A3B8B91B48B850009A9353596F2352839D55FD45F442272123402D58C80411E5113C50E35D28EDAD3C7271E9ABB4E7152C70B306571433323661D4D12B2FAB10304F721B07FF48043218861E53
26220170627023229 2 6 100 6143 2 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973C8A24E33 26220171204110909 2 6 100 6143 2 F2F9DF4571769305CF3128D1F3B27E0B51064C0D70472B4B834907A11B6C76DAA091DDD058F56E7E5A1A144CBAD246C592ADB38DB36673E636E06043CF3776DE42B2A3C52B29A5378A538205F863CBCE489A9D26209B2679B7C10179193C7B50CC806D8FEA57F761D54F010EDBDCBC7624B989AD0C894E9ABA77744E164CB92A615919DA4E66C41F0D7DE03C2C8C89077E8E712CB867993110D1DAC8F8CC87AEC5F98E0A46D2DA94727D432D4406AE31F8FB2B9DAD9E882994E41FA2B46D364B416F05BE0D579DC31D0ABD89EBA6789835C4B4CE6B8F0E9C19E2B99BBB55211D9392F18A210686F487C38F6ED33CAFA7F2468B423CC7F36DE73655CE7B94D681409616C94E55B31AB6DC3422956DB8F00490A539D95F1BF4965340CB90B5BA03104F643F96B9ABDCB5D34920E4E675DBAB81C038C11AB28459E1F10F15EBE9C21BA47427C72C2960DD8763BFCE27D47C4A06B24EBD911DED8A0ADE710930F87132830B1B8E0675447A48E519FB18FD66D4012DE35E03533CB9C13B7D19823092F7F0D9C0E5C0EF7BCF9017817CEBB550168BB846E91AA5FFF1E44B7F42215890A26157EFA5647AF412924BFC0F6CD278261BA1F959AE90F165DB11AD56CEB5223AF8BCCD5760AAB2ED5F11C56B517FFBC96B178E46EF11E7A4E8209C1CA887218600B8B20FAA80AA0B00816969A0AE25807374C24566AC03F8DFB417D0C3E43AC9BDA056AD0562A28C9F7C5EEC7AC847699170668113DF07F22A875C40D570B8CCF09EE00D91B9841A7D10F1763EE48C0BABA0F76EAD940AB5FB376C685E2EF4A81717F8ACDA8ED205FB819E62598FB343451EE47D73B9541D9F8FB6DF4029FC8FCEC0F5B94258DB49B39717B0FEB5DB3BA8FB1D28F4FE0319F84111BE08E9D251791A0A1809B55C307B0D337923EDB8CA4F2018DE38A3B7AADDFB938D93C4F3F287DBFDD542D11C747A319AAA9CA8446EA4D5A3B8B91B48B850009A9353596F2352839D55FD45F442272123402D58C80411E5113C50E35D28EDAD3C7271E9ABB4E7152C70B306571433323661D4D12B2FAB10304F721B07FF4804321AA18B6B
26320170627055348 2 6 100 6143 5 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973CDB0A037 26320171204112744 2 6 100 6143 2 F2F9DF4571769305CF3128D1F3B27E0B51064C0D70472B4B834907A11B6C76DAA091DDD058F56E7E5A1A144CBAD246C592ADB38DB36673E636E06043CF3776DE42B2A3C52B29A5378A538205F863CBCE489A9D26209B2679B7C10179193C7B50CC806D8FEA57F761D54F010EDBDCBC7624B989AD0C894E9ABA77744E164CB92A615919DA4E66C41F0D7DE03C2C8C89077E8E712CB867993110D1DAC8F8CC87AEC5F98E0A46D2DA94727D432D4406AE31F8FB2B9DAD9E882994E41FA2B46D364B416F05BE0D579DC31D0ABD89EBA6789835C4B4CE6B8F0E9C19E2B99BBB55211D9392F18A210686F487C38F6ED33CAFA7F2468B423CC7F36DE73655CE7B94D681409616C94E55B31AB6DC3422956DB8F00490A539D95F1BF4965340CB90B5BA03104F643F96B9ABDCB5D34920E4E675DBAB81C038C11AB28459E1F10F15EBE9C21BA47427C72C2960DD8763BFCE27D47C4A06B24EBD911DED8A0ADE710930F87132830B1B8E0675447A48E519FB18FD66D4012DE35E03533CB9C13B7D19823092F7F0D9C0E5C0EF7BCF9017817CEBB550168BB846E91AA5FFF1E44B7F42215890A26157EFA5647AF412924BFC0F6CD278261BA1F959AE90F165DB11AD56CEB5223AF8BCCD5760AAB2ED5F11C56B517FFBC96B178E46EF11E7A4E8209C1CA887218600B8B20FAA80AA0B00816969A0AE25807374C24566AC03F8DFB417D0C3E43AC9BDA056AD0562A28C9F7C5EEC7AC847699170668113DF07F22A875C40D570B8CCF09EE00D91B9841A7D10F1763EE48C0BABA0F76EAD940AB5FB376C685E2EF4A81717F8ACDA8ED205FB819E62598FB343451EE47D73B9541D9F8FB6DF4029FC8FCEC0F5B94258DB49B39717B0FEB5DB3BA8FB1D28F4FE0319F84111BE08E9D251791A0A1809B55C307B0D337923EDB8CA4F2018DE38A3B7AADDFB938D93C4F3F287DBFDD542D11C747A319AAA9CA8446EA4D5A3B8B91B48B850009A9353596F2352839D55FD45F442272123402D58C80411E5113C50E35D28EDAD3C7271E9ABB4E7152C70B306571433323661D4D12B2FAB10304F721B07FF4804321B0A25B3
26420170627085558 2 6 100 6143 2 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973D234059B 26420171204113618 2 6 100 6143 5 F2F9DF4571769305CF3128D1F3B27E0B51064C0D70472B4B834907A11B6C76DAA091DDD058F56E7E5A1A144CBAD246C592ADB38DB36673E636E06043CF3776DE42B2A3C52B29A5378A538205F863CBCE489A9D26209B2679B7C10179193C7B50CC806D8FEA57F761D54F010EDBDCBC7624B989AD0C894E9ABA77744E164CB92A615919DA4E66C41F0D7DE03C2C8C89077E8E712CB867993110D1DAC8F8CC87AEC5F98E0A46D2DA94727D432D4406AE31F8FB2B9DAD9E882994E41FA2B46D364B416F05BE0D579DC31D0ABD89EBA6789835C4B4CE6B8F0E9C19E2B99BBB55211D9392F18A210686F487C38F6ED33CAFA7F2468B423CC7F36DE73655CE7B94D681409616C94E55B31AB6DC3422956DB8F00490A539D95F1BF4965340CB90B5BA03104F643F96B9ABDCB5D34920E4E675DBAB81C038C11AB28459E1F10F15EBE9C21BA47427C72C2960DD8763BFCE27D47C4A06B24EBD911DED8A0ADE710930F87132830B1B8E0675447A48E519FB18FD66D4012DE35E03533CB9C13B7D19823092F7F0D9C0E5C0EF7BCF9017817CEBB550168BB846E91AA5FFF1E44B7F42215890A26157EFA5647AF412924BFC0F6CD278261BA1F959AE90F165DB11AD56CEB5223AF8BCCD5760AAB2ED5F11C56B517FFBC96B178E46EF11E7A4E8209C1CA887218600B8B20FAA80AA0B00816969A0AE25807374C24566AC03F8DFB417D0C3E43AC9BDA056AD0562A28C9F7C5EEC7AC847699170668113DF07F22A875C40D570B8CCF09EE00D91B9841A7D10F1763EE48C0BABA0F76EAD940AB5FB376C685E2EF4A81717F8ACDA8ED205FB819E62598FB343451EE47D73B9541D9F8FB6DF4029FC8FCEC0F5B94258DB49B39717B0FEB5DB3BA8FB1D28F4FE0319F84111BE08E9D251791A0A1809B55C307B0D337923EDB8CA4F2018DE38A3B7AADDFB938D93C4F3F287DBFDD542D11C747A319AAA9CA8446EA4D5A3B8B91B48B850009A9353596F2352839D55FD45F442272123402D58C80411E5113C50E35D28EDAD3C7271E9ABB4E7152C70B306571433323661D4D12B2FAB10304F721B07FF4804321B357127
26520170627111046 2 6 100 6143 2 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973D57B1B3B 26520171204120614 2 6 100 6143 2 F2F9DF4571769305CF3128D1F3B27E0B51064C0D70472B4B834907A11B6C76DAA091DDD058F56E7E5A1A144CBAD246C592ADB38DB36673E636E06043CF3776DE42B2A3C52B29A5378A538205F863CBCE489A9D26209B2679B7C10179193C7B50CC806D8FEA57F761D54F010EDBDCBC7624B989AD0C894E9ABA77744E164CB92A615919DA4E66C41F0D7DE03C2C8C89077E8E712CB867993110D1DAC8F8CC87AEC5F98E0A46D2DA94727D432D4406AE31F8FB2B9DAD9E882994E41FA2B46D364B416F05BE0D579DC31D0ABD89EBA6789835C4B4CE6B8F0E9C19E2B99BBB55211D9392F18A210686F487C38F6ED33CAFA7F2468B423CC7F36DE73655CE7B94D681409616C94E55B31AB6DC3422956DB8F00490A539D95F1BF4965340CB90B5BA03104F643F96B9ABDCB5D34920E4E675DBAB81C038C11AB28459E1F10F15EBE9C21BA47427C72C2960DD8763BFCE27D47C4A06B24EBD911DED8A0ADE710930F87132830B1B8E0675447A48E519FB18FD66D4012DE35E03533CB9C13B7D19823092F7F0D9C0E5C0EF7BCF9017817CEBB550168BB846E91AA5FFF1E44B7F42215890A26157EFA5647AF412924BFC0F6CD278261BA1F959AE90F165DB11AD56CEB5223AF8BCCD5760AAB2ED5F11C56B517FFBC96B178E46EF11E7A4E8209C1CA887218600B8B20FAA80AA0B00816969A0AE25807374C24566AC03F8DFB417D0C3E43AC9BDA056AD0562A28C9F7C5EEC7AC847699170668113DF07F22A875C40D570B8CCF09EE00D91B9841A7D10F1763EE48C0BABA0F76EAD940AB5FB376C685E2EF4A81717F8ACDA8ED205FB819E62598FB343451EE47D73B9541D9F8FB6DF4029FC8FCEC0F5B94258DB49B39717B0FEB5DB3BA8FB1D28F4FE0319F84111BE08E9D251791A0A1809B55C307B0D337923EDB8CA4F2018DE38A3B7AADDFB938D93C4F3F287DBFDD542D11C747A319AAA9CA8446EA4D5A3B8B91B48B850009A9353596F2352839D55FD45F442272123402D58C80411E5113C50E35D28EDAD3C7271E9ABB4E7152C70B306571433323661D4D12B2FAB10304F721B07FF4804321BE218DB
26620170627114331 2 6 100 6143 5 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973D63E6527 26620171204122520 2 6 100 6143 2 F2F9DF4571769305CF3128D1F3B27E0B51064C0D70472B4B834907A11B6C76DAA091DDD058F56E7E5A1A144CBAD246C592ADB38DB36673E636E06043CF3776DE42B2A3C52B29A5378A538205F863CBCE489A9D26209B2679B7C10179193C7B50CC806D8FEA57F761D54F010EDBDCBC7624B989AD0C894E9ABA77744E164CB92A615919DA4E66C41F0D7DE03C2C8C89077E8E712CB867993110D1DAC8F8CC87AEC5F98E0A46D2DA94727D432D4406AE31F8FB2B9DAD9E882994E41FA2B46D364B416F05BE0D579DC31D0ABD89EBA6789835C4B4CE6B8F0E9C19E2B99BBB55211D9392F18A210686F487C38F6ED33CAFA7F2468B423CC7F36DE73655CE7B94D681409616C94E55B31AB6DC3422956DB8F00490A539D95F1BF4965340CB90B5BA03104F643F96B9ABDCB5D34920E4E675DBAB81C038C11AB28459E1F10F15EBE9C21BA47427C72C2960DD8763BFCE27D47C4A06B24EBD911DED8A0ADE710930F87132830B1B8E0675447A48E519FB18FD66D4012DE35E03533CB9C13B7D19823092F7F0D9C0E5C0EF7BCF9017817CEBB550168BB846E91AA5FFF1E44B7F42215890A26157EFA5647AF412924BFC0F6CD278261BA1F959AE90F165DB11AD56CEB5223AF8BCCD5760AAB2ED5F11C56B517FFBC96B178E46EF11E7A4E8209C1CA887218600B8B20FAA80AA0B00816969A0AE25807374C24566AC03F8DFB417D0C3E43AC9BDA056AD0562A28C9F7C5EEC7AC847699170668113DF07F22A875C40D570B8CCF09EE00D91B9841A7D10F1763EE48C0BABA0F76EAD940AB5FB376C685E2EF4A81717F8ACDA8ED205FB819E62598FB343451EE47D73B9541D9F8FB6DF4029FC8FCEC0F5B94258DB49B39717B0FEB5DB3BA8FB1D28F4FE0319F84111BE08E9D251791A0A1809B55C307B0D337923EDB8CA4F2018DE38A3B7AADDFB938D93C4F3F287DBFDD542D11C747A319AAA9CA8446EA4D5A3B8B91B48B850009A9353596F2352839D55FD45F442272123402D58C80411E5113C50E35D28EDAD3C7271E9ABB4E7152C70B306571433323661D4D12B2FAB10304F721B07FF4804321C47FCD3
26720170627143549 2 6 100 6143 2 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973DA76351B 26720171204125750 2 6 100 6143 5 F2F9DF4571769305CF3128D1F3B27E0B51064C0D70472B4B834907A11B6C76DAA091DDD058F56E7E5A1A144CBAD246C592ADB38DB36673E636E06043CF3776DE42B2A3C52B29A5378A538205F863CBCE489A9D26209B2679B7C10179193C7B50CC806D8FEA57F761D54F010EDBDCBC7624B989AD0C894E9ABA77744E164CB92A615919DA4E66C41F0D7DE03C2C8C89077E8E712CB867993110D1DAC8F8CC87AEC5F98E0A46D2DA94727D432D4406AE31F8FB2B9DAD9E882994E41FA2B46D364B416F05BE0D579DC31D0ABD89EBA6789835C4B4CE6B8F0E9C19E2B99BBB55211D9392F18A210686F487C38F6ED33CAFA7F2468B423CC7F36DE73655CE7B94D681409616C94E55B31AB6DC3422956DB8F00490A539D95F1BF4965340CB90B5BA03104F643F96B9ABDCB5D34920E4E675DBAB81C038C11AB28459E1F10F15EBE9C21BA47427C72C2960DD8763BFCE27D47C4A06B24EBD911DED8A0ADE710930F87132830B1B8E0675447A48E519FB18FD66D4012DE35E03533CB9C13B7D19823092F7F0D9C0E5C0EF7BCF9017817CEBB550168BB846E91AA5FFF1E44B7F42215890A26157EFA5647AF412924BFC0F6CD278261BA1F959AE90F165DB11AD56CEB5223AF8BCCD5760AAB2ED5F11C56B517FFBC96B178E46EF11E7A4E8209C1CA887218600B8B20FAA80AA0B00816969A0AE25807374C24566AC03F8DFB417D0C3E43AC9BDA056AD0562A28C9F7C5EEC7AC847699170668113DF07F22A875C40D570B8CCF09EE00D91B9841A7D10F1763EE48C0BABA0F76EAD940AB5FB376C685E2EF4A81717F8ACDA8ED205FB819E62598FB343451EE47D73B9541D9F8FB6DF4029FC8FCEC0F5B94258DB49B39717B0FEB5DB3BA8FB1D28F4FE0319F84111BE08E9D251791A0A1809B55C307B0D337923EDB8CA4F2018DE38A3B7AADDFB938D93C4F3F287DBFDD542D11C747A319AAA9CA8446EA4D5A3B8B91B48B850009A9353596F2352839D55FD45F442272123402D58C80411E5113C50E35D28EDAD3C7271E9ABB4E7152C70B306571433323661D4D12B2FAB10304F721B07FF4804321CFEB977
26820170627150713 2 6 100 6143 2 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973DB2FF40B 26820171204133934 2 6 100 6143 5 F2F9DF4571769305CF3128D1F3B27E0B51064C0D70472B4B834907A11B6C76DAA091DDD058F56E7E5A1A144CBAD246C592ADB38DB36673E636E06043CF3776DE42B2A3C52B29A5378A538205F863CBCE489A9D26209B2679B7C10179193C7B50CC806D8FEA57F761D54F010EDBDCBC7624B989AD0C894E9ABA77744E164CB92A615919DA4E66C41F0D7DE03C2C8C89077E8E712CB867993110D1DAC8F8CC87AEC5F98E0A46D2DA94727D432D4406AE31F8FB2B9DAD9E882994E41FA2B46D364B416F05BE0D579DC31D0ABD89EBA6789835C4B4CE6B8F0E9C19E2B99BBB55211D9392F18A210686F487C38F6ED33CAFA7F2468B423CC7F36DE73655CE7B94D681409616C94E55B31AB6DC3422956DB8F00490A539D95F1BF4965340CB90B5BA03104F643F96B9ABDCB5D34920E4E675DBAB81C038C11AB28459E1F10F15EBE9C21BA47427C72C2960DD8763BFCE27D47C4A06B24EBD911DED8A0ADE710930F87132830B1B8E0675447A48E519FB18FD66D4012DE35E03533CB9C13B7D19823092F7F0D9C0E5C0EF7BCF9017817CEBB550168BB846E91AA5FFF1E44B7F42215890A26157EFA5647AF412924BFC0F6CD278261BA1F959AE90F165DB11AD56CEB5223AF8BCCD5760AAB2ED5F11C56B517FFBC96B178E46EF11E7A4E8209C1CA887218600B8B20FAA80AA0B00816969A0AE25807374C24566AC03F8DFB417D0C3E43AC9BDA056AD0562A28C9F7C5EEC7AC847699170668113DF07F22A875C40D570B8CCF09EE00D91B9841A7D10F1763EE48C0BABA0F76EAD940AB5FB376C685E2EF4A81717F8ACDA8ED205FB819E62598FB343451EE47D73B9541D9F8FB6DF4029FC8FCEC0F5B94258DB49B39717B0FEB5DB3BA8FB1D28F4FE0319F84111BE08E9D251791A0A1809B55C307B0D337923EDB8CA4F2018DE38A3B7AADDFB938D93C4F3F287DBFDD542D11C747A319AAA9CA8446EA4D5A3B8B91B48B850009A9353596F2352839D55FD45F442272123402D58C80411E5113C50E35D28EDAD3C7271E9ABB4E7152C70B306571433323661D4D12B2FAB10304F721B07FF4804321DF18F77
26920170627151417 2 6 100 6143 2 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973DB566CC3 26920171204174709 2 6 100 6143 2 EF730E8C844746DF23D55A6C9508EF59F158850FF4A3A24B3E29C95547FE16E3C3F7269D4096406935222EDC51BFDFE89B454D8C02F868FB297A1FBFEB61A5392779A6C51AF8F9068CC579276D045FF317D9B7540D9A39FA936004991CB06BA169012F75BAF0B8D6203470AF1BE5569341E462DF72FF4AFD9C24BCB7584C71C1766DFDD74FE13D98C176DC64979F4720C0A996226948C9DE5E1890C2E703168AB3B33D50C395F13CDE094300C4BB0ED86352950C238DDEB1A8412A2409B6C487F9CBBB110A754A7B4985CF55DE4FC5137CDF13F9B0E10768DF0A28D6628DFEC684A25439E5C943718E4E4CFC89A3DCE1B747F77A0CE08B98AC92705E8DD3A6EDD18FAEA2FBB4988C3CC947C8206DD67CF44BEF69B617E781E93501877F81E4CC2263DB0B5EEEFFF3FCFCD2AB6E34B724D755A9D5025C978AA679D806318EF9F81787D3C69FB2D25B0382A3A96F44216791D41CCC3DF04EBD19B84858F0935C1C774F4685C8114EBCA8C71946C35CB42B82AD56541E3B4AB0A47E0AD8FCF9073BCFB801EA84DDF5DF4426578561BC737C2469B34F275502BC0BD7AB018506FD8DD6A9477F1588C2F76FD82B2AD3740E7F161632C66B961737EB70E9B44F362F73C1F874F7C06C5370297E975D25E004D6090BD119915694AFB57427DDE7F50C81B9A1812E10FA39A01E2F2FF18C96FADEA62BF08FAB027A31D84E4C0267AF7E880B5A0608683542E9895DB15FA1ADA9F1D28569C8E27662CE912CD1869227F542C1F228C6A2226D4AC24673994AA453BF21A1961D17C7E29B297E8AF7A71C4E2957A603900A3B4947B7B59A70767EB9106C043A48EEFAC3CCDC0F78F559CDBE64328E3C21D33D30E6AAFF638761F988CD99C59ECBAC4276ACE22062F6903B4B78B45917829AAA0CF11D04272EB44385A3479AD7B6E3E94126CC35AE082A73AAE991670C5145576789B43055B5F9D457523B16032CC65B679BD5AA08657D719EAC3D0345812BFA599249E4719AA2DF1507916FA735535781F053C4CB92D28007CC8D621E571E957AED705C2D11724E6D4A3BE268FDCCA230A1BE9EDE7517467E2B
27020170627162358 2 6 100 6143 5 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973DD096627 27020171204175707 2 6 100 6143 2 EF730E8C844746DF23D55A6C9508EF59F158850FF4A3A24B3E29C95547FE16E3C3F7269D4096406935222EDC51BFDFE89B454D8C02F868FB297A1FBFEB61A5392779A6C51AF8F9068CC579276D045FF317D9B7540D9A39FA936004991CB06BA169012F75BAF0B8D6203470AF1BE5569341E462DF72FF4AFD9C24BCB7584C71C1766DFDD74FE13D98C176DC64979F4720C0A996226948C9DE5E1890C2E703168AB3B33D50C395F13CDE094300C4BB0ED86352950C238DDEB1A8412A2409B6C487F9CBBB110A754A7B4985CF55DE4FC5137CDF13F9B0E10768DF0A28D6628DFEC684A25439E5C943718E4E4CFC89A3DCE1B747F77A0CE08B98AC92705E8DD3A6EDD18FAEA2FBB4988C3CC947C8206DD67CF44BEF69B617E781E93501877F81E4CC2263DB0B5EEEFFF3FCFCD2AB6E34B724D755A9D5025C978AA679D806318EF9F81787D3C69FB2D25B0382A3A96F44216791D41CCC3DF04EBD19B84858F0935C1C774F4685C8114EBCA8C71946C35CB42B82AD56541E3B4AB0A47E0AD8FCF9073BCFB801EA84DDF5DF4426578561BC737C2469B34F275502BC0BD7AB018506FD8DD6A9477F1588C2F76FD82B2AD3740E7F161632C66B961737EB70E9B44F362F73C1F874F7C06C5370297E975D25E004D6090BD119915694AFB57427DDE7F50C81B9A1812E10FA39A01E2F2FF18C96FADEA62BF08FAB027A31D84E4C0267AF7E880B5A0608683542E9895DB15FA1ADA9F1D28569C8E27662CE912CD1869227F542C1F228C6A2226D4AC24673994AA453BF21A1961D17C7E29B297E8AF7A71C4E2957A603900A3B4947B7B59A70767EB9106C043A48EEFAC3CCDC0F78F559CDBE64328E3C21D33D30E6AAFF638761F988CD99C59ECBAC4276ACE22062F6903B4B78B45917829AAA0CF11D04272EB44385A3479AD7B6E3E94126CC35AE082A73AAE991670C5145576789B43055B5F9D457523B16032CC65B679BD5AA08657D719EAC3D0345812BFA599249E4719AA2DF1507916FA735535781F053C4CB92D28007CC8D621E571E957AED705C2D11724E6D4A3BE268FDCCA230A1BE9EDE75177CF673
27120170627175138 2 6 100 6143 5 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973DF2B3477 27120171204201457 2 6 100 6143 5 EF730E8C844746DF23D55A6C9508EF59F158850FF4A3A24B3E29C95547FE16E3C3F7269D4096406935222EDC51BFDFE89B454D8C02F868FB297A1FBFEB61A5392779A6C51AF8F9068CC579276D045FF317D9B7540D9A39FA936004991CB06BA169012F75BAF0B8D6203470AF1BE5569341E462DF72FF4AFD9C24BCB7584C71C1766DFDD74FE13D98C176DC64979F4720C0A996226948C9DE5E1890C2E703168AB3B33D50C395F13CDE094300C4BB0ED86352950C238DDEB1A8412A2409B6C487F9CBBB110A754A7B4985CF55DE4FC5137CDF13F9B0E10768DF0A28D6628DFEC684A25439E5C943718E4E4CFC89A3DCE1B747F77A0CE08B98AC92705E8DD3A6EDD18FAEA2FBB4988C3CC947C8206DD67CF44BEF69B617E781E93501877F81E4CC2263DB0B5EEEFFF3FCFCD2AB6E34B724D755A9D5025C978AA679D806318EF9F81787D3C69FB2D25B0382A3A96F44216791D41CCC3DF04EBD19B84858F0935C1C774F4685C8114EBCA8C71946C35CB42B82AD56541E3B4AB0A47E0AD8FCF9073BCFB801EA84DDF5DF4426578561BC737C2469B34F275502BC0BD7AB018506FD8DD6A9477F1588C2F76FD82B2AD3740E7F161632C66B961737EB70E9B44F362F73C1F874F7C06C5370297E975D25E004D6090BD119915694AFB57427DDE7F50C81B9A1812E10FA39A01E2F2FF18C96FADEA62BF08FAB027A31D84E4C0267AF7E880B5A0608683542E9895DB15FA1ADA9F1D28569C8E27662CE912CD1869227F542C1F228C6A2226D4AC24673994AA453BF21A1961D17C7E29B297E8AF7A71C4E2957A603900A3B4947B7B59A70767EB9106C043A48EEFAC3CCDC0F78F559CDBE64328E3C21D33D30E6AAFF638761F988CD99C59ECBAC4276ACE22062F6903B4B78B45917829AAA0CF11D04272EB44385A3479AD7B6E3E94126CC35AE082A73AAE991670C5145576789B43055B5F9D457523B16032CC65B679BD5AA08657D719EAC3D0345812BFA599249E4719AA2DF1507916FA735535781F053C4CB92D28007CC8D621E571E957AED705C2D11724E6D4A3BE268FDCCA230A1BE9EDE751ADCB617
27220170627180034 2 6 100 6143 2 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973DF5CD463 27220171205043550 2 6 100 6143 2 EF730E8C844746DF23D55A6C9508EF59F158850FF4A3A24B3E29C95547FE16E3C3F7269D4096406935222EDC51BFDFE89B454D8C02F868FB297A1FBFEB61A5392779A6C51AF8F9068CC579276D045FF317D9B7540D9A39FA936004991CB06BA169012F75BAF0B8D6203470AF1BE5569341E462DF72FF4AFD9C24BCB7584C71C1766DFDD74FE13D98C176DC64979F4720C0A996226948C9DE5E1890C2E703168AB3B33D50C395F13CDE094300C4BB0ED86352950C238DDEB1A8412A2409B6C487F9CBBB110A754A7B4985CF55DE4FC5137CDF13F9B0E10768DF0A28D6628DFEC684A25439E5C943718E4E4CFC89A3DCE1B747F77A0CE08B98AC92705E8DD3A6EDD18FAEA2FBB4988C3CC947C8206DD67CF44BEF69B617E781E93501877F81E4CC2263DB0B5EEEFFF3FCFCD2AB6E34B724D755A9D5025C978AA679D806318EF9F81787D3C69FB2D25B0382A3A96F44216791D41CCC3DF04EBD19B84858F0935C1C774F4685C8114EBCA8C71946C35CB42B82AD56541E3B4AB0A47E0AD8FCF9073BCFB801EA84DDF5DF4426578561BC737C2469B34F275502BC0BD7AB018506FD8DD6A9477F1588C2F76FD82B2AD3740E7F161632C66B961737EB70E9B44F362F73C1F874F7C06C5370297E975D25E004D6090BD119915694AFB57427DDE7F50C81B9A1812E10FA39A01E2F2FF18C96FADEA62BF08FAB027A31D84E4C0267AF7E880B5A0608683542E9895DB15FA1ADA9F1D28569C8E27662CE912CD1869227F542C1F228C6A2226D4AC24673994AA453BF21A1961D17C7E29B297E8AF7A71C4E2957A603900A3B4947B7B59A70767EB9106C043A48EEFAC3CCDC0F78F559CDBE64328E3C21D33D30E6AAFF638761F988CD99C59ECBAC4276ACE22062F6903B4B78B45917829AAA0CF11D04272EB44385A3479AD7B6E3E94126CC35AE082A73AAE991670C5145576789B43055B5F9D457523B16032CC65B679BD5AA08657D719EAC3D0345812BFA599249E4719AA2DF1507916FA735535781F053C4CB92D28007CC8D621E571E957AED705C2D11724E6D4A3BE268FDCCA230A1BE9EDE752748419B
27320170627192816 2 6 100 6143 2 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973E16B337B 27320171205051645 2 6 100 6143 2 EF730E8C844746DF23D55A6C9508EF59F158850FF4A3A24B3E29C95547FE16E3C3F7269D4096406935222EDC51BFDFE89B454D8C02F868FB297A1FBFEB61A5392779A6C51AF8F9068CC579276D045FF317D9B7540D9A39FA936004991CB06BA169012F75BAF0B8D6203470AF1BE5569341E462DF72FF4AFD9C24BCB7584C71C1766DFDD74FE13D98C176DC64979F4720C0A996226948C9DE5E1890C2E703168AB3B33D50C395F13CDE094300C4BB0ED86352950C238DDEB1A8412A2409B6C487F9CBBB110A754A7B4985CF55DE4FC5137CDF13F9B0E10768DF0A28D6628DFEC684A25439E5C943718E4E4CFC89A3DCE1B747F77A0CE08B98AC92705E8DD3A6EDD18FAEA2FBB4988C3CC947C8206DD67CF44BEF69B617E781E93501877F81E4CC2263DB0B5EEEFFF3FCFCD2AB6E34B724D755A9D5025C978AA679D806318EF9F81787D3C69FB2D25B0382A3A96F44216791D41CCC3DF04EBD19B84858F0935C1C774F4685C8114EBCA8C71946C35CB42B82AD56541E3B4AB0A47E0AD8FCF9073BCFB801EA84DDF5DF4426578561BC737C2469B34F275502BC0BD7AB018506FD8DD6A9477F1588C2F76FD82B2AD3740E7F161632C66B961737EB70E9B44F362F73C1F874F7C06C5370297E975D25E004D6090BD119915694AFB57427DDE7F50C81B9A1812E10FA39A01E2F2FF18C96FADEA62BF08FAB027A31D84E4C0267AF7E880B5A0608683542E9895DB15FA1ADA9F1D28569C8E27662CE912CD1869227F542C1F228C6A2226D4AC24673994AA453BF21A1961D17C7E29B297E8AF7A71C4E2957A603900A3B4947B7B59A70767EB9106C043A48EEFAC3CCDC0F78F559CDBE64328E3C21D33D30E6AAFF638761F988CD99C59ECBAC4276ACE22062F6903B4B78B45917829AAA0CF11D04272EB44385A3479AD7B6E3E94126CC35AE082A73AAE991670C5145576789B43055B5F9D457523B16032CC65B679BD5AA08657D719EAC3D0345812BFA599249E4719AA2DF1507916FA735535781F053C4CB92D28007CC8D621E571E957AED705C2D11724E6D4A3BE268FDCCA230A1BE9EDE7528400323
27420170627194138 2 6 100 6143 2 FE3AFB7EA9CBCB633757EA982ED0DDFF120459E69D35DB36ACC5F69B04A5CCEE59A0312A97687F2B3DBC20917F4BF0B16D97B75EDCA16B58BDEB8BB1A726F6CB8BF5D7FC483777129A1C19CB559943EF201323760672C63859E830C6E99AFE5DD7A4E89BAD41C63B687558DD277F4E06A29D1E14A21CAA6FDD4E6F21EB8B146F2C04F93B1C94234E6295F2F8773B16BA3D51758841EA48ADD1A626E252DB3B78594B4586AC9E9EAF100F294ADC82BEBBF8CAB96B671EE7050B42733EB741107C5D2199D305C84F93C6AEEE6BD607DB7C0EFED773FB1DB73B04EFA72EB36111B99EBE6EEE899307FD288329FB2DB7E81776AEF0F935FFEE77611BDCFEC309F97EEB6E36FE42CA4C8EFAA0B4B93F5D83606B8FA7B49DD1DBB8F828B9C805381CB5DF4AC7FFAE27C62CBCD2FE80BB4157EB7F3267041255AC2F7EA3B450951878166049E5FF1BD3B361082FB184E342DDA1961ACFD90944F37E09A06AFE463AA9AA66EE699D28C4D109F3E8111CF4D625161B2855C11593AE408AE44DC026091119744FF09A4AB3C00717ACA004E26ACA53BF6444D839CF477A56FEAFFBF2E4CB946512815269D8E3C163FC29288A917A4A0ACC6DF54454CE2D54AC79AE05BF816DE1E3E9D3A9CC69DBE674880F98ECB8D8D4C4247AC07BC9B7C40FB89C4B9D4DA4604B37D15047DFB28C5D241CDFA327C3996872A0C05B84342F81A308D7796CA4A4038E47A5D4658F757C3F9645F11DEA92AE4D2E77FDB1A5D12519FF947F39A68152528CB02F915894D728C0E755B8BC4A99FCFC778A4099558A06D5FECC4C22DAA7E23C3B5E8E99B5365D5046C8C65846D949A521C0B25EFE5F5CD0845F09C29C096C4A80755120A299EA652B204775E53B2D521F366F4EF9FA65B1D8CB048295C39BE92667200E2889B1577CBD0AC23B2280B758A3650BE60D55F215DBF166873592253B1254968B5A46A61C792A153342C3ADE408676F4B27B7F22C50B079D0E32AEA134168A53A36F18E2FFA2459EDBA89BEC13D19C342235F6E9CF8F721B608F6297A3486173A7D5CED5E2AF6343775668C1B1FB0B745157973E1B23A4B 27420171205062021 2 6 100 6143 5 EF730E8C844746DF23D55A6C9508EF59F158850FF4A3A24B3E29C95547FE16E3C3F7269D4096406935222EDC51BFDFE89B454D8C02F868FB297A1FBFEB61A5392779A6C51AF8F9068CC579276D045FF317D9B7540D9A39FA936004991CB06BA169012F75BAF0B8D6203470AF1BE5569341E462DF72FF4AFD9C24BCB7584C71C1766DFDD74FE13D98C176DC64979F4720C0A996226948C9DE5E1890C2E703168AB3B33D50C395F13CDE094300C4BB0ED86352950C238DDEB1A8412A2409B6C487F9CBBB110A754A7B4985CF55DE4FC5137CDF13F9B0E10768DF0A28D6628DFEC684A25439E5C943718E4E4CFC89A3DCE1B747F77A0CE08B98AC92705E8DD3A6EDD18FAEA2FBB4988C3CC947C8206DD67CF44BEF69B617E781E93501877F81E4CC2263DB0B5EEEFFF3FCFCD2AB6E34B724D755A9D5025C978AA679D806318EF9F81787D3C69FB2D25B0382A3A96F44216791D41CCC3DF04EBD19B84858F0935C1C774F4685C8114EBCA8C71946C35CB42B82AD56541E3B4AB0A47E0AD8FCF9073BCFB801EA84DDF5DF4426578561BC737C2469B34F275502BC0BD7AB018506FD8DD6A9477F1588C2F76FD82B2AD3740E7F161632C66B961737EB70E9B44F362F73C1F874F7C06C5370297E975D25E004D6090BD119915694AFB57427DDE7F50C81B9A1812E10FA39A01E2F2FF18C96FADEA62BF08FAB027A31D84E4C0267AF7E880B5A0608683542E9895DB15FA1ADA9F1D28569C8E27662CE912CD1869227F542C1F228C6A2226D4AC24673994AA453BF21A1961D17C7E29B297E8AF7A71C4E2957A603900A3B4947B7B59A70767EB9106C043A48EEFAC3CCDC0F78F559CDBE64328E3C21D33D30E6AAFF638761F988CD99C59ECBAC4276ACE22062F6903B4B78B45917829AAA0CF11D04272EB44385A3479AD7B6E3E94126CC35AE082A73AAE991670C5145576789B43055B5F9D457523B16032CC65B679BD5AA08657D719EAC3D0345812BFA599249E4719AA2DF1507916FA735535781F053C4CB92D28007CC8D621E571E957AED705C2D11724E6D4A3BE268FDCCA230A1BE9EDE7529BA43F7
27520170627235654 2 6 100 7679 2 E411B879FDA69428A30BDE74B417706E5936E16C5E1F2B64A07EAE1D69C857C23126701460740D93467EB3A3386827E658069CAC4D55CC4929493C193D53A0D91141135B2F0B19E659BB541883E569D38B329761EDF3C409D34A49870356F3723AD2F720383E49B1752B837DF80F48632A469A0A96AC8F02E5B766B590D722B5BD3ED9191BB70C1D4044A3D5CE850489216C3184D73BAE2B655D76B30EC1851951A756E2A45CD1FF82A83BDC1803005034BEB2EAC35FF7362831D8FBE02E07B1CCA351D47AD65B5282151FB2711A880410CED2C1CF205CC2072F6F244189F5BDB3AFDBA7FB02DD21C99D1EF72C1EF8BC6C68A273D16CB2D3CA190C30BDDEEAD7CA2E519F3AF806B5CBD436B971C1F1981EB35CB4007D129F43E660F7E47E807C889A1DC5FEFA7C304DB41B36982FEFB7390DC6C8E9474D3EEB84B3F757C367475EB1B4CB5B86F9507090F2CB37533E2B96BBC6F75B3BF1F4CECF18F67E7492A681845CF5AFA1B70FB3B0A09CDD3375BCF716CBF2A594533D157CB6C4008CF8C4818C9418E44A995028487B0346BD399BFB431CA94B3FC2AF9822520153105ADACEBE719CC24D1D043AC2AC24BD41759AA452000C43CB885D5F0D71DC2451A2C5C04B0B085BD23B5295B7A109DCD729C34479D51EAB4617FDD163128B25F5803B262C3D97E2D63B3E84D85B67ECDFDE6FA377E208BD2EF867072D341AC731338268AD82285DD6D219DE44EB0588E477CBFCD5F5C068D2FA877339424F324012D346C3E2B3C4408E4FD84535C5D4EA02137ABE0426BC4C3AD6EABAA221579CBA22023F8204ECCC98D143652DEBF5869CD73A81C0E4C6FC9A22F9E648B6783AA1D0F0A1F76B1C4E8692339A6A259F3D8419CF7FD22A26023678BFE4F70C79E7F113882E6C7A0606C5AA9094DB161683E43CCEC8C73FEBC7B82617B90541C2BC15EBA18B55E430373CF21DD235BA332EE6D7A6D042BAB4DEF94939AAD2A1F6FD235B09CA6CCFB45A614C79F3C83253B82BB73826DD22127F3F14292A9B682D607D6C9313DF5324712F976C8978AEDC97B40095E66BF850BCB83F477E1F5AB045844EA5CA0652C7C2C284B90FFDCAE2D5F3C165F66FCE871A5D0AFAA158E77099BFA7A969C8F3425E326D24E7E875D588B5E652ED331ABE4A72AFF7D89CFA9D55116B2610AEA4D1D16BCE1FE8D22849827677FEC8EC9864F5A4B874E7AA3228E31DACECA3ED7E1F31675CCA03E599E748BBCA483821DDC5F1C7ED376EDE7A650AD06CE3FC4E76062354B7D89093EBBF9717CED067846349E8BBEEC4CDDE0907F2DD1C31125F1DBB7B9A94E07677C4EBC756A5ED3D8DB30FB5772328272C6CE22848CB 27520171205073410 2 6 100 6143 2 EF730E8C844746DF23D55A6C9508EF59F158850FF4A3A24B3E29C95547FE16E3C3F7269D4096406935222EDC51BFDFE89B454D8C02F868FB297A1FBFEB61A5392779A6C51AF8F9068CC579276D045FF317D9B7540D9A39FA936004991CB06BA169012F75BAF0B8D6203470AF1BE5569341E462DF72FF4AFD9C24BCB7584C71C1766DFDD74FE13D98C176DC64979F4720C0A996226948C9DE5E1890C2E703168AB3B33D50C395F13CDE094300C4BB0ED86352950C238DDEB1A8412A2409B6C487F9CBBB110A754A7B4985CF55DE4FC5137CDF13F9B0E10768DF0A28D6628DFEC684A25439E5C943718E4E4CFC89A3DCE1B747F77A0CE08B98AC92705E8DD3A6EDD18FAEA2FBB4988C3CC947C8206DD67CF44BEF69B617E781E93501877F81E4CC2263DB0B5EEEFFF3FCFCD2AB6E34B724D755A9D5025C978AA679D806318EF9F81787D3C69FB2D25B0382A3A96F44216791D41CCC3DF04EBD19B84858F0935C1C774F4685C8114EBCA8C71946C35CB42B82AD56541E3B4AB0A47E0AD8FCF9073BCFB801EA84DDF5DF4426578561BC737C2469B34F275502BC0BD7AB018506FD8DD6A9477F1588C2F76FD82B2AD3740E7F161632C66B961737EB70E9B44F362F73C1F874F7C06C5370297E975D25E004D6090BD119915694AFB57427DDE7F50C81B9A1812E10FA39A01E2F2FF18C96FADEA62BF08FAB027A31D84E4C0267AF7E880B5A0608683542E9895DB15FA1ADA9F1D28569C8E27662CE912CD1869227F542C1F228C6A2226D4AC24673994AA453BF21A1961D17C7E29B297E8AF7A71C4E2957A603900A3B4947B7B59A70767EB9106C043A48EEFAC3CCDC0F78F559CDBE64328E3C21D33D30E6AAFF638761F988CD99C59ECBAC4276ACE22062F6903B4B78B45917829AAA0CF11D04272EB44385A3479AD7B6E3E94126CC35AE082A73AAE991670C5145576789B43055B5F9D457523B16032CC65B679BD5AA08657D719EAC3D0345812BFA599249E4719AA2DF1507916FA735535781F053C4CB92D28007CC8D621E571E957AED705C2D11724E6D4A3BE268FDCCA230A1BE9EDE752B7A9EB3
27620170628025708 2 6 100 7679 2 E411B879FDA69428A30BDE74B417706E5936E16C5E1F2B64A07EAE1D69C857C23126701460740D93467EB3A3386827E658069CAC4D55CC4929493C193D53A0D91141135B2F0B19E659BB541883E569D38B329761EDF3C409D34A49870356F3723AD2F720383E49B1752B837DF80F48632A469A0A96AC8F02E5B766B590D722B5BD3ED9191BB70C1D4044A3D5CE850489216C3184D73BAE2B655D76B30EC1851951A756E2A45CD1FF82A83BDC1803005034BEB2EAC35FF7362831D8FBE02E07B1CCA351D47AD65B5282151FB2711A880410CED2C1CF205CC2072F6F244189F5BDB3AFDBA7FB02DD21C99D1EF72C1EF8BC6C68A273D16CB2D3CA190C30BDDEEAD7CA2E519F3AF806B5CBD436B971C1F1981EB35CB4007D129F43E660F7E47E807C889A1DC5FEFA7C304DB41B36982FEFB7390DC6C8E9474D3EEB84B3F757C367475EB1B4CB5B86F9507090F2CB37533E2B96BBC6F75B3BF1F4CECF18F67E7492A681845CF5AFA1B70FB3B0A09CDD3375BCF716CBF2A594533D157CB6C4008CF8C4818C9418E44A995028487B0346BD399BFB431CA94B3FC2AF9822520153105ADACEBE719CC24D1D043AC2AC24BD41759AA452000C43CB885D5F0D71DC2451A2C5C04B0B085BD23B5295B7A109DCD729C34479D51EAB4617FDD163128B25F5803B262C3D97E2D63B3E84D85B67ECDFDE6FA377E208BD2EF867072D341AC731338268AD82285DD6D219DE44EB0588E477CBFCD5F5C068D2FA877339424F324012D346C3E2B3C4408E4FD84535C5D4EA02137ABE0426BC4C3AD6EABAA221579CBA22023F8204ECCC98D143652DEBF5869CD73A81C0E4C6FC9A22F9E648B6783AA1D0F0A1F76B1C4E8692339A6A259F3D8419CF7FD22A26023678BFE4F70C79E7F113882E6C7A0606C5AA9094DB161683E43CCEC8C73FEBC7B82617B90541C2BC15EBA18B55E430373CF21DD235BA332EE6D7A6D042BAB4DEF94939AAD2A1F6FD235B09CA6CCFB45A614C79F3C83253B82BB73826DD22127F3F14292A9B682D607D6C9313DF5324712F976C8978AEDC97B40095E66BF850BCB83F477E1F5AB045844EA5CA0652C7C2C284B90FFDCAE2D5F3C165F66FCE871A5D0AFAA158E77099BFA7A969C8F3425E326D24E7E875D588B5E652ED331ABE4A72AFF7D89CFA9D55116B2610AEA4D1D16BCE1FE8D22849827677FEC8EC9864F5A4B874E7AA3228E31DACECA3ED7E1F31675CCA03E599E748BBCA483821DDC5F1C7ED376EDE7A650AD06CE3FC4E76062354B7D89093EBBF9717CED067846349E8BBEEC4CDDE0907F2DD1C31125F1DBB7B9A94E07677C4EBC756A5ED3D8DB30FB5772328272C6CE4C7FC03 27620171205074444 2 6 100 6143 2 EF730E8C844746DF23D55A6C9508EF59F158850FF4A3A24B3E29C95547FE16E3C3F7269D4096406935222EDC51BFDFE89B454D8C02F868FB297A1FBFEB61A5392779A6C51AF8F9068CC579276D045FF317D9B7540D9A39FA936004991CB06BA169012F75BAF0B8D6203470AF1BE5569341E462DF72FF4AFD9C24BCB7584C71C1766DFDD74FE13D98C176DC64979F4720C0A996226948C9DE5E1890C2E703168AB3B33D50C395F13CDE094300C4BB0ED86352950C238DDEB1A8412A2409B6C487F9CBBB110A754A7B4985CF55DE4FC5137CDF13F9B0E10768DF0A28D6628DFEC684A25439E5C943718E4E4CFC89A3DCE1B747F77A0CE08B98AC92705E8DD3A6EDD18FAEA2FBB4988C3CC947C8206DD67CF44BEF69B617E781E93501877F81E4CC2263DB0B5EEEFFF3FCFCD2AB6E34B724D755A9D5025C978AA679D806318EF9F81787D3C69FB2D25B0382A3A96F44216791D41CCC3DF04EBD19B84858F0935C1C774F4685C8114EBCA8C71946C35CB42B82AD56541E3B4AB0A47E0AD8FCF9073BCFB801EA84DDF5DF4426578561BC737C2469B34F275502BC0BD7AB018506FD8DD6A9477F1588C2F76FD82B2AD3740E7F161632C66B961737EB70E9B44F362F73C1F874F7C06C5370297E975D25E004D6090BD119915694AFB57427DDE7F50C81B9A1812E10FA39A01E2F2FF18C96FADEA62BF08FAB027A31D84E4C0267AF7E880B5A0608683542E9895DB15FA1ADA9F1D28569C8E27662CE912CD1869227F542C1F228C6A2226D4AC24673994AA453BF21A1961D17C7E29B297E8AF7A71C4E2957A603900A3B4947B7B59A70767EB9106C043A48EEFAC3CCDC0F78F559CDBE64328E3C21D33D30E6AAFF638761F988CD99C59ECBAC4276ACE22062F6903B4B78B45917829AAA0CF11D04272EB44385A3479AD7B6E3E94126CC35AE082A73AAE991670C5145576789B43055B5F9D457523B16032CC65B679BD5AA08657D719EAC3D0345812BFA599249E4719AA2DF1507916FA735535781F053C4CB92D28007CC8D621E571E957AED705C2D11724E6D4A3BE268FDCCA230A1BE9EDE752BB3FF13
27720170628090844 2 6 100 7679 5 E411B879FDA69428A30BDE74B417706E5936E16C5E1F2B64A07EAE1D69C857C23126701460740D93467EB3A3386827E658069CAC4D55CC4929493C193D53A0D91141135B2F0B19E659BB541883E569D38B329761EDF3C409D34A49870356F3723AD2F720383E49B1752B837DF80F48632A469A0A96AC8F02E5B766B590D722B5BD3ED9191BB70C1D4044A3D5CE850489216C3184D73BAE2B655D76B30EC1851951A756E2A45CD1FF82A83BDC1803005034BEB2EAC35FF7362831D8FBE02E07B1CCA351D47AD65B5282151FB2711A880410CED2C1CF205CC2072F6F244189F5BDB3AFDBA7FB02DD21C99D1EF72C1EF8BC6C68A273D16CB2D3CA190C30BDDEEAD7CA2E519F3AF806B5CBD436B971C1F1981EB35CB4007D129F43E660F7E47E807C889A1DC5FEFA7C304DB41B36982FEFB7390DC6C8E9474D3EEB84B3F757C367475EB1B4CB5B86F9507090F2CB37533E2B96BBC6F75B3BF1F4CECF18F67E7492A681845CF5AFA1B70FB3B0A09CDD3375BCF716CBF2A594533D157CB6C4008CF8C4818C9418E44A995028487B0346BD399BFB431CA94B3FC2AF9822520153105ADACEBE719CC24D1D043AC2AC24BD41759AA452000C43CB885D5F0D71DC2451A2C5C04B0B085BD23B5295B7A109DCD729C34479D51EAB4617FDD163128B25F5803B262C3D97E2D63B3E84D85B67ECDFDE6FA377E208BD2EF867072D341AC731338268AD82285DD6D219DE44EB0588E477CBFCD5F5C068D2FA877339424F324012D346C3E2B3C4408E4FD84535C5D4EA02137ABE0426BC4C3AD6EABAA221579CBA22023F8204ECCC98D143652DEBF5869CD73A81C0E4C6FC9A22F9E648B6783AA1D0F0A1F76B1C4E8692339A6A259F3D8419CF7FD22A26023678BFE4F70C79E7F113882E6C7A0606C5AA9094DB161683E43CCEC8C73FEBC7B82617B90541C2BC15EBA18B55E430373CF21DD235BA332EE6D7A6D042BAB4DEF94939AAD2A1F6FD235B09CA6CCFB45A614C79F3C83253B82BB73826DD22127F3F14292A9B682D607D6C9313DF5324712F976C8978AEDC97B40095E66BF850BCB83F477E1F5AB045844EA5CA0652C7C2C284B90FFDCAE2D5F3C165F66FCE871A5D0AFAA158E77099BFA7A969C8F3425E326D24E7E875D588B5E652ED331ABE4A72AFF7D89CFA9D55116B2610AEA4D1D16BCE1FE8D22849827677FEC8EC9864F5A4B874E7AA3228E31DACECA3ED7E1F31675CCA03E599E748BBCA483821DDC5F1C7ED376EDE7A650AD06CE3FC4E76062354B7D89093EBBF9717CED067846349E8BBEEC4CDDE0907F2DD1C31125F1DBB7B9A94E07677C4EBC756A5ED3D8DB30FB5772328272C6CEA316C0F 27720171205101150 2 6 100 6143 2 EF730E8C844746DF23D55A6C9508EF59F158850FF4A3A24B3E29C95547FE16E3C3F7269D4096406935222EDC51BFDFE89B454D8C02F868FB297A1FBFEB61A5392779A6C51AF8F9068CC579276D045FF317D9B7540D9A39FA936004991CB06BA169012F75BAF0B8D6203470AF1BE5569341E462DF72FF4AFD9C24BCB7584C71C1766DFDD74FE13D98C176DC64979F4720C0A996226948C9DE5E1890C2E703168AB3B33D50C395F13CDE094300C4BB0ED86352950C238DDEB1A8412A2409B6C487F9CBBB110A754A7B4985CF55DE4FC5137CDF13F9B0E10768DF0A28D6628DFEC684A25439E5C943718E4E4CFC89A3DCE1B747F77A0CE08B98AC92705E8DD3A6EDD18FAEA2FBB4988C3CC947C8206DD67CF44BEF69B617E781E93501877F81E4CC2263DB0B5EEEFFF3FCFCD2AB6E34B724D755A9D5025C978AA679D806318EF9F81787D3C69FB2D25B0382A3A96F44216791D41CCC3DF04EBD19B84858F0935C1C774F4685C8114EBCA8C71946C35CB42B82AD56541E3B4AB0A47E0AD8FCF9073BCFB801EA84DDF5DF4426578561BC737C2469B34F275502BC0BD7AB018506FD8DD6A9477F1588C2F76FD82B2AD3740E7F161632C66B961737EB70E9B44F362F73C1F874F7C06C5370297E975D25E004D6090BD119915694AFB57427DDE7F50C81B9A1812E10FA39A01E2F2FF18C96FADEA62BF08FAB027A31D84E4C0267AF7E880B5A0608683542E9895DB15FA1ADA9F1D28569C8E27662CE912CD1869227F542C1F228C6A2226D4AC24673994AA453BF21A1961D17C7E29B297E8AF7A71C4E2957A603900A3B4947B7B59A70767EB9106C043A48EEFAC3CCDC0F78F559CDBE64328E3C21D33D30E6AAFF638761F988CD99C59ECBAC4276ACE22062F6903B4B78B45917829AAA0CF11D04272EB44385A3479AD7B6E3E94126CC35AE082A73AAE991670C5145576789B43055B5F9D457523B16032CC65B679BD5AA08657D719EAC3D0345812BFA599249E4719AA2DF1507916FA735535781F053C4CB92D28007CC8D621E571E957AED705C2D11724E6D4A3BE268FDCCA230A1BE9EDE752F440E8B
27820170628104935 2 6 100 7679 2 E411B879FDA69428A30BDE74B417706E5936E16C5E1F2B64A07EAE1D69C857C23126701460740D93467EB3A3386827E658069CAC4D55CC4929493C193D53A0D91141135B2F0B19E659BB541883E569D38B329761EDF3C409D34A49870356F3723AD2F720383E49B1752B837DF80F48632A469A0A96AC8F02E5B766B590D722B5BD3ED9191BB70C1D4044A3D5CE850489216C3184D73BAE2B655D76B30EC1851951A756E2A45CD1FF82A83BDC1803005034BEB2EAC35FF7362831D8FBE02E07B1CCA351D47AD65B5282151FB2711A880410CED2C1CF205CC2072F6F244189F5BDB3AFDBA7FB02DD21C99D1EF72C1EF8BC6C68A273D16CB2D3CA190C30BDDEEAD7CA2E519F3AF806B5CBD436B971C1F1981EB35CB4007D129F43E660F7E47E807C889A1DC5FEFA7C304DB41B36982FEFB7390DC6C8E9474D3EEB84B3F757C367475EB1B4CB5B86F9507090F2CB37533E2B96BBC6F75B3BF1F4CECF18F67E7492A681845CF5AFA1B70FB3B0A09CDD3375BCF716CBF2A594533D157CB6C4008CF8C4818C9418E44A995028487B0346BD399BFB431CA94B3FC2AF9822520153105ADACEBE719CC24D1D043AC2AC24BD41759AA452000C43CB885D5F0D71DC2451A2C5C04B0B085BD23B5295B7A109DCD729C34479D51EAB4617FDD163128B25F5803B262C3D97E2D63B3E84D85B67ECDFDE6FA377E208BD2EF867072D341AC731338268AD82285DD6D219DE44EB0588E477CBFCD5F5C068D2FA877339424F324012D346C3E2B3C4408E4FD84535C5D4EA02137ABE0426BC4C3AD6EABAA221579CBA22023F8204ECCC98D143652DEBF5869CD73A81C0E4C6FC9A22F9E648B6783AA1D0F0A1F76B1C4E8692339A6A259F3D8419CF7FD22A26023678BFE4F70C79E7F113882E6C7A0606C5AA9094DB161683E43CCEC8C73FEBC7B82617B90541C2BC15EBA18B55E430373CF21DD235BA332EE6D7A6D042BAB4DEF94939AAD2A1F6FD235B09CA6CCFB45A614C79F3C83253B82BB73826DD22127F3F14292A9B682D607D6C9313DF5324712F976C8978AEDC97B40095E66BF850BCB83F477E1F5AB045844EA5CA0652C7C2C284B90FFDCAE2D5F3C165F66FCE871A5D0AFAA158E77099BFA7A969C8F3425E326D24E7E875D588B5E652ED331ABE4A72AFF7D89CFA9D55116B2610AEA4D1D16BCE1FE8D22849827677FEC8EC9864F5A4B874E7AA3228E31DACECA3ED7E1F31675CCA03E599E748BBCA483821DDC5F1C7ED376EDE7A650AD06CE3FC4E76062354B7D89093EBBF9717CED067846349E8BBEEC4CDDE0907F2DD1C31125F1DBB7B9A94E07677C4EBC756A5ED3D8DB30FB5772328272C6CEB9D111B 27820171205115054 2 6 100 6143 2 EF730E8C844746DF23D55A6C9508EF59F158850FF4A3A24B3E29C95547FE16E3C3F7269D4096406935222EDC51BFDFE89B454D8C02F868FB297A1FBFEB61A5392779A6C51AF8F9068CC579276D045FF317D9B7540D9A39FA936004991CB06BA169012F75BAF0B8D6203470AF1BE5569341E462DF72FF4AFD9C24BCB7584C71C1766DFDD74FE13D98C176DC64979F4720C0A996226948C9DE5E1890C2E703168AB3B33D50C395F13CDE094300C4BB0ED86352950C238DDEB1A8412A2409B6C487F9CBBB110A754A7B4985CF55DE4FC5137CDF13F9B0E10768DF0A28D6628DFEC684A25439E5C943718E4E4CFC89A3DCE1B747F77A0CE08B98AC92705E8DD3A6EDD18FAEA2FBB4988C3CC947C8206DD67CF44BEF69B617E781E93501877F81E4CC2263DB0B5EEEFFF3FCFCD2AB6E34B724D755A9D5025C978AA679D806318EF9F81787D3C69FB2D25B0382A3A96F44216791D41CCC3DF04EBD19B84858F0935C1C774F4685C8114EBCA8C71946C35CB42B82AD56541E3B4AB0A47E0AD8FCF9073BCFB801EA84DDF5DF4426578561BC737C2469B34F275502BC0BD7AB018506FD8DD6A9477F1588C2F76FD82B2AD3740E7F161632C66B961737EB70E9B44F362F73C1F874F7C06C5370297E975D25E004D6090BD119915694AFB57427DDE7F50C81B9A1812E10FA39A01E2F2FF18C96FADEA62BF08FAB027A31D84E4C0267AF7E880B5A0608683542E9895DB15FA1ADA9F1D28569C8E27662CE912CD1869227F542C1F228C6A2226D4AC24673994AA453BF21A1961D17C7E29B297E8AF7A71C4E2957A603900A3B4947B7B59A70767EB9106C043A48EEFAC3CCDC0F78F559CDBE64328E3C21D33D30E6AAFF638761F988CD99C59ECBAC4276ACE22062F6903B4B78B45917829AAA0CF11D04272EB44385A3479AD7B6E3E94126CC35AE082A73AAE991670C5145576789B43055B5F9D457523B16032CC65B679BD5AA08657D719EAC3D0345812BFA599249E4719AA2DF1507916FA735535781F053C4CB92D28007CC8D621E571E957AED705C2D11724E6D4A3BE268FDCCA230A1BE9EDE7531576573
27920170628114328 2 6 100 7679 2 E411B879FDA69428A30BDE74B417706E5936E16C5E1F2B64A07EAE1D69C857C23126701460740D93467EB3A3386827E658069CAC4D55CC4929493C193D53A0D91141135B2F0B19E659BB541883E569D38B329761EDF3C409D34A49870356F3723AD2F720383E49B1752B837DF80F48632A469A0A96AC8F02E5B766B590D722B5BD3ED9191BB70C1D4044A3D5CE850489216C3184D73BAE2B655D76B30EC1851951A756E2A45CD1FF82A83BDC1803005034BEB2EAC35FF7362831D8FBE02E07B1CCA351D47AD65B5282151FB2711A880410CED2C1CF205CC2072F6F244189F5BDB3AFDBA7FB02DD21C99D1EF72C1EF8BC6C68A273D16CB2D3CA190C30BDDEEAD7CA2E519F3AF806B5CBD436B971C1F1981EB35CB4007D129F43E660F7E47E807C889A1DC5FEFA7C304DB41B36982FEFB7390DC6C8E9474D3EEB84B3F757C367475EB1B4CB5B86F9507090F2CB37533E2B96BBC6F75B3BF1F4CECF18F67E7492A681845CF5AFA1B70FB3B0A09CDD3375BCF716CBF2A594533D157CB6C4008CF8C4818C9418E44A995028487B0346BD399BFB431CA94B3FC2AF9822520153105ADACEBE719CC24D1D043AC2AC24BD41759AA452000C43CB885D5F0D71DC2451A2C5C04B0B085BD23B5295B7A109DCD729C34479D51EAB4617FDD163128B25F5803B262C3D97E2D63B3E84D85B67ECDFDE6FA377E208BD2EF867072D341AC731338268AD82285DD6D219DE44EB0588E477CBFCD5F5C068D2FA877339424F324012D346C3E2B3C4408E4FD84535C5D4EA02137ABE0426BC4C3AD6EABAA221579CBA22023F8204ECCC98D143652DEBF5869CD73A81C0E4C6FC9A22F9E648B6783AA1D0F0A1F76B1C4E8692339A6A259F3D8419CF7FD22A26023678BFE4F70C79E7F113882E6C7A0606C5AA9094DB161683E43CCEC8C73FEBC7B82617B90541C2BC15EBA18B55E430373CF21DD235BA332EE6D7A6D042BAB4DEF94939AAD2A1F6FD235B09CA6CCFB45A614C79F3C83253B82BB73826DD22127F3F14292A9B682D607D6C9313DF5324712F976C8978AEDC97B40095E66BF850BCB83F477E1F5AB045844EA5CA0652C7C2C284B90FFDCAE2D5F3C165F66FCE871A5D0AFAA158E77099BFA7A969C8F3425E326D24E7E875D588B5E652ED331ABE4A72AFF7D89CFA9D55116B2610AEA4D1D16BCE1FE8D22849827677FEC8EC9864F5A4B874E7AA3228E31DACECA3ED7E1F31675CCA03E599E748BBCA483821DDC5F1C7ED376EDE7A650AD06CE3FC4E76062354B7D89093EBBF9717CED067846349E8BBEEC4CDDE0907F2DD1C31125F1DBB7B9A94E07677C4EBC756A5ED3D8DB30FB5772328272C6CEC57837B 27920171205121540 2 6 100 6143 2 EF730E8C844746DF23D55A6C9508EF59F158850FF4A3A24B3E29C95547FE16E3C3F7269D4096406935222EDC51BFDFE89B454D8C02F868FB297A1FBFEB61A5392779A6C51AF8F9068CC579276D045FF317D9B7540D9A39FA936004991CB06BA169012F75BAF0B8D6203470AF1BE5569341E462DF72FF4AFD9C24BCB7584C71C1766DFDD74FE13D98C176DC64979F4720C0A996226948C9DE5E1890C2E703168AB3B33D50C395F13CDE094300C4BB0ED86352950C238DDEB1A8412A2409B6C487F9CBBB110A754A7B4985CF55DE4FC5137CDF13F9B0E10768DF0A28D6628DFEC684A25439E5C943718E4E4CFC89A3DCE1B747F77A0CE08B98AC92705E8DD3A6EDD18FAEA2FBB4988C3CC947C8206DD67CF44BEF69B617E781E93501877F81E4CC2263DB0B5EEEFFF3FCFCD2AB6E34B724D755A9D5025C978AA679D806318EF9F81787D3C69FB2D25B0382A3A96F44216791D41CCC3DF04EBD19B84858F0935C1C774F4685C8114EBCA8C71946C35CB42B82AD56541E3B4AB0A47E0AD8FCF9073BCFB801EA84DDF5DF4426578561BC737C2469B34F275502BC0BD7AB018506FD8DD6A9477F1588C2F76FD82B2AD3740E7F161632C66B961737EB70E9B44F362F73C1F874F7C06C5370297E975D25E004D6090BD119915694AFB57427DDE7F50C81B9A1812E10FA39A01E2F2FF18C96FADEA62BF08FAB027A31D84E4C0267AF7E880B5A0608683542E9895DB15FA1ADA9F1D28569C8E27662CE912CD1869227F542C1F228C6A2226D4AC24673994AA453BF21A1961D17C7E29B297E8AF7A71C4E2957A603900A3B4947B7B59A70767EB9106C043A48EEFAC3CCDC0F78F559CDBE64328E3C21D33D30E6AAFF638761F988CD99C59ECBAC4276ACE22062F6903B4B78B45917829AAA0CF11D04272EB44385A3479AD7B6E3E94126CC35AE082A73AAE991670C5145576789B43055B5F9D457523B16032CC65B679BD5AA08657D719EAC3D0345812BFA599249E4719AA2DF1507916FA735535781F053C4CB92D28007CC8D621E571E957AED705C2D11724E6D4A3BE268FDCCA230A1BE9EDE7531E8F173
28020170628155547 2 6 100 7679 5 E411B879FDA69428A30BDE74B417706E5936E16C5E1F2B64A07EAE1D69C857C23126701460740D93467EB3A3386827E658069CAC4D55CC4929493C193D53A0D91141135B2F0B19E659BB541883E569D38B329761EDF3C409D34A49870356F3723AD2F720383E49B1752B837DF80F48632A469A0A96AC8F02E5B766B590D722B5BD3ED9191BB70C1D4044A3D5CE850489216C3184D73BAE2B655D76B30EC1851951A756E2A45CD1FF82A83BDC1803005034BEB2EAC35FF7362831D8FBE02E07B1CCA351D47AD65B5282151FB2711A880410CED2C1CF205CC2072F6F244189F5BDB3AFDBA7FB02DD21C99D1EF72C1EF8BC6C68A273D16CB2D3CA190C30BDDEEAD7CA2E519F3AF806B5CBD436B971C1F1981EB35CB4007D129F43E660F7E47E807C889A1DC5FEFA7C304DB41B36982FEFB7390DC6C8E9474D3EEB84B3F757C367475EB1B4CB5B86F9507090F2CB37533E2B96BBC6F75B3BF1F4CECF18F67E7492A681845CF5AFA1B70FB3B0A09CDD3375BCF716CBF2A594533D157CB6C4008CF8C4818C9418E44A995028487B0346BD399BFB431CA94B3FC2AF9822520153105ADACEBE719CC24D1D043AC2AC24BD41759AA452000C43CB885D5F0D71DC2451A2C5C04B0B085BD23B5295B7A109DCD729C34479D51EAB4617FDD163128B25F5803B262C3D97E2D63B3E84D85B67ECDFDE6FA377E208BD2EF867072D341AC731338268AD82285DD6D219DE44EB0588E477CBFCD5F5C068D2FA877339424F324012D346C3E2B3C4408E4FD84535C5D4EA02137ABE0426BC4C3AD6EABAA221579CBA22023F8204ECCC98D143652DEBF5869CD73A81C0E4C6FC9A22F9E648B6783AA1D0F0A1F76B1C4E8692339A6A259F3D8419CF7FD22A26023678BFE4F70C79E7F113882E6C7A0606C5AA9094DB161683E43CCEC8C73FEBC7B82617B90541C2BC15EBA18B55E430373CF21DD235BA332EE6D7A6D042BAB4DEF94939AAD2A1F6FD235B09CA6CCFB45A614C79F3C83253B82BB73826DD22127F3F14292A9B682D607D6C9313DF5324712F976C8978AEDC97B40095E66BF850BCB83F477E1F5AB045844EA5CA0652C7C2C284B90FFDCAE2D5F3C165F66FCE871A5D0AFAA158E77099BFA7A969C8F3425E326D24E7E875D588B5E652ED331ABE4A72AFF7D89CFA9D55116B2610AEA4D1D16BCE1FE8D22849827677FEC8EC9864F5A4B874E7AA3228E31DACECA3ED7E1F31675CCA03E599E748BBCA483821DDC5F1C7ED376EDE7A650AD06CE3FC4E76062354B7D89093EBBF9717CED067846349E8BBEEC4CDDE0907F2DD1C31125F1DBB7B9A94E07677C4EBC756A5ED3D8DB30FB5772328272C6CEFEB085F 28020171205130945 2 6 100 6143 2 EF730E8C844746DF23D55A6C9508EF59F158850FF4A3A24B3E29C95547FE16E3C3F7269D4096406935222EDC51BFDFE89B454D8C02F868FB297A1FBFEB61A5392779A6C51AF8F9068CC579276D045FF317D9B7540D9A39FA936004991CB06BA169012F75BAF0B8D6203470AF1BE5569341E462DF72FF4AFD9C24BCB7584C71C1766DFDD74FE13D98C176DC64979F4720C0A996226948C9DE5E1890C2E703168AB3B33D50C395F13CDE094300C4BB0ED86352950C238DDEB1A8412A2409B6C487F9CBBB110A754A7B4985CF55DE4FC5137CDF13F9B0E10768DF0A28D6628DFEC684A25439E5C943718E4E4CFC89A3DCE1B747F77A0CE08B98AC92705E8DD3A6EDD18FAEA2FBB4988C3CC947C8206DD67CF44BEF69B617E781E93501877F81E4CC2263DB0B5EEEFFF3FCFCD2AB6E34B724D755A9D5025C978AA679D806318EF9F81787D3C69FB2D25B0382A3A96F44216791D41CCC3DF04EBD19B84858F0935C1C774F4685C8114EBCA8C71946C35CB42B82AD56541E3B4AB0A47E0AD8FCF9073BCFB801EA84DDF5DF4426578561BC737C2469B34F275502BC0BD7AB018506FD8DD6A9477F1588C2F76FD82B2AD3740E7F161632C66B961737EB70E9B44F362F73C1F874F7C06C5370297E975D25E004D6090BD119915694AFB57427DDE7F50C81B9A1812E10FA39A01E2F2FF18C96FADEA62BF08FAB027A31D84E4C0267AF7E880B5A0608683542E9895DB15FA1ADA9F1D28569C8E27662CE912CD1869227F542C1F228C6A2226D4AC24673994AA453BF21A1961D17C7E29B297E8AF7A71C4E2957A603900A3B4947B7B59A70767EB9106C043A48EEFAC3CCDC0F78F559CDBE64328E3C21D33D30E6AAFF638761F988CD99C59ECBAC4276ACE22062F6903B4B78B45917829AAA0CF11D04272EB44385A3479AD7B6E3E94126CC35AE082A73AAE991670C5145576789B43055B5F9D457523B16032CC65B679BD5AA08657D719EAC3D0345812BFA599249E4719AA2DF1507916FA735535781F053C4CB92D28007CC8D621E571E957AED705C2D11724E6D4A3BE268FDCCA230A1BE9EDE75332BD36B
28120170628161354 2 6 100 7679 2 E411B879FDA69428A30BDE74B417706E5936E16C5E1F2B64A07EAE1D69C857C23126701460740D93467EB3A3386827E658069CAC4D55CC4929493C193D53A0D91141135B2F0B19E659BB541883E569D38B329761EDF3C409D34A49870356F3723AD2F720383E49B1752B837DF80F48632A469A0A96AC8F02E5B766B590D722B5BD3ED9191BB70C1D4044A3D5CE850489216C3184D73BAE2B655D76B30EC1851951A756E2A45CD1FF82A83BDC1803005034BEB2EAC35FF7362831D8FBE02E07B1CCA351D47AD65B5282151FB2711A880410CED2C1CF205CC2072F6F244189F5BDB3AFDBA7FB02DD21C99D1EF72C1EF8BC6C68A273D16CB2D3CA190C30BDDEEAD7CA2E519F3AF806B5CBD436B971C1F1981EB35CB4007D129F43E660F7E47E807C889A1DC5FEFA7C304DB41B36982FEFB7390DC6C8E9474D3EEB84B3F757C367475EB1B4CB5B86F9507090F2CB37533E2B96BBC6F75B3BF1F4CECF18F67E7492A681845CF5AFA1B70FB3B0A09CDD3375BCF716CBF2A594533D157CB6C4008CF8C4818C9418E44A995028487B0346BD399BFB431CA94B3FC2AF9822520153105ADACEBE719CC24D1D043AC2AC24BD41759AA452000C43CB885D5F0D71DC2451A2C5C04B0B085BD23B5295B7A109DCD729C34479D51EAB4617FDD163128B25F5803B262C3D97E2D63B3E84D85B67ECDFDE6FA377E208BD2EF867072D341AC731338268AD82285DD6D219DE44EB0588E477CBFCD5F5C068D2FA877339424F324012D346C3E2B3C4408E4FD84535C5D4EA02137ABE0426BC4C3AD6EABAA221579CBA22023F8204ECCC98D143652DEBF5869CD73A81C0E4C6FC9A22F9E648B6783AA1D0F0A1F76B1C4E8692339A6A259F3D8419CF7FD22A26023678BFE4F70C79E7F113882E6C7A0606C5AA9094DB161683E43CCEC8C73FEBC7B82617B90541C2BC15EBA18B55E430373CF21DD235BA332EE6D7A6D042BAB4DEF94939AAD2A1F6FD235B09CA6CCFB45A614C79F3C83253B82BB73826DD22127F3F14292A9B682D607D6C9313DF5324712F976C8978AEDC97B40095E66BF850BCB83F477E1F5AB045844EA5CA0652C7C2C284B90FFDCAE2D5F3C165F66FCE871A5D0AFAA158E77099BFA7A969C8F3425E326D24E7E875D588B5E652ED331ABE4A72AFF7D89CFA9D55116B2610AEA4D1D16BCE1FE8D22849827677FEC8EC9864F5A4B874E7AA3228E31DACECA3ED7E1F31675CCA03E599E748BBCA483821DDC5F1C7ED376EDE7A650AD06CE3FC4E76062354B7D89093EBBF9717CED067846349E8BBEEC4CDDE0907F2DD1C31125F1DBB7B9A94E07677C4EBC756A5ED3D8DB30FB5772328272C6CF024A37B 28120171205141051 2 6 100 6143 2 EF730E8C844746DF23D55A6C9508EF59F158850FF4A3A24B3E29C95547FE16E3C3F7269D4096406935222EDC51BFDFE89B454D8C02F868FB297A1FBFEB61A5392779A6C51AF8F9068CC579276D045FF317D9B7540D9A39FA936004991CB06BA169012F75BAF0B8D6203470AF1BE5569341E462DF72FF4AFD9C24BCB7584C71C1766DFDD74FE13D98C176DC64979F4720C0A996226948C9DE5E1890C2E703168AB3B33D50C395F13CDE094300C4BB0ED86352950C238DDEB1A8412A2409B6C487F9CBBB110A754A7B4985CF55DE4FC5137CDF13F9B0E10768DF0A28D6628DFEC684A25439E5C943718E4E4CFC89A3DCE1B747F77A0CE08B98AC92705E8DD3A6EDD18FAEA2FBB4988C3CC947C8206DD67CF44BEF69B617E781E93501877F81E4CC2263DB0B5EEEFFF3FCFCD2AB6E34B724D755A9D5025C978AA679D806318EF9F81787D3C69FB2D25B0382A3A96F44216791D41CCC3DF04EBD19B84858F0935C1C774F4685C8114EBCA8C71946C35CB42B82AD56541E3B4AB0A47E0AD8FCF9073BCFB801EA84DDF5DF4426578561BC737C2469B34F275502BC0BD7AB018506FD8DD6A9477F1588C2F76FD82B2AD3740E7F161632C66B961737EB70E9B44F362F73C1F874F7C06C5370297E975D25E004D6090BD119915694AFB57427DDE7F50C81B9A1812E10FA39A01E2F2FF18C96FADEA62BF08FAB027A31D84E4C0267AF7E880B5A0608683542E9895DB15FA1ADA9F1D28569C8E27662CE912CD1869227F542C1F228C6A2226D4AC24673994AA453BF21A1961D17C7E29B297E8AF7A71C4E2957A603900A3B4947B7B59A70767EB9106C043A48EEFAC3CCDC0F78F559CDBE64328E3C21D33D30E6AAFF638761F988CD99C59ECBAC4276ACE22062F6903B4B78B45917829AAA0CF11D04272EB44385A3479AD7B6E3E94126CC35AE082A73AAE991670C5145576789B43055B5F9D457523B16032CC65B679BD5AA08657D719EAC3D0345812BFA599249E4719AA2DF1507916FA735535781F053C4CB92D28007CC8D621E571E957AED705C2D11724E6D4A3BE268FDCCA230A1BE9EDE753499FF7B
28220170629103301 2 6 100 7679 5 E411B879FDA69428A30BDE74B417706E5936E16C5E1F2B64A07EAE1D69C857C23126701460740D93467EB3A3386827E658069CAC4D55CC4929493C193D53A0D91141135B2F0B19E659BB541883E569D38B329761EDF3C409D34A49870356F3723AD2F720383E49B1752B837DF80F48632A469A0A96AC8F02E5B766B590D722B5BD3ED9191BB70C1D4044A3D5CE850489216C3184D73BAE2B655D76B30EC1851951A756E2A45CD1FF82A83BDC1803005034BEB2EAC35FF7362831D8FBE02E07B1CCA351D47AD65B5282151FB2711A880410CED2C1CF205CC2072F6F244189F5BDB3AFDBA7FB02DD21C99D1EF72C1EF8BC6C68A273D16CB2D3CA190C30BDDEEAD7CA2E519F3AF806B5CBD436B971C1F1981EB35CB4007D129F43E660F7E47E807C889A1DC5FEFA7C304DB41B36982FEFB7390DC6C8E9474D3EEB84B3F757C367475EB1B4CB5B86F9507090F2CB37533E2B96BBC6F75B3BF1F4CECF18F67E7492A681845CF5AFA1B70FB3B0A09CDD3375BCF716CBF2A594533D157CB6C4008CF8C4818C9418E44A995028487B0346BD399BFB431CA94B3FC2AF9822520153105ADACEBE719CC24D1D043AC2AC24BD41759AA452000C43CB885D5F0D71DC2451A2C5C04B0B085BD23B5295B7A109DCD729C34479D51EAB4617FDD163128B25F5803B262C3D97E2D63B3E84D85B67ECDFDE6FA377E208BD2EF867072D341AC731338268AD82285DD6D219DE44EB0588E477CBFCD5F5C068D2FA877339424F324012D346C3E2B3C4408E4FD84535C5D4EA02137ABE0426BC4C3AD6EABAA221579CBA22023F8204ECCC98D143652DEBF5869CD73A81C0E4C6FC9A22F9E648B6783AA1D0F0A1F76B1C4E8692339A6A259F3D8419CF7FD22A26023678BFE4F70C79E7F113882E6C7A0606C5AA9094DB161683E43CCEC8C73FEBC7B82617B90541C2BC15EBA18B55E430373CF21DD235BA332EE6D7A6D042BAB4DEF94939AAD2A1F6FD235B09CA6CCFB45A614C79F3C83253B82BB73826DD22127F3F14292A9B682D607D6C9313DF5324712F976C8978AEDC97B40095E66BF850BCB83F477E1F5AB045844EA5CA0652C7C2C284B90FFDCAE2D5F3C165F66FCE871A5D0AFAA158E77099BFA7A969C8F3425E326D24E7E875D588B5E652ED331ABE4A72AFF7D89CFA9D55116B2610AEA4D1D16BCE1FE8D22849827677FEC8EC9864F5A4B874E7AA3228E31DACECA3ED7E1F31675CCA03E599E748BBCA483821DDC5F1C7ED376EDE7A650AD06CE3FC4E76062354B7D89093EBBF9717CED067846349E8BBEEC4CDDE0907F2DD1C31125F1DBB7B9A94E07677C4EBC756A5ED3D8DB30FB5772328272C6CF75BD46F 28220171205144900 2 6 100 6143 2 EF730E8C844746DF23D55A6C9508EF59F158850FF4A3A24B3E29C95547FE16E3C3F7269D4096406935222EDC51BFDFE89B454D8C02F868FB297A1FBFEB61A5392779A6C51AF8F9068CC579276D045FF317D9B7540D9A39FA936004991CB06BA169012F75BAF0B8D6203470AF1BE5569341E462DF72FF4AFD9C24BCB7584C71C1766DFDD74FE13D98C176DC64979F4720C0A996226948C9DE5E1890C2E703168AB3B33D50C395F13CDE094300C4BB0ED86352950C238DDEB1A8412A2409B6C487F9CBBB110A754A7B4985CF55DE4FC5137CDF13F9B0E10768DF0A28D6628DFEC684A25439E5C943718E4E4CFC89A3DCE1B747F77A0CE08B98AC92705E8DD3A6EDD18FAEA2FBB4988C3CC947C8206DD67CF44BEF69B617E781E93501877F81E4CC2263DB0B5EEEFFF3FCFCD2AB6E34B724D755A9D5025C978AA679D806318EF9F81787D3C69FB2D25B0382A3A96F44216791D41CCC3DF04EBD19B84858F0935C1C774F4685C8114EBCA8C71946C35CB42B82AD56541E3B4AB0A47E0AD8FCF9073BCFB801EA84DDF5DF4426578561BC737C2469B34F275502BC0BD7AB018506FD8DD6A9477F1588C2F76FD82B2AD3740E7F161632C66B961737EB70E9B44F362F73C1F874F7C06C5370297E975D25E004D6090BD119915694AFB57427DDE7F50C81B9A1812E10FA39A01E2F2FF18C96FADEA62BF08FAB027A31D84E4C0267AF7E880B5A0608683542E9895DB15FA1ADA9F1D28569C8E27662CE912CD1869227F542C1F228C6A2226D4AC24673994AA453BF21A1961D17C7E29B297E8AF7A71C4E2957A603900A3B4947B7B59A70767EB9106C043A48EEFAC3CCDC0F78F559CDBE64328E3C21D33D30E6AAFF638761F988CD99C59ECBAC4276ACE22062F6903B4B78B45917829AAA0CF11D04272EB44385A3479AD7B6E3E94126CC35AE082A73AAE991670C5145576789B43055B5F9D457523B16032CC65B679BD5AA08657D719EAC3D0345812BFA599249E4719AA2DF1507916FA735535781F053C4CB92D28007CC8D621E571E957AED705C2D11724E6D4A3BE268FDCCA230A1BE9EDE75357B36FB
28320170629121023 2 6 100 7679 5 E411B879FDA69428A30BDE74B417706E5936E16C5E1F2B64A07EAE1D69C857C23126701460740D93467EB3A3386827E658069CAC4D55CC4929493C193D53A0D91141135B2F0B19E659BB541883E569D38B329761EDF3C409D34A49870356F3723AD2F720383E49B1752B837DF80F48632A469A0A96AC8F02E5B766B590D722B5BD3ED9191BB70C1D4044A3D5CE850489216C3184D73BAE2B655D76B30EC1851951A756E2A45CD1FF82A83BDC1803005034BEB2EAC35FF7362831D8FBE02E07B1CCA351D47AD65B5282151FB2711A880410CED2C1CF205CC2072F6F244189F5BDB3AFDBA7FB02DD21C99D1EF72C1EF8BC6C68A273D16CB2D3CA190C30BDDEEAD7CA2E519F3AF806B5CBD436B971C1F1981EB35CB4007D129F43E660F7E47E807C889A1DC5FEFA7C304DB41B36982FEFB7390DC6C8E9474D3EEB84B3F757C367475EB1B4CB5B86F9507090F2CB37533E2B96BBC6F75B3BF1F4CECF18F67E7492A681845CF5AFA1B70FB3B0A09CDD3375BCF716CBF2A594533D157CB6C4008CF8C4818C9418E44A995028487B0346BD399BFB431CA94B3FC2AF9822520153105ADACEBE719CC24D1D043AC2AC24BD41759AA452000C43CB885D5F0D71DC2451A2C5C04B0B085BD23B5295B7A109DCD729C34479D51EAB4617FDD163128B25F5803B262C3D97E2D63B3E84D85B67ECDFDE6FA377E208BD2EF867072D341AC731338268AD82285DD6D219DE44EB0588E477CBFCD5F5C068D2FA877339424F324012D346C3E2B3C4408E4FD84535C5D4EA02137ABE0426BC4C3AD6EABAA221579CBA22023F8204ECCC98D143652DEBF5869CD73A81C0E4C6FC9A22F9E648B6783AA1D0F0A1F76B1C4E8692339A6A259F3D8419CF7FD22A26023678BFE4F70C79E7F113882E6C7A0606C5AA9094DB161683E43CCEC8C73FEBC7B82617B90541C2BC15EBA18B55E430373CF21DD235BA332EE6D7A6D042BAB4DEF94939AAD2A1F6FD235B09CA6CCFB45A614C79F3C83253B82BB73826DD22127F3F14292A9B682D607D6C9313DF5324712F976C8978AEDC97B40095E66BF850BCB83F477E1F5AB045844EA5CA0652C7C2C284B90FFDCAE2D5F3C165F66FCE871A5D0AFAA158E77099BFA7A969C8F3425E326D24E7E875D588B5E652ED331ABE4A72AFF7D89CFA9D55116B2610AEA4D1D16BCE1FE8D22849827677FEC8EC9864F5A4B874E7AA3228E31DACECA3ED7E1F31675CCA03E599E748BBCA483821DDC5F1C7ED376EDE7A650AD06CE3FC4E76062354B7D89093EBBF9717CED067846349E8BBEEC4CDDE0907F2DD1C31125F1DBB7B9A94E07677C4EBC756A5ED3D8DB30FB5772328272C6CF8B74F97 28320171205154530 2 6 100 6143 2 EF730E8C844746DF23D55A6C9508EF59F158850FF4A3A24B3E29C95547FE16E3C3F7269D4096406935222EDC51BFDFE89B454D8C02F868FB297A1FBFEB61A5392779A6C51AF8F9068CC579276D045FF317D9B7540D9A39FA936004991CB06BA169012F75BAF0B8D6203470AF1BE5569341E462DF72FF4AFD9C24BCB7584C71C1766DFDD74FE13D98C176DC64979F4720C0A996226948C9DE5E1890C2E703168AB3B33D50C395F13CDE094300C4BB0ED86352950C238DDEB1A8412A2409B6C487F9CBBB110A754A7B4985CF55DE4FC5137CDF13F9B0E10768DF0A28D6628DFEC684A25439E5C943718E4E4CFC89A3DCE1B747F77A0CE08B98AC92705E8DD3A6EDD18FAEA2FBB4988C3CC947C8206DD67CF44BEF69B617E781E93501877F81E4CC2263DB0B5EEEFFF3FCFCD2AB6E34B724D755A9D5025C978AA679D806318EF9F81787D3C69FB2D25B0382A3A96F44216791D41CCC3DF04EBD19B84858F0935C1C774F4685C8114EBCA8C71946C35CB42B82AD56541E3B4AB0A47E0AD8FCF9073BCFB801EA84DDF5DF4426578561BC737C2469B34F275502BC0BD7AB018506FD8DD6A9477F1588C2F76FD82B2AD3740E7F161632C66B961737EB70E9B44F362F73C1F874F7C06C5370297E975D25E004D6090BD119915694AFB57427DDE7F50C81B9A1812E10FA39A01E2F2FF18C96FADEA62BF08FAB027A31D84E4C0267AF7E880B5A0608683542E9895DB15FA1ADA9F1D28569C8E27662CE912CD1869227F542C1F228C6A2226D4AC24673994AA453BF21A1961D17C7E29B297E8AF7A71C4E2957A603900A3B4947B7B59A70767EB9106C043A48EEFAC3CCDC0F78F559CDBE64328E3C21D33D30E6AAFF638761F988CD99C59ECBAC4276ACE22062F6903B4B78B45917829AAA0CF11D04272EB44385A3479AD7B6E3E94126CC35AE082A73AAE991670C5145576789B43055B5F9D457523B16032CC65B679BD5AA08657D719EAC3D0345812BFA599249E4719AA2DF1507916FA735535781F053C4CB92D28007CC8D621E571E957AED705C2D11724E6D4A3BE268FDCCA230A1BE9EDE7536CFC643
28420170630003105 2 6 100 7679 2 E411B879FDA69428A30BDE74B417706E5936E16C5E1F2B64A07EAE1D69C857C23126701460740D93467EB3A3386827E658069CAC4D55CC4929493C193D53A0D91141135B2F0B19E659BB541883E569D38B329761EDF3C409D34A49870356F3723AD2F720383E49B1752B837DF80F48632A469A0A96AC8F02E5B766B590D722B5BD3ED9191BB70C1D4044A3D5CE850489216C3184D73BAE2B655D76B30EC1851951A756E2A45CD1FF82A83BDC1803005034BEB2EAC35FF7362831D8FBE02E07B1CCA351D47AD65B5282151FB2711A880410CED2C1CF205CC2072F6F244189F5BDB3AFDBA7FB02DD21C99D1EF72C1EF8BC6C68A273D16CB2D3CA190C30BDDEEAD7CA2E519F3AF806B5CBD436B971C1F1981EB35CB4007D129F43E660F7E47E807C889A1DC5FEFA7C304DB41B36982FEFB7390DC6C8E9474D3EEB84B3F757C367475EB1B4CB5B86F9507090F2CB37533E2B96BBC6F75B3BF1F4CECF18F67E7492A681845CF5AFA1B70FB3B0A09CDD3375BCF716CBF2A594533D157CB6C4008CF8C4818C9418E44A995028487B0346BD399BFB431CA94B3FC2AF9822520153105ADACEBE719CC24D1D043AC2AC24BD41759AA452000C43CB885D5F0D71DC2451A2C5C04B0B085BD23B5295B7A109DCD729C34479D51EAB4617FDD163128B25F5803B262C3D97E2D63B3E84D85B67ECDFDE6FA377E208BD2EF867072D341AC731338268AD82285DD6D219DE44EB0588E477CBFCD5F5C068D2FA877339424F324012D346C3E2B3C4408E4FD84535C5D4EA02137ABE0426BC4C3AD6EABAA221579CBA22023F8204ECCC98D143652DEBF5869CD73A81C0E4C6FC9A22F9E648B6783AA1D0F0A1F76B1C4E8692339A6A259F3D8419CF7FD22A26023678BFE4F70C79E7F113882E6C7A0606C5AA9094DB161683E43CCEC8C73FEBC7B82617B90541C2BC15EBA18B55E430373CF21DD235BA332EE6D7A6D042BAB4DEF94939AAD2A1F6FD235B09CA6CCFB45A614C79F3C83253B82BB73826DD22127F3F14292A9B682D607D6C9313DF5324712F976C8978AEDC97B40095E66BF850BCB83F477E1F5AB045844EA5CA0652C7C2C284B90FFDCAE2D5F3C165F66FCE871A5D0AFAA158E77099BFA7A969C8F3425E326D24E7E875D588B5E652ED331ABE4A72AFF7D89CFA9D55116B2610AEA4D1D16BCE1FE8D22849827677FEC8EC9864F5A4B874E7AA3228E31DACECA3ED7E1F31675CCA03E599E748BBCA483821DDC5F1C7ED376EDE7A650AD06CE3FC4E76062354B7D89093EBBF9717CED067846349E8BBEEC4CDDE0907F2DD1C31125F1DBB7B9A94E07677C4EBC756A5ED3D8DB30FB5772328272C6D0331EC63 28420171205175129 2 6 100 6143 2 EF730E8C844746DF23D55A6C9508EF59F158850FF4A3A24B3E29C95547FE16E3C3F7269D4096406935222EDC51BFDFE89B454D8C02F868FB297A1FBFEB61A5392779A6C51AF8F9068CC579276D045FF317D9B7540D9A39FA936004991CB06BA169012F75BAF0B8D6203470AF1BE5569341E462DF72FF4AFD9C24BCB7584C71C1766DFDD74FE13D98C176DC64979F4720C0A996226948C9DE5E1890C2E703168AB3B33D50C395F13CDE094300C4BB0ED86352950C238DDEB1A8412A2409B6C487F9CBBB110A754A7B4985CF55DE4FC5137CDF13F9B0E10768DF0A28D6628DFEC684A25439E5C943718E4E4CFC89A3DCE1B747F77A0CE08B98AC92705E8DD3A6EDD18FAEA2FBB4988C3CC947C8206DD67CF44BEF69B617E781E93501877F81E4CC2263DB0B5EEEFFF3FCFCD2AB6E34B724D755A9D5025C978AA679D806318EF9F81787D3C69FB2D25B0382A3A96F44216791D41CCC3DF04EBD19B84858F0935C1C774F4685C8114EBCA8C71946C35CB42B82AD56541E3B4AB0A47E0AD8FCF9073BCFB801EA84DDF5DF4426578561BC737C2469B34F275502BC0BD7AB018506FD8DD6A9477F1588C2F76FD82B2AD3740E7F161632C66B961737EB70E9B44F362F73C1F874F7C06C5370297E975D25E004D6090BD119915694AFB57427DDE7F50C81B9A1812E10FA39A01E2F2FF18C96FADEA62BF08FAB027A31D84E4C0267AF7E880B5A0608683542E9895DB15FA1ADA9F1D28569C8E27662CE912CD1869227F542C1F228C6A2226D4AC24673994AA453BF21A1961D17C7E29B297E8AF7A71C4E2957A603900A3B4947B7B59A70767EB9106C043A48EEFAC3CCDC0F78F559CDBE64328E3C21D33D30E6AAFF638761F988CD99C59ECBAC4276ACE22062F6903B4B78B45917829AAA0CF11D04272EB44385A3479AD7B6E3E94126CC35AE082A73AAE991670C5145576789B43055B5F9D457523B16032CC65B679BD5AA08657D719EAC3D0345812BFA599249E4719AA2DF1507916FA735535781F053C4CB92D28007CC8D621E571E957AED705C2D11724E6D4A3BE268FDCCA230A1BE9EDE75398C8CC3
28520170630052003 2 6 100 7679 2 E411B879FDA69428A30BDE74B417706E5936E16C5E1F2B64A07EAE1D69C857C23126701460740D93467EB3A3386827E658069CAC4D55CC4929493C193D53A0D91141135B2F0B19E659BB541883E569D38B329761EDF3C409D34A49870356F3723AD2F720383E49B1752B837DF80F48632A469A0A96AC8F02E5B766B590D722B5BD3ED9191BB70C1D4044A3D5CE850489216C3184D73BAE2B655D76B30EC1851951A756E2A45CD1FF82A83BDC1803005034BEB2EAC35FF7362831D8FBE02E07B1CCA351D47AD65B5282151FB2711A880410CED2C1CF205CC2072F6F244189F5BDB3AFDBA7FB02DD21C99D1EF72C1EF8BC6C68A273D16CB2D3CA190C30BDDEEAD7CA2E519F3AF806B5CBD436B971C1F1981EB35CB4007D129F43E660F7E47E807C889A1DC5FEFA7C304DB41B36982FEFB7390DC6C8E9474D3EEB84B3F757C367475EB1B4CB5B86F9507090F2CB37533E2B96BBC6F75B3BF1F4CECF18F67E7492A681845CF5AFA1B70FB3B0A09CDD3375BCF716CBF2A594533D157CB6C4008CF8C4818C9418E44A995028487B0346BD399BFB431CA94B3FC2AF9822520153105ADACEBE719CC24D1D043AC2AC24BD41759AA452000C43CB885D5F0D71DC2451A2C5C04B0B085BD23B5295B7A109DCD729C34479D51EAB4617FDD163128B25F5803B262C3D97E2D63B3E84D85B67ECDFDE6FA377E208BD2EF867072D341AC731338268AD82285DD6D219DE44EB0588E477CBFCD5F5C068D2FA877339424F324012D346C3E2B3C4408E4FD84535C5D4EA02137ABE0426BC4C3AD6EABAA221579CBA22023F8204ECCC98D143652DEBF5869CD73A81C0E4C6FC9A22F9E648B6783AA1D0F0A1F76B1C4E8692339A6A259F3D8419CF7FD22A26023678BFE4F70C79E7F113882E6C7A0606C5AA9094DB161683E43CCEC8C73FEBC7B82617B90541C2BC15EBA18B55E430373CF21DD235BA332EE6D7A6D042BAB4DEF94939AAD2A1F6FD235B09CA6CCFB45A614C79F3C83253B82BB73826DD22127F3F14292A9B682D607D6C9313DF5324712F976C8978AEDC97B40095E66BF850BCB83F477E1F5AB045844EA5CA0652C7C2C284B90FFDCAE2D5F3C165F66FCE871A5D0AFAA158E77099BFA7A969C8F3425E326D24E7E875D588B5E652ED331ABE4A72AFF7D89CFA9D55116B2610AEA4D1D16BCE1FE8D22849827677FEC8EC9864F5A4B874E7AA3228E31DACECA3ED7E1F31675CCA03E599E748BBCA483821DDC5F1C7ED376EDE7A650AD06CE3FC4E76062354B7D89093EBBF9717CED067846349E8BBEEC4CDDE0907F2DD1C31125F1DBB7B9A94E07677C4EBC756A5ED3D8DB30FB5772328272C6D04F2C61B 28520171205180055 2 6 100 6143 2 EF730E8C844746DF23D55A6C9508EF59F158850FF4A3A24B3E29C95547FE16E3C3F7269D4096406935222EDC51BFDFE89B454D8C02F868FB297A1FBFEB61A5392779A6C51AF8F9068CC579276D045FF317D9B7540D9A39FA936004991CB06BA169012F75BAF0B8D6203470AF1BE5569341E462DF72FF4AFD9C24BCB7584C71C1766DFDD74FE13D98C176DC64979F4720C0A996226948C9DE5E1890C2E703168AB3B33D50C395F13CDE094300C4BB0ED86352950C238DDEB1A8412A2409B6C487F9CBBB110A754A7B4985CF55DE4FC5137CDF13F9B0E10768DF0A28D6628DFEC684A25439E5C943718E4E4CFC89A3DCE1B747F77A0CE08B98AC92705E8DD3A6EDD18FAEA2FBB4988C3CC947C8206DD67CF44BEF69B617E781E93501877F81E4CC2263DB0B5EEEFFF3FCFCD2AB6E34B724D755A9D5025C978AA679D806318EF9F81787D3C69FB2D25B0382A3A96F44216791D41CCC3DF04EBD19B84858F0935C1C774F4685C8114EBCA8C71946C35CB42B82AD56541E3B4AB0A47E0AD8FCF9073BCFB801EA84DDF5DF4426578561BC737C2469B34F275502BC0BD7AB018506FD8DD6A9477F1588C2F76FD82B2AD3740E7F161632C66B961737EB70E9B44F362F73C1F874F7C06C5370297E975D25E004D6090BD119915694AFB57427DDE7F50C81B9A1812E10FA39A01E2F2FF18C96FADEA62BF08FAB027A31D84E4C0267AF7E880B5A0608683542E9895DB15FA1ADA9F1D28569C8E27662CE912CD1869227F542C1F228C6A2226D4AC24673994AA453BF21A1961D17C7E29B297E8AF7A71C4E2957A603900A3B4947B7B59A70767EB9106C043A48EEFAC3CCDC0F78F559CDBE64328E3C21D33D30E6AAFF638761F988CD99C59ECBAC4276ACE22062F6903B4B78B45917829AAA0CF11D04272EB44385A3479AD7B6E3E94126CC35AE082A73AAE991670C5145576789B43055B5F9D457523B16032CC65B679BD5AA08657D719EAC3D0345812BFA599249E4719AA2DF1507916FA735535781F053C4CB92D28007CC8D621E571E957AED705C2D11724E6D4A3BE268FDCCA230A1BE9EDE7539B7B69B
28620170630145450 2 6 100 7679 2 E411B879FDA69428A30BDE74B417706E5936E16C5E1F2B64A07EAE1D69C857C23126701460740D93467EB3A3386827E658069CAC4D55CC4929493C193D53A0D91141135B2F0B19E659BB541883E569D38B329761EDF3C409D34A49870356F3723AD2F720383E49B1752B837DF80F48632A469A0A96AC8F02E5B766B590D722B5BD3ED9191BB70C1D4044A3D5CE850489216C3184D73BAE2B655D76B30EC1851951A756E2A45CD1FF82A83BDC1803005034BEB2EAC35FF7362831D8FBE02E07B1CCA351D47AD65B5282151FB2711A880410CED2C1CF205CC2072F6F244189F5BDB3AFDBA7FB02DD21C99D1EF72C1EF8BC6C68A273D16CB2D3CA190C30BDDEEAD7CA2E519F3AF806B5CBD436B971C1F1981EB35CB4007D129F43E660F7E47E807C889A1DC5FEFA7C304DB41B36982FEFB7390DC6C8E9474D3EEB84B3F757C367475EB1B4CB5B86F9507090F2CB37533E2B96BBC6F75B3BF1F4CECF18F67E7492A681845CF5AFA1B70FB3B0A09CDD3375BCF716CBF2A594533D157CB6C4008CF8C4818C9418E44A995028487B0346BD399BFB431CA94B3FC2AF9822520153105ADACEBE719CC24D1D043AC2AC24BD41759AA452000C43CB885D5F0D71DC2451A2C5C04B0B085BD23B5295B7A109DCD729C34479D51EAB4617FDD163128B25F5803B262C3D97E2D63B3E84D85B67ECDFDE6FA377E208BD2EF867072D341AC731338268AD82285DD6D219DE44EB0588E477CBFCD5F5C068D2FA877339424F324012D346C3E2B3C4408E4FD84535C5D4EA02137ABE0426BC4C3AD6EABAA221579CBA22023F8204ECCC98D143652DEBF5869CD73A81C0E4C6FC9A22F9E648B6783AA1D0F0A1F76B1C4E8692339A6A259F3D8419CF7FD22A26023678BFE4F70C79E7F113882E6C7A0606C5AA9094DB161683E43CCEC8C73FEBC7B82617B90541C2BC15EBA18B55E430373CF21DD235BA332EE6D7A6D042BAB4DEF94939AAD2A1F6FD235B09CA6CCFB45A614C79F3C83253B82BB73826DD22127F3F14292A9B682D607D6C9313DF5324712F976C8978AEDC97B40095E66BF850BCB83F477E1F5AB045844EA5CA0652C7C2C284B90FFDCAE2D5F3C165F66FCE871A5D0AFAA158E77099BFA7A969C8F3425E326D24E7E875D588B5E652ED331ABE4A72AFF7D89CFA9D55116B2610AEA4D1D16BCE1FE8D22849827677FEC8EC9864F5A4B874E7AA3228E31DACECA3ED7E1F31675CCA03E599E748BBCA483821DDC5F1C7ED376EDE7A650AD06CE3FC4E76062354B7D89093EBBF9717CED067846349E8BBEEC4CDDE0907F2DD1C31125F1DBB7B9A94E07677C4EBC756A5ED3D8DB30FB5772328272C6D0CF7BF93 28620171205191334 2 6 100 6143 2 EF730E8C844746DF23D55A6C9508EF59F158850FF4A3A24B3E29C95547FE16E3C3F7269D4096406935222EDC51BFDFE89B454D8C02F868FB297A1FBFEB61A5392779A6C51AF8F9068CC579276D045FF317D9B7540D9A39FA936004991CB06BA169012F75BAF0B8D6203470AF1BE5569341E462DF72FF4AFD9C24BCB7584C71C1766DFDD74FE13D98C176DC64979F4720C0A996226948C9DE5E1890C2E703168AB3B33D50C395F13CDE094300C4BB0ED86352950C238DDEB1A8412A2409B6C487F9CBBB110A754A7B4985CF55DE4FC5137CDF13F9B0E10768DF0A28D6628DFEC684A25439E5C943718E4E4CFC89A3DCE1B747F77A0CE08B98AC92705E8DD3A6EDD18FAEA2FBB4988C3CC947C8206DD67CF44BEF69B617E781E93501877F81E4CC2263DB0B5EEEFFF3FCFCD2AB6E34B724D755A9D5025C978AA679D806318EF9F81787D3C69FB2D25B0382A3A96F44216791D41CCC3DF04EBD19B84858F0935C1C774F4685C8114EBCA8C71946C35CB42B82AD56541E3B4AB0A47E0AD8FCF9073BCFB801EA84DDF5DF4426578561BC737C2469B34F275502BC0BD7AB018506FD8DD6A9477F1588C2F76FD82B2AD3740E7F161632C66B961737EB70E9B44F362F73C1F874F7C06C5370297E975D25E004D6090BD119915694AFB57427DDE7F50C81B9A1812E10FA39A01E2F2FF18C96FADEA62BF08FAB027A31D84E4C0267AF7E880B5A0608683542E9895DB15FA1ADA9F1D28569C8E27662CE912CD1869227F542C1F228C6A2226D4AC24673994AA453BF21A1961D17C7E29B297E8AF7A71C4E2957A603900A3B4947B7B59A70767EB9106C043A48EEFAC3CCDC0F78F559CDBE64328E3C21D33D30E6AAFF638761F988CD99C59ECBAC4276ACE22062F6903B4B78B45917829AAA0CF11D04272EB44385A3479AD7B6E3E94126CC35AE082A73AAE991670C5145576789B43055B5F9D457523B16032CC65B679BD5AA08657D719EAC3D0345812BFA599249E4719AA2DF1507916FA735535781F053C4CB92D28007CC8D621E571E957AED705C2D11724E6D4A3BE268FDCCA230A1BE9EDE753B4A4AD3
28720170701010810 2 6 100 7679 5 E411B879FDA69428A30BDE74B417706E5936E16C5E1F2B64A07EAE1D69C857C23126701460740D93467EB3A3386827E658069CAC4D55CC4929493C193D53A0D91141135B2F0B19E659BB541883E569D38B329761EDF3C409D34A49870356F3723AD2F720383E49B1752B837DF80F48632A469A0A96AC8F02E5B766B590D722B5BD3ED9191BB70C1D4044A3D5CE850489216C3184D73BAE2B655D76B30EC1851951A756E2A45CD1FF82A83BDC1803005034BEB2EAC35FF7362831D8FBE02E07B1CCA351D47AD65B5282151FB2711A880410CED2C1CF205CC2072F6F244189F5BDB3AFDBA7FB02DD21C99D1EF72C1EF8BC6C68A273D16CB2D3CA190C30BDDEEAD7CA2E519F3AF806B5CBD436B971C1F1981EB35CB4007D129F43E660F7E47E807C889A1DC5FEFA7C304DB41B36982FEFB7390DC6C8E9474D3EEB84B3F757C367475EB1B4CB5B86F9507090F2CB37533E2B96BBC6F75B3BF1F4CECF18F67E7492A681845CF5AFA1B70FB3B0A09CDD3375BCF716CBF2A594533D157CB6C4008CF8C4818C9418E44A995028487B0346BD399BFB431CA94B3FC2AF9822520153105ADACEBE719CC24D1D043AC2AC24BD41759AA452000C43CB885D5F0D71DC2451A2C5C04B0B085BD23B5295B7A109DCD729C34479D51EAB4617FDD163128B25F5803B262C3D97E2D63B3E84D85B67ECDFDE6FA377E208BD2EF867072D341AC731338268AD82285DD6D219DE44EB0588E477CBFCD5F5C068D2FA877339424F324012D346C3E2B3C4408E4FD84535C5D4EA02137ABE0426BC4C3AD6EABAA221579CBA22023F8204ECCC98D143652DEBF5869CD73A81C0E4C6FC9A22F9E648B6783AA1D0F0A1F76B1C4E8692339A6A259F3D8419CF7FD22A26023678BFE4F70C79E7F113882E6C7A0606C5AA9094DB161683E43CCEC8C73FEBC7B82617B90541C2BC15EBA18B55E430373CF21DD235BA332EE6D7A6D042BAB4DEF94939AAD2A1F6FD235B09CA6CCFB45A614C79F3C83253B82BB73826DD22127F3F14292A9B682D607D6C9313DF5324712F976C8978AEDC97B40095E66BF850BCB83F477E1F5AB045844EA5CA0652C7C2C284B90FFDCAE2D5F3C165F66FCE871A5D0AFAA158E77099BFA7A969C8F3425E326D24E7E875D588B5E652ED331ABE4A72AFF7D89CFA9D55116B2610AEA4D1D16BCE1FE8D22849827677FEC8EC9864F5A4B874E7AA3228E31DACECA3ED7E1F31675CCA03E599E748BBCA483821DDC5F1C7ED376EDE7A650AD06CE3FC4E76062354B7D89093EBBF9717CED067846349E8BBEEC4CDDE0907F2DD1C31125F1DBB7B9A94E07677C4EBC756A5ED3D8DB30FB5772328272C6D1578081F 28720171205223915 2 6 100 6143 2 EF730E8C844746DF23D55A6C9508EF59F158850FF4A3A24B3E29C95547FE16E3C3F7269D4096406935222EDC51BFDFE89B454D8C02F868FB297A1FBFEB61A5392779A6C51AF8F9068CC579276D045FF317D9B7540D9A39FA936004991CB06BA169012F75BAF0B8D6203470AF1BE5569341E462DF72FF4AFD9C24BCB7584C71C1766DFDD74FE13D98C176DC64979F4720C0A996226948C9DE5E1890C2E703168AB3B33D50C395F13CDE094300C4BB0ED86352950C238DDEB1A8412A2409B6C487F9CBBB110A754A7B4985CF55DE4FC5137CDF13F9B0E10768DF0A28D6628DFEC684A25439E5C943718E4E4CFC89A3DCE1B747F77A0CE08B98AC92705E8DD3A6EDD18FAEA2FBB4988C3CC947C8206DD67CF44BEF69B617E781E93501877F81E4CC2263DB0B5EEEFFF3FCFCD2AB6E34B724D755A9D5025C978AA679D806318EF9F81787D3C69FB2D25B0382A3A96F44216791D41CCC3DF04EBD19B84858F0935C1C774F4685C8114EBCA8C71946C35CB42B82AD56541E3B4AB0A47E0AD8FCF9073BCFB801EA84DDF5DF4426578561BC737C2469B34F275502BC0BD7AB018506FD8DD6A9477F1588C2F76FD82B2AD3740E7F161632C66B961737EB70E9B44F362F73C1F874F7C06C5370297E975D25E004D6090BD119915694AFB57427DDE7F50C81B9A1812E10FA39A01E2F2FF18C96FADEA62BF08FAB027A31D84E4C0267AF7E880B5A0608683542E9895DB15FA1ADA9F1D28569C8E27662CE912CD1869227F542C1F228C6A2226D4AC24673994AA453BF21A1961D17C7E29B297E8AF7A71C4E2957A603900A3B4947B7B59A70767EB9106C043A48EEFAC3CCDC0F78F559CDBE64328E3C21D33D30E6AAFF638761F988CD99C59ECBAC4276ACE22062F6903B4B78B45917829AAA0CF11D04272EB44385A3479AD7B6E3E94126CC35AE082A73AAE991670C5145576789B43055B5F9D457523B16032CC65B679BD5AA08657D719EAC3D0345812BFA599249E4719AA2DF1507916FA735535781F053C4CB92D28007CC8D621E571E957AED705C2D11724E6D4A3BE268FDCCA230A1BE9EDE754018391B
28820170701015400 2 6 100 7679 5 E411B879FDA69428A30BDE74B417706E5936E16C5E1F2B64A07EAE1D69C857C23126701460740D93467EB3A3386827E658069CAC4D55CC4929493C193D53A0D91141135B2F0B19E659BB541883E569D38B329761EDF3C409D34A49870356F3723AD2F720383E49B1752B837DF80F48632A469A0A96AC8F02E5B766B590D722B5BD3ED9191BB70C1D4044A3D5CE850489216C3184D73BAE2B655D76B30EC1851951A756E2A45CD1FF82A83BDC1803005034BEB2EAC35FF7362831D8FBE02E07B1CCA351D47AD65B5282151FB2711A880410CED2C1CF205CC2072F6F244189F5BDB3AFDBA7FB02DD21C99D1EF72C1EF8BC6C68A273D16CB2D3CA190C30BDDEEAD7CA2E519F3AF806B5CBD436B971C1F1981EB35CB4007D129F43E660F7E47E807C889A1DC5FEFA7C304DB41B36982FEFB7390DC6C8E9474D3EEB84B3F757C367475EB1B4CB5B86F9507090F2CB37533E2B96BBC6F75B3BF1F4CECF18F67E7492A681845CF5AFA1B70FB3B0A09CDD3375BCF716CBF2A594533D157CB6C4008CF8C4818C9418E44A995028487B0346BD399BFB431CA94B3FC2AF9822520153105ADACEBE719CC24D1D043AC2AC24BD41759AA452000C43CB885D5F0D71DC2451A2C5C04B0B085BD23B5295B7A109DCD729C34479D51EAB4617FDD163128B25F5803B262C3D97E2D63B3E84D85B67ECDFDE6FA377E208BD2EF867072D341AC731338268AD82285DD6D219DE44EB0588E477CBFCD5F5C068D2FA877339424F324012D346C3E2B3C4408E4FD84535C5D4EA02137ABE0426BC4C3AD6EABAA221579CBA22023F8204ECCC98D143652DEBF5869CD73A81C0E4C6FC9A22F9E648B6783AA1D0F0A1F76B1C4E8692339A6A259F3D8419CF7FD22A26023678BFE4F70C79E7F113882E6C7A0606C5AA9094DB161683E43CCEC8C73FEBC7B82617B90541C2BC15EBA18B55E430373CF21DD235BA332EE6D7A6D042BAB4DEF94939AAD2A1F6FD235B09CA6CCFB45A614C79F3C83253B82BB73826DD22127F3F14292A9B682D607D6C9313DF5324712F976C8978AEDC97B40095E66BF850BCB83F477E1F5AB045844EA5CA0652C7C2C284B90FFDCAE2D5F3C165F66FCE871A5D0AFAA158E77099BFA7A969C8F3425E326D24E7E875D588B5E652ED331ABE4A72AFF7D89CFA9D55116B2610AEA4D1D16BCE1FE8D22849827677FEC8EC9864F5A4B874E7AA3228E31DACECA3ED7E1F31675CCA03E599E748BBCA483821DDC5F1C7ED376EDE7A650AD06CE3FC4E76062354B7D89093EBBF9717CED067846349E8BBEEC4CDDE0907F2DD1C31125F1DBB7B9A94E07677C4EBC756A5ED3D8DB30FB5772328272C6D161119BF 28820171206002554 2 6 100 6143 5 EF730E8C844746DF23D55A6C9508EF59F158850FF4A3A24B3E29C95547FE16E3C3F7269D4096406935222EDC51BFDFE89B454D8C02F868FB297A1FBFEB61A5392779A6C51AF8F9068CC579276D045FF317D9B7540D9A39FA936004991CB06BA169012F75BAF0B8D6203470AF1BE5569341E462DF72FF4AFD9C24BCB7584C71C1766DFDD74FE13D98C176DC64979F4720C0A996226948C9DE5E1890C2E703168AB3B33D50C395F13CDE094300C4BB0ED86352950C238DDEB1A8412A2409B6C487F9CBBB110A754A7B4985CF55DE4FC5137CDF13F9B0E10768DF0A28D6628DFEC684A25439E5C943718E4E4CFC89A3DCE1B747F77A0CE08B98AC92705E8DD3A6EDD18FAEA2FBB4988C3CC947C8206DD67CF44BEF69B617E781E93501877F81E4CC2263DB0B5EEEFFF3FCFCD2AB6E34B724D755A9D5025C978AA679D806318EF9F81787D3C69FB2D25B0382A3A96F44216791D41CCC3DF04EBD19B84858F0935C1C774F4685C8114EBCA8C71946C35CB42B82AD56541E3B4AB0A47E0AD8FCF9073BCFB801EA84DDF5DF4426578561BC737C2469B34F275502BC0BD7AB018506FD8DD6A9477F1588C2F76FD82B2AD3740E7F161632C66B961737EB70E9B44F362F73C1F874F7C06C5370297E975D25E004D6090BD119915694AFB57427DDE7F50C81B9A1812E10FA39A01E2F2FF18C96FADEA62BF08FAB027A31D84E4C0267AF7E880B5A0608683542E9895DB15FA1ADA9F1D28569C8E27662CE912CD1869227F542C1F228C6A2226D4AC24673994AA453BF21A1961D17C7E29B297E8AF7A71C4E2957A603900A3B4947B7B59A70767EB9106C043A48EEFAC3CCDC0F78F559CDBE64328E3C21D33D30E6AAFF638761F988CD99C59ECBAC4276ACE22062F6903B4B78B45917829AAA0CF11D04272EB44385A3479AD7B6E3E94126CC35AE082A73AAE991670C5145576789B43055B5F9D457523B16032CC65B679BD5AA08657D719EAC3D0345812BFA599249E4719AA2DF1507916FA735535781F053C4CB92D28007CC8D621E571E957AED705C2D11724E6D4A3BE268FDCCA230A1BE9EDE75429F0B5F
28920170701082405 2 6 100 7679 2 E411B879FDA69428A30BDE74B417706E5936E16C5E1F2B64A07EAE1D69C857C23126701460740D93467EB3A3386827E658069CAC4D55CC4929493C193D53A0D91141135B2F0B19E659BB541883E569D38B329761EDF3C409D34A49870356F3723AD2F720383E49B1752B837DF80F48632A469A0A96AC8F02E5B766B590D722B5BD3ED9191BB70C1D4044A3D5CE850489216C3184D73BAE2B655D76B30EC1851951A756E2A45CD1FF82A83BDC1803005034BEB2EAC35FF7362831D8FBE02E07B1CCA351D47AD65B5282151FB2711A880410CED2C1CF205CC2072F6F244189F5BDB3AFDBA7FB02DD21C99D1EF72C1EF8BC6C68A273D16CB2D3CA190C30BDDEEAD7CA2E519F3AF806B5CBD436B971C1F1981EB35CB4007D129F43E660F7E47E807C889A1DC5FEFA7C304DB41B36982FEFB7390DC6C8E9474D3EEB84B3F757C367475EB1B4CB5B86F9507090F2CB37533E2B96BBC6F75B3BF1F4CECF18F67E7492A681845CF5AFA1B70FB3B0A09CDD3375BCF716CBF2A594533D157CB6C4008CF8C4818C9418E44A995028487B0346BD399BFB431CA94B3FC2AF9822520153105ADACEBE719CC24D1D043AC2AC24BD41759AA452000C43CB885D5F0D71DC2451A2C5C04B0B085BD23B5295B7A109DCD729C34479D51EAB4617FDD163128B25F5803B262C3D97E2D63B3E84D85B67ECDFDE6FA377E208BD2EF867072D341AC731338268AD82285DD6D219DE44EB0588E477CBFCD5F5C068D2FA877339424F324012D346C3E2B3C4408E4FD84535C5D4EA02137ABE0426BC4C3AD6EABAA221579CBA22023F8204ECCC98D143652DEBF5869CD73A81C0E4C6FC9A22F9E648B6783AA1D0F0A1F76B1C4E8692339A6A259F3D8419CF7FD22A26023678BFE4F70C79E7F113882E6C7A0606C5AA9094DB161683E43CCEC8C73FEBC7B82617B90541C2BC15EBA18B55E430373CF21DD235BA332EE6D7A6D042BAB4DEF94939AAD2A1F6FD235B09CA6CCFB45A614C79F3C83253B82BB73826DD22127F3F14292A9B682D607D6C9313DF5324712F976C8978AEDC97B40095E66BF850BCB83F477E1F5AB045844EA5CA0652C7C2C284B90FFDCAE2D5F3C165F66FCE871A5D0AFAA158E77099BFA7A969C8F3425E326D24E7E875D588B5E652ED331ABE4A72AFF7D89CFA9D55116B2610AEA4D1D16BCE1FE8D22849827677FEC8EC9864F5A4B874E7AA3228E31DACECA3ED7E1F31675CCA03E599E748BBCA483821DDC5F1C7ED376EDE7A650AD06CE3FC4E76062354B7D89093EBBF9717CED067846349E8BBEEC4CDDE0907F2DD1C31125F1DBB7B9A94E07677C4EBC756A5ED3D8DB30FB5772328272C6D1B5FB48B 28920171206024048 2 6 100 6143 5 EF730E8C844746DF23D55A6C9508EF59F158850FF4A3A24B3E29C95547FE16E3C3F7269D4096406935222EDC51BFDFE89B454D8C02F868FB297A1FBFEB61A5392779A6C51AF8F9068CC579276D045FF317D9B7540D9A39FA936004991CB06BA169012F75BAF0B8D6203470AF1BE5569341E462DF72FF4AFD9C24BCB7584C71C1766DFDD74FE13D98C176DC64979F4720C0A996226948C9DE5E1890C2E703168AB3B33D50C395F13CDE094300C4BB0ED86352950C238DDEB1A8412A2409B6C487F9CBBB110A754A7B4985CF55DE4FC5137CDF13F9B0E10768DF0A28D6628DFEC684A25439E5C943718E4E4CFC89A3DCE1B747F77A0CE08B98AC92705E8DD3A6EDD18FAEA2FBB4988C3CC947C8206DD67CF44BEF69B617E781E93501877F81E4CC2263DB0B5EEEFFF3FCFCD2AB6E34B724D755A9D5025C978AA679D806318EF9F81787D3C69FB2D25B0382A3A96F44216791D41CCC3DF04EBD19B84858F0935C1C774F4685C8114EBCA8C71946C35CB42B82AD56541E3B4AB0A47E0AD8FCF9073BCFB801EA84DDF5DF4426578561BC737C2469B34F275502BC0BD7AB018506FD8DD6A9477F1588C2F76FD82B2AD3740E7F161632C66B961737EB70E9B44F362F73C1F874F7C06C5370297E975D25E004D6090BD119915694AFB57427DDE7F50C81B9A1812E10FA39A01E2F2FF18C96FADEA62BF08FAB027A31D84E4C0267AF7E880B5A0608683542E9895DB15FA1ADA9F1D28569C8E27662CE912CD1869227F542C1F228C6A2226D4AC24673994AA453BF21A1961D17C7E29B297E8AF7A71C4E2957A603900A3B4947B7B59A70767EB9106C043A48EEFAC3CCDC0F78F559CDBE64328E3C21D33D30E6AAFF638761F988CD99C59ECBAC4276ACE22062F6903B4B78B45917829AAA0CF11D04272EB44385A3479AD7B6E3E94126CC35AE082A73AAE991670C5145576789B43055B5F9D457523B16032CC65B679BD5AA08657D719EAC3D0345812BFA599249E4719AA2DF1507916FA735535781F053C4CB92D28007CC8D621E571E957AED705C2D11724E6D4A3BE268FDCCA230A1BE9EDE7545C299D7
29020170701092427 2 6 100 7679 5 E411B879FDA69428A30BDE74B417706E5936E16C5E1F2B64A07EAE1D69C857C23126701460740D93467EB3A3386827E658069CAC4D55CC4929493C193D53A0D91141135B2F0B19E659BB541883E569D38B329761EDF3C409D34A49870356F3723AD2F720383E49B1752B837DF80F48632A469A0A96AC8F02E5B766B590D722B5BD3ED9191BB70C1D4044A3D5CE850489216C3184D73BAE2B655D76B30EC1851951A756E2A45CD1FF82A83BDC1803005034BEB2EAC35FF7362831D8FBE02E07B1CCA351D47AD65B5282151FB2711A880410CED2C1CF205CC2072F6F244189F5BDB3AFDBA7FB02DD21C99D1EF72C1EF8BC6C68A273D16CB2D3CA190C30BDDEEAD7CA2E519F3AF806B5CBD436B971C1F1981EB35CB4007D129F43E660F7E47E807C889A1DC5FEFA7C304DB41B36982FEFB7390DC6C8E9474D3EEB84B3F757C367475EB1B4CB5B86F9507090F2CB37533E2B96BBC6F75B3BF1F4CECF18F67E7492A681845CF5AFA1B70FB3B0A09CDD3375BCF716CBF2A594533D157CB6C4008CF8C4818C9418E44A995028487B0346BD399BFB431CA94B3FC2AF9822520153105ADACEBE719CC24D1D043AC2AC24BD41759AA452000C43CB885D5F0D71DC2451A2C5C04B0B085BD23B5295B7A109DCD729C34479D51EAB4617FDD163128B25F5803B262C3D97E2D63B3E84D85B67ECDFDE6FA377E208BD2EF867072D341AC731338268AD82285DD6D219DE44EB0588E477CBFCD5F5C068D2FA877339424F324012D346C3E2B3C4408E4FD84535C5D4EA02137ABE0426BC4C3AD6EABAA221579CBA22023F8204ECCC98D143652DEBF5869CD73A81C0E4C6FC9A22F9E648B6783AA1D0F0A1F76B1C4E8692339A6A259F3D8419CF7FD22A26023678BFE4F70C79E7F113882E6C7A0606C5AA9094DB161683E43CCEC8C73FEBC7B82617B90541C2BC15EBA18B55E430373CF21DD235BA332EE6D7A6D042BAB4DEF94939AAD2A1F6FD235B09CA6CCFB45A614C79F3C83253B82BB73826DD22127F3F14292A9B682D607D6C9313DF5324712F976C8978AEDC97B40095E66BF850BCB83F477E1F5AB045844EA5CA0652C7C2C284B90FFDCAE2D5F3C165F66FCE871A5D0AFAA158E77099BFA7A969C8F3425E326D24E7E875D588B5E652ED331ABE4A72AFF7D89CFA9D55116B2610AEA4D1D16BCE1FE8D22849827677FEC8EC9864F5A4B874E7AA3228E31DACECA3ED7E1F31675CCA03E599E748BBCA483821DDC5F1C7ED376EDE7A650AD06CE3FC4E76062354B7D89093EBBF9717CED067846349E8BBEEC4CDDE0907F2DD1C31125F1DBB7B9A94E07677C4EBC756A5ED3D8DB30FB5772328272C6D1C2B0E47 29020171206032820 2 6 100 6143 2 EF730E8C844746DF23D55A6C9508EF59F158850FF4A3A24B3E29C95547FE16E3C3F7269D4096406935222EDC51BFDFE89B454D8C02F868FB297A1FBFEB61A5392779A6C51AF8F9068CC579276D045FF317D9B7540D9A39FA936004991CB06BA169012F75BAF0B8D6203470AF1BE5569341E462DF72FF4AFD9C24BCB7584C71C1766DFDD74FE13D98C176DC64979F4720C0A996226948C9DE5E1890C2E703168AB3B33D50C395F13CDE094300C4BB0ED86352950C238DDEB1A8412A2409B6C487F9CBBB110A754A7B4985CF55DE4FC5137CDF13F9B0E10768DF0A28D6628DFEC684A25439E5C943718E4E4CFC89A3DCE1B747F77A0CE08B98AC92705E8DD3A6EDD18FAEA2FBB4988C3CC947C8206DD67CF44BEF69B617E781E93501877F81E4CC2263DB0B5EEEFFF3FCFCD2AB6E34B724D755A9D5025C978AA679D806318EF9F81787D3C69FB2D25B0382A3A96F44216791D41CCC3DF04EBD19B84858F0935C1C774F4685C8114EBCA8C71946C35CB42B82AD56541E3B4AB0A47E0AD8FCF9073BCFB801EA84DDF5DF4426578561BC737C2469B34F275502BC0BD7AB018506FD8DD6A9477F1588C2F76FD82B2AD3740E7F161632C66B961737EB70E9B44F362F73C1F874F7C06C5370297E975D25E004D6090BD119915694AFB57427DDE7F50C81B9A1812E10FA39A01E2F2FF18C96FADEA62BF08FAB027A31D84E4C0267AF7E880B5A0608683542E9895DB15FA1ADA9F1D28569C8E27662CE912CD1869227F542C1F228C6A2226D4AC24673994AA453BF21A1961D17C7E29B297E8AF7A71C4E2957A603900A3B4947B7B59A70767EB9106C043A48EEFAC3CCDC0F78F559CDBE64328E3C21D33D30E6AAFF638761F988CD99C59ECBAC4276ACE22062F6903B4B78B45917829AAA0CF11D04272EB44385A3479AD7B6E3E94126CC35AE082A73AAE991670C5145576789B43055B5F9D457523B16032CC65B679BD5AA08657D719EAC3D0345812BFA599249E4719AA2DF1507916FA735535781F053C4CB92D28007CC8D621E571E957AED705C2D11724E6D4A3BE268FDCCA230A1BE9EDE7546E1FE43
29120170701161137 2 6 100 7679 2 E411B879FDA69428A30BDE74B417706E5936E16C5E1F2B64A07EAE1D69C857C23126701460740D93467EB3A3386827E658069CAC4D55CC4929493C193D53A0D91141135B2F0B19E659BB541883E569D38B329761EDF3C409D34A49870356F3723AD2F720383E49B1752B837DF80F48632A469A0A96AC8F02E5B766B590D722B5BD3ED9191BB70C1D4044A3D5CE850489216C3184D73BAE2B655D76B30EC1851951A756E2A45CD1FF82A83BDC1803005034BEB2EAC35FF7362831D8FBE02E07B1CCA351D47AD65B5282151FB2711A880410CED2C1CF205CC2072F6F244189F5BDB3AFDBA7FB02DD21C99D1EF72C1EF8BC6C68A273D16CB2D3CA190C30BDDEEAD7CA2E519F3AF806B5CBD436B971C1F1981EB35CB4007D129F43E660F7E47E807C889A1DC5FEFA7C304DB41B36982FEFB7390DC6C8E9474D3EEB84B3F757C367475EB1B4CB5B86F9507090F2CB37533E2B96BBC6F75B3BF1F4CECF18F67E7492A681845CF5AFA1B70FB3B0A09CDD3375BCF716CBF2A594533D157CB6C4008CF8C4818C9418E44A995028487B0346BD399BFB431CA94B3FC2AF9822520153105ADACEBE719CC24D1D043AC2AC24BD41759AA452000C43CB885D5F0D71DC2451A2C5C04B0B085BD23B5295B7A109DCD729C34479D51EAB4617FDD163128B25F5803B262C3D97E2D63B3E84D85B67ECDFDE6FA377E208BD2EF867072D341AC731338268AD82285DD6D219DE44EB0588E477CBFCD5F5C068D2FA877339424F324012D346C3E2B3C4408E4FD84535C5D4EA02137ABE0426BC4C3AD6EABAA221579CBA22023F8204ECCC98D143652DEBF5869CD73A81C0E4C6FC9A22F9E648B6783AA1D0F0A1F76B1C4E8692339A6A259F3D8419CF7FD22A26023678BFE4F70C79E7F113882E6C7A0606C5AA9094DB161683E43CCEC8C73FEBC7B82617B90541C2BC15EBA18B55E430373CF21DD235BA332EE6D7A6D042BAB4DEF94939AAD2A1F6FD235B09CA6CCFB45A614C79F3C83253B82BB73826DD22127F3F14292A9B682D607D6C9313DF5324712F976C8978AEDC97B40095E66BF850BCB83F477E1F5AB045844EA5CA0652C7C2C284B90FFDCAE2D5F3C165F66FCE871A5D0AFAA158E77099BFA7A969C8F3425E326D24E7E875D588B5E652ED331ABE4A72AFF7D89CFA9D55116B2610AEA4D1D16BCE1FE8D22849827677FEC8EC9864F5A4B874E7AA3228E31DACECA3ED7E1F31675CCA03E599E748BBCA483821DDC5F1C7ED376EDE7A650AD06CE3FC4E76062354B7D89093EBBF9717CED067846349E8BBEEC4CDDE0907F2DD1C31125F1DBB7B9A94E07677C4EBC756A5ED3D8DB30FB5772328272C6D21ABD21B 29120171206033917 2 6 100 6143 5 EF730E8C844746DF23D55A6C9508EF59F158850FF4A3A24B3E29C95547FE16E3C3F7269D4096406935222EDC51BFDFE89B454D8C02F868FB297A1FBFEB61A5392779A6C51AF8F9068CC579276D045FF317D9B7540D9A39FA936004991CB06BA169012F75BAF0B8D6203470AF1BE5569341E462DF72FF4AFD9C24BCB7584C71C1766DFDD74FE13D98C176DC64979F4720C0A996226948C9DE5E1890C2E703168AB3B33D50C395F13CDE094300C4BB0ED86352950C238DDEB1A8412A2409B6C487F9CBBB110A754A7B4985CF55DE4FC5137CDF13F9B0E10768DF0A28D6628DFEC684A25439E5C943718E4E4CFC89A3DCE1B747F77A0CE08B98AC92705E8DD3A6EDD18FAEA2FBB4988C3CC947C8206DD67CF44BEF69B617E781E93501877F81E4CC2263DB0B5EEEFFF3FCFCD2AB6E34B724D755A9D5025C978AA679D806318EF9F81787D3C69FB2D25B0382A3A96F44216791D41CCC3DF04EBD19B84858F0935C1C774F4685C8114EBCA8C71946C35CB42B82AD56541E3B4AB0A47E0AD8FCF9073BCFB801EA84DDF5DF4426578561BC737C2469B34F275502BC0BD7AB018506FD8DD6A9477F1588C2F76FD82B2AD3740E7F161632C66B961737EB70E9B44F362F73C1F874F7C06C5370297E975D25E004D6090BD119915694AFB57427DDE7F50C81B9A1812E10FA39A01E2F2FF18C96FADEA62BF08FAB027A31D84E4C0267AF7E880B5A0608683542E9895DB15FA1ADA9F1D28569C8E27662CE912CD1869227F542C1F228C6A2226D4AC24673994AA453BF21A1961D17C7E29B297E8AF7A71C4E2957A603900A3B4947B7B59A70767EB9106C043A48EEFAC3CCDC0F78F559CDBE64328E3C21D33D30E6AAFF638761F988CD99C59ECBAC4276ACE22062F6903B4B78B45917829AAA0CF11D04272EB44385A3479AD7B6E3E94126CC35AE082A73AAE991670C5145576789B43055B5F9D457523B16032CC65B679BD5AA08657D719EAC3D0345812BFA599249E4719AA2DF1507916FA735535781F053C4CB92D28007CC8D621E571E957AED705C2D11724E6D4A3BE268FDCCA230A1BE9EDE75471CD4D7
29220170702022204 2 6 100 7679 2 E411B879FDA69428A30BDE74B417706E5936E16C5E1F2B64A07EAE1D69C857C23126701460740D93467EB3A3386827E658069CAC4D55CC4929493C193D53A0D91141135B2F0B19E659BB541883E569D38B329761EDF3C409D34A49870356F3723AD2F720383E49B1752B837DF80F48632A469A0A96AC8F02E5B766B590D722B5BD3ED9191BB70C1D4044A3D5CE850489216C3184D73BAE2B655D76B30EC1851951A756E2A45CD1FF82A83BDC1803005034BEB2EAC35FF7362831D8FBE02E07B1CCA351D47AD65B5282151FB2711A880410CED2C1CF205CC2072F6F244189F5BDB3AFDBA7FB02DD21C99D1EF72C1EF8BC6C68A273D16CB2D3CA190C30BDDEEAD7CA2E519F3AF806B5CBD436B971C1F1981EB35CB4007D129F43E660F7E47E807C889A1DC5FEFA7C304DB41B36982FEFB7390DC6C8E9474D3EEB84B3F757C367475EB1B4CB5B86F9507090F2CB37533E2B96BBC6F75B3BF1F4CECF18F67E7492A681845CF5AFA1B70FB3B0A09CDD3375BCF716CBF2A594533D157CB6C4008CF8C4818C9418E44A995028487B0346BD399BFB431CA94B3FC2AF9822520153105ADACEBE719CC24D1D043AC2AC24BD41759AA452000C43CB885D5F0D71DC2451A2C5C04B0B085BD23B5295B7A109DCD729C34479D51EAB4617FDD163128B25F5803B262C3D97E2D63B3E84D85B67ECDFDE6FA377E208BD2EF867072D341AC731338268AD82285DD6D219DE44EB0588E477CBFCD5F5C068D2FA877339424F324012D346C3E2B3C4408E4FD84535C5D4EA02137ABE0426BC4C3AD6EABAA221579CBA22023F8204ECCC98D143652DEBF5869CD73A81C0E4C6FC9A22F9E648B6783AA1D0F0A1F76B1C4E8692339A6A259F3D8419CF7FD22A26023678BFE4F70C79E7F113882E6C7A0606C5AA9094DB161683E43CCEC8C73FEBC7B82617B90541C2BC15EBA18B55E430373CF21DD235BA332EE6D7A6D042BAB4DEF94939AAD2A1F6FD235B09CA6CCFB45A614C79F3C83253B82BB73826DD22127F3F14292A9B682D607D6C9313DF5324712F976C8978AEDC97B40095E66BF850BCB83F477E1F5AB045844EA5CA0652C7C2C284B90FFDCAE2D5F3C165F66FCE871A5D0AFAA158E77099BFA7A969C8F3425E326D24E7E875D588B5E652ED331ABE4A72AFF7D89CFA9D55116B2610AEA4D1D16BCE1FE8D22849827677FEC8EC9864F5A4B874E7AA3228E31DACECA3ED7E1F31675CCA03E599E748BBCA483821DDC5F1C7ED376EDE7A650AD06CE3FC4E76062354B7D89093EBBF9717CED067846349E8BBEEC4CDDE0907F2DD1C31125F1DBB7B9A94E07677C4EBC756A5ED3D8DB30FB5772328272C6D29CF7033 29220171206045008 2 6 100 6143 5 EF730E8C844746DF23D55A6C9508EF59F158850FF4A3A24B3E29C95547FE16E3C3F7269D4096406935222EDC51BFDFE89B454D8C02F868FB297A1FBFEB61A5392779A6C51AF8F9068CC579276D045FF317D9B7540D9A39FA936004991CB06BA169012F75BAF0B8D6203470AF1BE5569341E462DF72FF4AFD9C24BCB7584C71C1766DFDD74FE13D98C176DC64979F4720C0A996226948C9DE5E1890C2E703168AB3B33D50C395F13CDE094300C4BB0ED86352950C238DDEB1A8412A2409B6C487F9CBBB110A754A7B4985CF55DE4FC5137CDF13F9B0E10768DF0A28D6628DFEC684A25439E5C943718E4E4CFC89A3DCE1B747F77A0CE08B98AC92705E8DD3A6EDD18FAEA2FBB4988C3CC947C8206DD67CF44BEF69B617E781E93501877F81E4CC2263DB0B5EEEFFF3FCFCD2AB6E34B724D755A9D5025C978AA679D806318EF9F81787D3C69FB2D25B0382A3A96F44216791D41CCC3DF04EBD19B84858F0935C1C774F4685C8114EBCA8C71946C35CB42B82AD56541E3B4AB0A47E0AD8FCF9073BCFB801EA84DDF5DF4426578561BC737C2469B34F275502BC0BD7AB018506FD8DD6A9477F1588C2F76FD82B2AD3740E7F161632C66B961737EB70E9B44F362F73C1F874F7C06C5370297E975D25E004D6090BD119915694AFB57427DDE7F50C81B9A1812E10FA39A01E2F2FF18C96FADEA62BF08FAB027A31D84E4C0267AF7E880B5A0608683542E9895DB15FA1ADA9F1D28569C8E27662CE912CD1869227F542C1F228C6A2226D4AC24673994AA453BF21A1961D17C7E29B297E8AF7A71C4E2957A603900A3B4947B7B59A70767EB9106C043A48EEFAC3CCDC0F78F559CDBE64328E3C21D33D30E6AAFF638761F988CD99C59ECBAC4276ACE22062F6903B4B78B45917829AAA0CF11D04272EB44385A3479AD7B6E3E94126CC35AE082A73AAE991670C5145576789B43055B5F9D457523B16032CC65B679BD5AA08657D719EAC3D0345812BFA599249E4719AA2DF1507916FA735535781F053C4CB92D28007CC8D621E571E957AED705C2D11724E6D4A3BE268FDCCA230A1BE9EDE7548C1EC97
29320170702023811 2 6 100 7679 5 E411B879FDA69428A30BDE74B417706E5936E16C5E1F2B64A07EAE1D69C857C23126701460740D93467EB3A3386827E658069CAC4D55CC4929493C193D53A0D91141135B2F0B19E659BB541883E569D38B329761EDF3C409D34A49870356F3723AD2F720383E49B1752B837DF80F48632A469A0A96AC8F02E5B766B590D722B5BD3ED9191BB70C1D4044A3D5CE850489216C3184D73BAE2B655D76B30EC1851951A756E2A45CD1FF82A83BDC1803005034BEB2EAC35FF7362831D8FBE02E07B1CCA351D47AD65B5282151FB2711A880410CED2C1CF205CC2072F6F244189F5BDB3AFDBA7FB02DD21C99D1EF72C1EF8BC6C68A273D16CB2D3CA190C30BDDEEAD7CA2E519F3AF806B5CBD436B971C1F1981EB35CB4007D129F43E660F7E47E807C889A1DC5FEFA7C304DB41B36982FEFB7390DC6C8E9474D3EEB84B3F757C367475EB1B4CB5B86F9507090F2CB37533E2B96BBC6F75B3BF1F4CECF18F67E7492A681845CF5AFA1B70FB3B0A09CDD3375BCF716CBF2A594533D157CB6C4008CF8C4818C9418E44A995028487B0346BD399BFB431CA94B3FC2AF9822520153105ADACEBE719CC24D1D043AC2AC24BD41759AA452000C43CB885D5F0D71DC2451A2C5C04B0B085BD23B5295B7A109DCD729C34479D51EAB4617FDD163128B25F5803B262C3D97E2D63B3E84D85B67ECDFDE6FA377E208BD2EF867072D341AC731338268AD82285DD6D219DE44EB0588E477CBFCD5F5C068D2FA877339424F324012D346C3E2B3C4408E4FD84535C5D4EA02137ABE0426BC4C3AD6EABAA221579CBA22023F8204ECCC98D143652DEBF5869CD73A81C0E4C6FC9A22F9E648B6783AA1D0F0A1F76B1C4E8692339A6A259F3D8419CF7FD22A26023678BFE4F70C79E7F113882E6C7A0606C5AA9094DB161683E43CCEC8C73FEBC7B82617B90541C2BC15EBA18B55E430373CF21DD235BA332EE6D7A6D042BAB4DEF94939AAD2A1F6FD235B09CA6CCFB45A614C79F3C83253B82BB73826DD22127F3F14292A9B682D607D6C9313DF5324712F976C8978AEDC97B40095E66BF850BCB83F477E1F5AB045844EA5CA0652C7C2C284B90FFDCAE2D5F3C165F66FCE871A5D0AFAA158E77099BFA7A969C8F3425E326D24E7E875D588B5E652ED331ABE4A72AFF7D89CFA9D55116B2610AEA4D1D16BCE1FE8D22849827677FEC8EC9864F5A4B874E7AA3228E31DACECA3ED7E1F31675CCA03E599E748BBCA483821DDC5F1C7ED376EDE7A650AD06CE3FC4E76062354B7D89093EBBF9717CED067846349E8BBEEC4CDDE0907F2DD1C31125F1DBB7B9A94E07677C4EBC756A5ED3D8DB30FB5772328272C6D29FB9AAF 29320171206052722 2 6 100 6143 2 EF730E8C844746DF23D55A6C9508EF59F158850FF4A3A24B3E29C95547FE16E3C3F7269D4096406935222EDC51BFDFE89B454D8C02F868FB297A1FBFEB61A5392779A6C51AF8F9068CC579276D045FF317D9B7540D9A39FA936004991CB06BA169012F75BAF0B8D6203470AF1BE5569341E462DF72FF4AFD9C24BCB7584C71C1766DFDD74FE13D98C176DC64979F4720C0A996226948C9DE5E1890C2E703168AB3B33D50C395F13CDE094300C4BB0ED86352950C238DDEB1A8412A2409B6C487F9CBBB110A754A7B4985CF55DE4FC5137CDF13F9B0E10768DF0A28D6628DFEC684A25439E5C943718E4E4CFC89A3DCE1B747F77A0CE08B98AC92705E8DD3A6EDD18FAEA2FBB4988C3CC947C8206DD67CF44BEF69B617E781E93501877F81E4CC2263DB0B5EEEFFF3FCFCD2AB6E34B724D755A9D5025C978AA679D806318EF9F81787D3C69FB2D25B0382A3A96F44216791D41CCC3DF04EBD19B84858F0935C1C774F4685C8114EBCA8C71946C35CB42B82AD56541E3B4AB0A47E0AD8FCF9073BCFB801EA84DDF5DF4426578561BC737C2469B34F275502BC0BD7AB018506FD8DD6A9477F1588C2F76FD82B2AD3740E7F161632C66B961737EB70E9B44F362F73C1F874F7C06C5370297E975D25E004D6090BD119915694AFB57427DDE7F50C81B9A1812E10FA39A01E2F2FF18C96FADEA62BF08FAB027A31D84E4C0267AF7E880B5A0608683542E9895DB15FA1ADA9F1D28569C8E27662CE912CD1869227F542C1F228C6A2226D4AC24673994AA453BF21A1961D17C7E29B297E8AF7A71C4E2957A603900A3B4947B7B59A70767EB9106C043A48EEFAC3CCDC0F78F559CDBE64328E3C21D33D30E6AAFF638761F988CD99C59ECBAC4276ACE22062F6903B4B78B45917829AAA0CF11D04272EB44385A3479AD7B6E3E94126CC35AE082A73AAE991670C5145576789B43055B5F9D457523B16032CC65B679BD5AA08657D719EAC3D0345812BFA599249E4719AA2DF1507916FA735535781F053C4CB92D28007CC8D621E571E957AED705C2D11724E6D4A3BE268FDCCA230A1BE9EDE7549823083
29420170702062241 2 6 100 7679 2 E411B879FDA69428A30BDE74B417706E5936E16C5E1F2B64A07EAE1D69C857C23126701460740D93467EB3A3386827E658069CAC4D55CC4929493C193D53A0D91141135B2F0B19E659BB541883E569D38B329761EDF3C409D34A49870356F3723AD2F720383E49B1752B837DF80F48632A469A0A96AC8F02E5B766B590D722B5BD3ED9191BB70C1D4044A3D5CE850489216C3184D73BAE2B655D76B30EC1851951A756E2A45CD1FF82A83BDC1803005034BEB2EAC35FF7362831D8FBE02E07B1CCA351D47AD65B5282151FB2711A880410CED2C1CF205CC2072F6F244189F5BDB3AFDBA7FB02DD21C99D1EF72C1EF8BC6C68A273D16CB2D3CA190C30BDDEEAD7CA2E519F3AF806B5CBD436B971C1F1981EB35CB4007D129F43E660F7E47E807C889A1DC5FEFA7C304DB41B36982FEFB7390DC6C8E9474D3EEB84B3F757C367475EB1B4CB5B86F9507090F2CB37533E2B96BBC6F75B3BF1F4CECF18F67E7492A681845CF5AFA1B70FB3B0A09CDD3375BCF716CBF2A594533D157CB6C4008CF8C4818C9418E44A995028487B0346BD399BFB431CA94B3FC2AF9822520153105ADACEBE719CC24D1D043AC2AC24BD41759AA452000C43CB885D5F0D71DC2451A2C5C04B0B085BD23B5295B7A109DCD729C34479D51EAB4617FDD163128B25F5803B262C3D97E2D63B3E84D85B67ECDFDE6FA377E208BD2EF867072D341AC731338268AD82285DD6D219DE44EB0588E477CBFCD5F5C068D2FA877339424F324012D346C3E2B3C4408E4FD84535C5D4EA02137ABE0426BC4C3AD6EABAA221579CBA22023F8204ECCC98D143652DEBF5869CD73A81C0E4C6FC9A22F9E648B6783AA1D0F0A1F76B1C4E8692339A6A259F3D8419CF7FD22A26023678BFE4F70C79E7F113882E6C7A0606C5AA9094DB161683E43CCEC8C73FEBC7B82617B90541C2BC15EBA18B55E430373CF21DD235BA332EE6D7A6D042BAB4DEF94939AAD2A1F6FD235B09CA6CCFB45A614C79F3C83253B82BB73826DD22127F3F14292A9B682D607D6C9313DF5324712F976C8978AEDC97B40095E66BF850BCB83F477E1F5AB045844EA5CA0652C7C2C284B90FFDCAE2D5F3C165F66FCE871A5D0AFAA158E77099BFA7A969C8F3425E326D24E7E875D588B5E652ED331ABE4A72AFF7D89CFA9D55116B2610AEA4D1D16BCE1FE8D22849827677FEC8EC9864F5A4B874E7AA3228E31DACECA3ED7E1F31675CCA03E599E748BBCA483821DDC5F1C7ED376EDE7A650AD06CE3FC4E76062354B7D89093EBBF9717CED067846349E8BBEEC4CDDE0907F2DD1C31125F1DBB7B9A94E07677C4EBC756A5ED3D8DB30FB5772328272C6D2CED4213 29420171206065709 2 6 100 6143 5 EF730E8C844746DF23D55A6C9508EF59F158850FF4A3A24B3E29C95547FE16E3C3F7269D4096406935222EDC51BFDFE89B454D8C02F868FB297A1FBFEB61A5392779A6C51AF8F9068CC579276D045FF317D9B7540D9A39FA936004991CB06BA169012F75BAF0B8D6203470AF1BE5569341E462DF72FF4AFD9C24BCB7584C71C1766DFDD74FE13D98C176DC64979F4720C0A996226948C9DE5E1890C2E703168AB3B33D50C395F13CDE094300C4BB0ED86352950C238DDEB1A8412A2409B6C487F9CBBB110A754A7B4985CF55DE4FC5137CDF13F9B0E10768DF0A28D6628DFEC684A25439E5C943718E4E4CFC89A3DCE1B747F77A0CE08B98AC92705E8DD3A6EDD18FAEA2FBB4988C3CC947C8206DD67CF44BEF69B617E781E93501877F81E4CC2263DB0B5EEEFFF3FCFCD2AB6E34B724D755A9D5025C978AA679D806318EF9F81787D3C69FB2D25B0382A3A96F44216791D41CCC3DF04EBD19B84858F0935C1C774F4685C8114EBCA8C71946C35CB42B82AD56541E3B4AB0A47E0AD8FCF9073BCFB801EA84DDF5DF4426578561BC737C2469B34F275502BC0BD7AB018506FD8DD6A9477F1588C2F76FD82B2AD3740E7F161632C66B961737EB70E9B44F362F73C1F874F7C06C5370297E975D25E004D6090BD119915694AFB57427DDE7F50C81B9A1812E10FA39A01E2F2FF18C96FADEA62BF08FAB027A31D84E4C0267AF7E880B5A0608683542E9895DB15FA1ADA9F1D28569C8E27662CE912CD1869227F542C1F228C6A2226D4AC24673994AA453BF21A1961D17C7E29B297E8AF7A71C4E2957A603900A3B4947B7B59A70767EB9106C043A48EEFAC3CCDC0F78F559CDBE64328E3C21D33D30E6AAFF638761F988CD99C59ECBAC4276ACE22062F6903B4B78B45917829AAA0CF11D04272EB44385A3479AD7B6E3E94126CC35AE082A73AAE991670C5145576789B43055B5F9D457523B16032CC65B679BD5AA08657D719EAC3D0345812BFA599249E4719AA2DF1507916FA735535781F053C4CB92D28007CC8D621E571E957AED705C2D11724E6D4A3BE268FDCCA230A1BE9EDE754B6C9C7F
29520170702082528 2 6 100 7679 5 E411B879FDA69428A30BDE74B417706E5936E16C5E1F2B64A07EAE1D69C857C23126701460740D93467EB3A3386827E658069CAC4D55CC4929493C193D53A0D91141135B2F0B19E659BB541883E569D38B329761EDF3C409D34A49870356F3723AD2F720383E49B1752B837DF80F48632A469A0A96AC8F02E5B766B590D722B5BD3ED9191BB70C1D4044A3D5CE850489216C3184D73BAE2B655D76B30EC1851951A756E2A45CD1FF82A83BDC1803005034BEB2EAC35FF7362831D8FBE02E07B1CCA351D47AD65B5282151FB2711A880410CED2C1CF205CC2072F6F244189F5BDB3AFDBA7FB02DD21C99D1EF72C1EF8BC6C68A273D16CB2D3CA190C30BDDEEAD7CA2E519F3AF806B5CBD436B971C1F1981EB35CB4007D129F43E660F7E47E807C889A1DC5FEFA7C304DB41B36982FEFB7390DC6C8E9474D3EEB84B3F757C367475EB1B4CB5B86F9507090F2CB37533E2B96BBC6F75B3BF1F4CECF18F67E7492A681845CF5AFA1B70FB3B0A09CDD3375BCF716CBF2A594533D157CB6C4008CF8C4818C9418E44A995028487B0346BD399BFB431CA94B3FC2AF9822520153105ADACEBE719CC24D1D043AC2AC24BD41759AA452000C43CB885D5F0D71DC2451A2C5C04B0B085BD23B5295B7A109DCD729C34479D51EAB4617FDD163128B25F5803B262C3D97E2D63B3E84D85B67ECDFDE6FA377E208BD2EF867072D341AC731338268AD82285DD6D219DE44EB0588E477CBFCD5F5C068D2FA877339424F324012D346C3E2B3C4408E4FD84535C5D4EA02137ABE0426BC4C3AD6EABAA221579CBA22023F8204ECCC98D143652DEBF5869CD73A81C0E4C6FC9A22F9E648B6783AA1D0F0A1F76B1C4E8692339A6A259F3D8419CF7FD22A26023678BFE4F70C79E7F113882E6C7A0606C5AA9094DB161683E43CCEC8C73FEBC7B82617B90541C2BC15EBA18B55E430373CF21DD235BA332EE6D7A6D042BAB4DEF94939AAD2A1F6FD235B09CA6CCFB45A614C79F3C83253B82BB73826DD22127F3F14292A9B682D607D6C9313DF5324712F976C8978AEDC97B40095E66BF850BCB83F477E1F5AB045844EA5CA0652C7C2C284B90FFDCAE2D5F3C165F66FCE871A5D0AFAA158E77099BFA7A969C8F3425E326D24E7E875D588B5E652ED331ABE4A72AFF7D89CFA9D55116B2610AEA4D1D16BCE1FE8D22849827677FEC8EC9864F5A4B874E7AA3228E31DACECA3ED7E1F31675CCA03E599E748BBCA483821DDC5F1C7ED376EDE7A650AD06CE3FC4E76062354B7D89093EBBF9717CED067846349E8BBEEC4CDDE0907F2DD1C31125F1DBB7B9A94E07677C4EBC756A5ED3D8DB30FB5772328272C6D2E88DA5F 29520171206083216 2 6 100 6143 5 EF730E8C844746DF23D55A6C9508EF59F158850FF4A3A24B3E29C95547FE16E3C3F7269D4096406935222EDC51BFDFE89B454D8C02F868FB297A1FBFEB61A5392779A6C51AF8F9068CC579276D045FF317D9B7540D9A39FA936004991CB06BA169012F75BAF0B8D6203470AF1BE5569341E462DF72FF4AFD9C24BCB7584C71C1766DFDD74FE13D98C176DC64979F4720C0A996226948C9DE5E1890C2E703168AB3B33D50C395F13CDE094300C4BB0ED86352950C238DDEB1A8412A2409B6C487F9CBBB110A754A7B4985CF55DE4FC5137CDF13F9B0E10768DF0A28D6628DFEC684A25439E5C943718E4E4CFC89A3DCE1B747F77A0CE08B98AC92705E8DD3A6EDD18FAEA2FBB4988C3CC947C8206DD67CF44BEF69B617E781E93501877F81E4CC2263DB0B5EEEFFF3FCFCD2AB6E34B724D755A9D5025C978AA679D806318EF9F81787D3C69FB2D25B0382A3A96F44216791D41CCC3DF04EBD19B84858F0935C1C774F4685C8114EBCA8C71946C35CB42B82AD56541E3B4AB0A47E0AD8FCF9073BCFB801EA84DDF5DF4426578561BC737C2469B34F275502BC0BD7AB018506FD8DD6A9477F1588C2F76FD82B2AD3740E7F161632C66B961737EB70E9B44F362F73C1F874F7C06C5370297E975D25E004D6090BD119915694AFB57427DDE7F50C81B9A1812E10FA39A01E2F2FF18C96FADEA62BF08FAB027A31D84E4C0267AF7E880B5A0608683542E9895DB15FA1ADA9F1D28569C8E27662CE912CD1869227F542C1F228C6A2226D4AC24673994AA453BF21A1961D17C7E29B297E8AF7A71C4E2957A603900A3B4947B7B59A70767EB9106C043A48EEFAC3CCDC0F78F559CDBE64328E3C21D33D30E6AAFF638761F988CD99C59ECBAC4276ACE22062F6903B4B78B45917829AAA0CF11D04272EB44385A3479AD7B6E3E94126CC35AE082A73AAE991670C5145576789B43055B5F9D457523B16032CC65B679BD5AA08657D719EAC3D0345812BFA599249E4719AA2DF1507916FA735535781F053C4CB92D28007CC8D621E571E957AED705C2D11724E6D4A3BE268FDCCA230A1BE9EDE754D96E15F
29620170702151719 2 6 100 7679 5 E411B879FDA69428A30BDE74B417706E5936E16C5E1F2B64A07EAE1D69C857C23126701460740D93467EB3A3386827E658069CAC4D55CC4929493C193D53A0D91141135B2F0B19E659BB541883E569D38B329761EDF3C409D34A49870356F3723AD2F720383E49B1752B837DF80F48632A469A0A96AC8F02E5B766B590D722B5BD3ED9191BB70C1D4044A3D5CE850489216C3184D73BAE2B655D76B30EC1851951A756E2A45CD1FF82A83BDC1803005034BEB2EAC35FF7362831D8FBE02E07B1CCA351D47AD65B5282151FB2711A880410CED2C1CF205CC2072F6F244189F5BDB3AFDBA7FB02DD21C99D1EF72C1EF8BC6C68A273D16CB2D3CA190C30BDDEEAD7CA2E519F3AF806B5CBD436B971C1F1981EB35CB4007D129F43E660F7E47E807C889A1DC5FEFA7C304DB41B36982FEFB7390DC6C8E9474D3EEB84B3F757C367475EB1B4CB5B86F9507090F2CB37533E2B96BBC6F75B3BF1F4CECF18F67E7492A681845CF5AFA1B70FB3B0A09CDD3375BCF716CBF2A594533D157CB6C4008CF8C4818C9418E44A995028487B0346BD399BFB431CA94B3FC2AF9822520153105ADACEBE719CC24D1D043AC2AC24BD41759AA452000C43CB885D5F0D71DC2451A2C5C04B0B085BD23B5295B7A109DCD729C34479D51EAB4617FDD163128B25F5803B262C3D97E2D63B3E84D85B67ECDFDE6FA377E208BD2EF867072D341AC731338268AD82285DD6D219DE44EB0588E477CBFCD5F5C068D2FA877339424F324012D346C3E2B3C4408E4FD84535C5D4EA02137ABE0426BC4C3AD6EABAA221579CBA22023F8204ECCC98D143652DEBF5869CD73A81C0E4C6FC9A22F9E648B6783AA1D0F0A1F76B1C4E8692339A6A259F3D8419CF7FD22A26023678BFE4F70C79E7F113882E6C7A0606C5AA9094DB161683E43CCEC8C73FEBC7B82617B90541C2BC15EBA18B55E430373CF21DD235BA332EE6D7A6D042BAB4DEF94939AAD2A1F6FD235B09CA6CCFB45A614C79F3C83253B82BB73826DD22127F3F14292A9B682D607D6C9313DF5324712F976C8978AEDC97B40095E66BF850BCB83F477E1F5AB045844EA5CA0652C7C2C284B90FFDCAE2D5F3C165F66FCE871A5D0AFAA158E77099BFA7A969C8F3425E326D24E7E875D588B5E652ED331ABE4A72AFF7D89CFA9D55116B2610AEA4D1D16BCE1FE8D22849827677FEC8EC9864F5A4B874E7AA3228E31DACECA3ED7E1F31675CCA03E599E748BBCA483821DDC5F1C7ED376EDE7A650AD06CE3FC4E76062354B7D89093EBBF9717CED067846349E8BBEEC4CDDE0907F2DD1C31125F1DBB7B9A94E07677C4EBC756A5ED3D8DB30FB5772328272C6D33FAA757 29620171206085625 2 6 100 6143 5 EF730E8C844746DF23D55A6C9508EF59F158850FF4A3A24B3E29C95547FE16E3C3F7269D4096406935222EDC51BFDFE89B454D8C02F868FB297A1FBFEB61A5392779A6C51AF8F9068CC579276D045FF317D9B7540D9A39FA936004991CB06BA169012F75BAF0B8D6203470AF1BE5569341E462DF72FF4AFD9C24BCB7584C71C1766DFDD74FE13D98C176DC64979F4720C0A996226948C9DE5E1890C2E703168AB3B33D50C395F13CDE094300C4BB0ED86352950C238DDEB1A8412A2409B6C487F9CBBB110A754A7B4985CF55DE4FC5137CDF13F9B0E10768DF0A28D6628DFEC684A25439E5C943718E4E4CFC89A3DCE1B747F77A0CE08B98AC92705E8DD3A6EDD18FAEA2FBB4988C3CC947C8206DD67CF44BEF69B617E781E93501877F81E4CC2263DB0B5EEEFFF3FCFCD2AB6E34B724D755A9D5025C978AA679D806318EF9F81787D3C69FB2D25B0382A3A96F44216791D41CCC3DF04EBD19B84858F0935C1C774F4685C8114EBCA8C71946C35CB42B82AD56541E3B4AB0A47E0AD8FCF9073BCFB801EA84DDF5DF4426578561BC737C2469B34F275502BC0BD7AB018506FD8DD6A9477F1588C2F76FD82B2AD3740E7F161632C66B961737EB70E9B44F362F73C1F874F7C06C5370297E975D25E004D6090BD119915694AFB57427DDE7F50C81B9A1812E10FA39A01E2F2FF18C96FADEA62BF08FAB027A31D84E4C0267AF7E880B5A0608683542E9895DB15FA1ADA9F1D28569C8E27662CE912CD1869227F542C1F228C6A2226D4AC24673994AA453BF21A1961D17C7E29B297E8AF7A71C4E2957A603900A3B4947B7B59A70767EB9106C043A48EEFAC3CCDC0F78F559CDBE64328E3C21D33D30E6AAFF638761F988CD99C59ECBAC4276ACE22062F6903B4B78B45917829AAA0CF11D04272EB44385A3479AD7B6E3E94126CC35AE082A73AAE991670C5145576789B43055B5F9D457523B16032CC65B679BD5AA08657D719EAC3D0345812BFA599249E4719AA2DF1507916FA735535781F053C4CB92D28007CC8D621E571E957AED705C2D11724E6D4A3BE268FDCCA230A1BE9EDE754E17B6B7
29720170702175101 2 6 100 7679 2 E411B879FDA69428A30BDE74B417706E5936E16C5E1F2B64A07EAE1D69C857C23126701460740D93467EB3A3386827E658069CAC4D55CC4929493C193D53A0D91141135B2F0B19E659BB541883E569D38B329761EDF3C409D34A49870356F3723AD2F720383E49B1752B837DF80F48632A469A0A96AC8F02E5B766B590D722B5BD3ED9191BB70C1D4044A3D5CE850489216C3184D73BAE2B655D76B30EC1851951A756E2A45CD1FF82A83BDC1803005034BEB2EAC35FF7362831D8FBE02E07B1CCA351D47AD65B5282151FB2711A880410CED2C1CF205CC2072F6F244189F5BDB3AFDBA7FB02DD21C99D1EF72C1EF8BC6C68A273D16CB2D3CA190C30BDDEEAD7CA2E519F3AF806B5CBD436B971C1F1981EB35CB4007D129F43E660F7E47E807C889A1DC5FEFA7C304DB41B36982FEFB7390DC6C8E9474D3EEB84B3F757C367475EB1B4CB5B86F9507090F2CB37533E2B96BBC6F75B3BF1F4CECF18F67E7492A681845CF5AFA1B70FB3B0A09CDD3375BCF716CBF2A594533D157CB6C4008CF8C4818C9418E44A995028487B0346BD399BFB431CA94B3FC2AF9822520153105ADACEBE719CC24D1D043AC2AC24BD41759AA452000C43CB885D5F0D71DC2451A2C5C04B0B085BD23B5295B7A109DCD729C34479D51EAB4617FDD163128B25F5803B262C3D97E2D63B3E84D85B67ECDFDE6FA377E208BD2EF867072D341AC731338268AD82285DD6D219DE44EB0588E477CBFCD5F5C068D2FA877339424F324012D346C3E2B3C4408E4FD84535C5D4EA02137ABE0426BC4C3AD6EABAA221579CBA22023F8204ECCC98D143652DEBF5869CD73A81C0E4C6FC9A22F9E648B6783AA1D0F0A1F76B1C4E8692339A6A259F3D8419CF7FD22A26023678BFE4F70C79E7F113882E6C7A0606C5AA9094DB161683E43CCEC8C73FEBC7B82617B90541C2BC15EBA18B55E430373CF21DD235BA332EE6D7A6D042BAB4DEF94939AAD2A1F6FD235B09CA6CCFB45A614C79F3C83253B82BB73826DD22127F3F14292A9B682D607D6C9313DF5324712F976C8978AEDC97B40095E66BF850BCB83F477E1F5AB045844EA5CA0652C7C2C284B90FFDCAE2D5F3C165F66FCE871A5D0AFAA158E77099BFA7A969C8F3425E326D24E7E875D588B5E652ED331ABE4A72AFF7D89CFA9D55116B2610AEA4D1D16BCE1FE8D22849827677FEC8EC9864F5A4B874E7AA3228E31DACECA3ED7E1F31675CCA03E599E748BBCA483821DDC5F1C7ED376EDE7A650AD06CE3FC4E76062354B7D89093EBBF9717CED067846349E8BBEEC4CDDE0907F2DD1C31125F1DBB7B9A94E07677C4EBC756A5ED3D8DB30FB5772328272C6D360021F3 29720171206134251 2 6 100 6143 2 EF730E8C844746DF23D55A6C9508EF59F158850FF4A3A24B3E29C95547FE16E3C3F7269D4096406935222EDC51BFDFE89B454D8C02F868FB297A1FBFEB61A5392779A6C51AF8F9068CC579276D045FF317D9B7540D9A39FA936004991CB06BA169012F75BAF0B8D6203470AF1BE5569341E462DF72FF4AFD9C24BCB7584C71C1766DFDD74FE13D98C176DC64979F4720C0A996226948C9DE5E1890C2E703168AB3B33D50C395F13CDE094300C4BB0ED86352950C238DDEB1A8412A2409B6C487F9CBBB110A754A7B4985CF55DE4FC5137CDF13F9B0E10768DF0A28D6628DFEC684A25439E5C943718E4E4CFC89A3DCE1B747F77A0CE08B98AC92705E8DD3A6EDD18FAEA2FBB4988C3CC947C8206DD67CF44BEF69B617E781E93501877F81E4CC2263DB0B5EEEFFF3FCFCD2AB6E34B724D755A9D5025C978AA679D806318EF9F81787D3C69FB2D25B0382A3A96F44216791D41CCC3DF04EBD19B84858F0935C1C774F4685C8114EBCA8C71946C35CB42B82AD56541E3B4AB0A47E0AD8FCF9073BCFB801EA84DDF5DF4426578561BC737C2469B34F275502BC0BD7AB018506FD8DD6A9477F1588C2F76FD82B2AD3740E7F161632C66B961737EB70E9B44F362F73C1F874F7C06C5370297E975D25E004D6090BD119915694AFB57427DDE7F50C81B9A1812E10FA39A01E2F2FF18C96FADEA62BF08FAB027A31D84E4C0267AF7E880B5A0608683542E9895DB15FA1ADA9F1D28569C8E27662CE912CD1869227F542C1F228C6A2226D4AC24673994AA453BF21A1961D17C7E29B297E8AF7A71C4E2957A603900A3B4947B7B59A70767EB9106C043A48EEFAC3CCDC0F78F559CDBE64328E3C21D33D30E6AAFF638761F988CD99C59ECBAC4276ACE22062F6903B4B78B45917829AAA0CF11D04272EB44385A3479AD7B6E3E94126CC35AE082A73AAE991670C5145576789B43055B5F9D457523B16032CC65B679BD5AA08657D719EAC3D0345812BFA599249E4719AA2DF1507916FA735535781F053C4CB92D28007CC8D621E571E957AED705C2D11724E6D4A3BE268FDCCA230A1BE9EDE7554BF8FF3
29820170702200102 2 6 100 7679 5 E411B879FDA69428A30BDE74B417706E5936E16C5E1F2B64A07EAE1D69C857C23126701460740D93467EB3A3386827E658069CAC4D55CC4929493C193D53A0D91141135B2F0B19E659BB541883E569D38B329761EDF3C409D34A49870356F3723AD2F720383E49B1752B837DF80F48632A469A0A96AC8F02E5B766B590D722B5BD3ED9191BB70C1D4044A3D5CE850489216C3184D73BAE2B655D76B30EC1851951A756E2A45CD1FF82A83BDC1803005034BEB2EAC35FF7362831D8FBE02E07B1CCA351D47AD65B5282151FB2711A880410CED2C1CF205CC2072F6F244189F5BDB3AFDBA7FB02DD21C99D1EF72C1EF8BC6C68A273D16CB2D3CA190C30BDDEEAD7CA2E519F3AF806B5CBD436B971C1F1981EB35CB4007D129F43E660F7E47E807C889A1DC5FEFA7C304DB41B36982FEFB7390DC6C8E9474D3EEB84B3F757C367475EB1B4CB5B86F9507090F2CB37533E2B96BBC6F75B3BF1F4CECF18F67E7492A681845CF5AFA1B70FB3B0A09CDD3375BCF716CBF2A594533D157CB6C4008CF8C4818C9418E44A995028487B0346BD399BFB431CA94B3FC2AF9822520153105ADACEBE719CC24D1D043AC2AC24BD41759AA452000C43CB885D5F0D71DC2451A2C5C04B0B085BD23B5295B7A109DCD729C34479D51EAB4617FDD163128B25F5803B262C3D97E2D63B3E84D85B67ECDFDE6FA377E208BD2EF867072D341AC731338268AD82285DD6D219DE44EB0588E477CBFCD5F5C068D2FA877339424F324012D346C3E2B3C4408E4FD84535C5D4EA02137ABE0426BC4C3AD6EABAA221579CBA22023F8204ECCC98D143652DEBF5869CD73A81C0E4C6FC9A22F9E648B6783AA1D0F0A1F76B1C4E8692339A6A259F3D8419CF7FD22A26023678BFE4F70C79E7F113882E6C7A0606C5AA9094DB161683E43CCEC8C73FEBC7B82617B90541C2BC15EBA18B55E430373CF21DD235BA332EE6D7A6D042BAB4DEF94939AAD2A1F6FD235B09CA6CCFB45A614C79F3C83253B82BB73826DD22127F3F14292A9B682D607D6C9313DF5324712F976C8978AEDC97B40095E66BF850BCB83F477E1F5AB045844EA5CA0652C7C2C284B90FFDCAE2D5F3C165F66FCE871A5D0AFAA158E77099BFA7A969C8F3425E326D24E7E875D588B5E652ED331ABE4A72AFF7D89CFA9D55116B2610AEA4D1D16BCE1FE8D22849827677FEC8EC9864F5A4B874E7AA3228E31DACECA3ED7E1F31675CCA03E599E748BBCA483821DDC5F1C7ED376EDE7A650AD06CE3FC4E76062354B7D89093EBBF9717CED067846349E8BBEEC4CDDE0907F2DD1C31125F1DBB7B9A94E07677C4EBC756A5ED3D8DB30FB5772328272C6D37A9C6C7 29820171206161018 2 6 100 6143 5 EF730E8C844746DF23D55A6C9508EF59F158850FF4A3A24B3E29C95547FE16E3C3F7269D4096406935222EDC51BFDFE89B454D8C02F868FB297A1FBFEB61A5392779A6C51AF8F9068CC579276D045FF317D9B7540D9A39FA936004991CB06BA169012F75BAF0B8D6203470AF1BE5569341E462DF72FF4AFD9C24BCB7584C71C1766DFDD74FE13D98C176DC64979F4720C0A996226948C9DE5E1890C2E703168AB3B33D50C395F13CDE094300C4BB0ED86352950C238DDEB1A8412A2409B6C487F9CBBB110A754A7B4985CF55DE4FC5137CDF13F9B0E10768DF0A28D6628DFEC684A25439E5C943718E4E4CFC89A3DCE1B747F77A0CE08B98AC92705E8DD3A6EDD18FAEA2FBB4988C3CC947C8206DD67CF44BEF69B617E781E93501877F81E4CC2263DB0B5EEEFFF3FCFCD2AB6E34B724D755A9D5025C978AA679D806318EF9F81787D3C69FB2D25B0382A3A96F44216791D41CCC3DF04EBD19B84858F0935C1C774F4685C8114EBCA8C71946C35CB42B82AD56541E3B4AB0A47E0AD8FCF9073BCFB801EA84DDF5DF4426578561BC737C2469B34F275502BC0BD7AB018506FD8DD6A9477F1588C2F76FD82B2AD3740E7F161632C66B961737EB70E9B44F362F73C1F874F7C06C5370297E975D25E004D6090BD119915694AFB57427DDE7F50C81B9A1812E10FA39A01E2F2FF18C96FADEA62BF08FAB027A31D84E4C0267AF7E880B5A0608683542E9895DB15FA1ADA9F1D28569C8E27662CE912CD1869227F542C1F228C6A2226D4AC24673994AA453BF21A1961D17C7E29B297E8AF7A71C4E2957A603900A3B4947B7B59A70767EB9106C043A48EEFAC3CCDC0F78F559CDBE64328E3C21D33D30E6AAFF638761F988CD99C59ECBAC4276ACE22062F6903B4B78B45917829AAA0CF11D04272EB44385A3479AD7B6E3E94126CC35AE082A73AAE991670C5145576789B43055B5F9D457523B16032CC65B679BD5AA08657D719EAC3D0345812BFA599249E4719AA2DF1507916FA735535781F053C4CB92D28007CC8D621E571E957AED705C2D11724E6D4A3BE268FDCCA230A1BE9EDE7558211DF7
29920170703011731 2 6 100 7679 5 E411B879FDA69428A30BDE74B417706E5936E16C5E1F2B64A07EAE1D69C857C23126701460740D93467EB3A3386827E658069CAC4D55CC4929493C193D53A0D91141135B2F0B19E659BB541883E569D38B329761EDF3C409D34A49870356F3723AD2F720383E49B1752B837DF80F48632A469A0A96AC8F02E5B766B590D722B5BD3ED9191BB70C1D4044A3D5CE850489216C3184D73BAE2B655D76B30EC1851951A756E2A45CD1FF82A83BDC1803005034BEB2EAC35FF7362831D8FBE02E07B1CCA351D47AD65B5282151FB2711A880410CED2C1CF205CC2072F6F244189F5BDB3AFDBA7FB02DD21C99D1EF72C1EF8BC6C68A273D16CB2D3CA190C30BDDEEAD7CA2E519F3AF806B5CBD436B971C1F1981EB35CB4007D129F43E660F7E47E807C889A1DC5FEFA7C304DB41B36982FEFB7390DC6C8E9474D3EEB84B3F757C367475EB1B4CB5B86F9507090F2CB37533E2B96BBC6F75B3BF1F4CECF18F67E7492A681845CF5AFA1B70FB3B0A09CDD3375BCF716CBF2A594533D157CB6C4008CF8C4818C9418E44A995028487B0346BD399BFB431CA94B3FC2AF9822520153105ADACEBE719CC24D1D043AC2AC24BD41759AA452000C43CB885D5F0D71DC2451A2C5C04B0B085BD23B5295B7A109DCD729C34479D51EAB4617FDD163128B25F5803B262C3D97E2D63B3E84D85B67ECDFDE6FA377E208BD2EF867072D341AC731338268AD82285DD6D219DE44EB0588E477CBFCD5F5C068D2FA877339424F324012D346C3E2B3C4408E4FD84535C5D4EA02137ABE0426BC4C3AD6EABAA221579CBA22023F8204ECCC98D143652DEBF5869CD73A81C0E4C6FC9A22F9E648B6783AA1D0F0A1F76B1C4E8692339A6A259F3D8419CF7FD22A26023678BFE4F70C79E7F113882E6C7A0606C5AA9094DB161683E43CCEC8C73FEBC7B82617B90541C2BC15EBA18B55E430373CF21DD235BA332EE6D7A6D042BAB4DEF94939AAD2A1F6FD235B09CA6CCFB45A614C79F3C83253B82BB73826DD22127F3F14292A9B682D607D6C9313DF5324712F976C8978AEDC97B40095E66BF850BCB83F477E1F5AB045844EA5CA0652C7C2C284B90FFDCAE2D5F3C165F66FCE871A5D0AFAA158E77099BFA7A969C8F3425E326D24E7E875D588B5E652ED331ABE4A72AFF7D89CFA9D55116B2610AEA4D1D16BCE1FE8D22849827677FEC8EC9864F5A4B874E7AA3228E31DACECA3ED7E1F31675CCA03E599E748BBCA483821DDC5F1C7ED376EDE7A650AD06CE3FC4E76062354B7D89093EBBF9717CED067846349E8BBEEC4CDDE0907F2DD1C31125F1DBB7B9A94E07677C4EBC756A5ED3D8DB30FB5772328272C6D3BCD4977 29920171206195122 2 6 100 7679 2 CF96EF3064F3389AC4D7DA6813F67988F77979BB89C86E3A82B8FBE165D96646B6665C28FE7F5D1742E288AF6A47CEAD57277CF7B7902B8B7F899CB512DDF0EDEC293B152ABA4085290AE8BF93AF988437B549319AF0E18E39805C80A4714E4108DC29DDF708365B8FAC1F220784A8AA89F4C04176DFCEFC652988A6F878937AF8FEFF6A45672DB27EC215CDCBB9C530BDC2F1F357DC69073AA6B3670B988F271386E1B2F72635AA83420CF2A393338D1C4E2B502C11CA2098481EA292ACD7A7BFF84945E9CC04B47B1967F09CC7A4BE5AAA749583318E561E5504F28472B0AEF60B854142AACFE6017786E8B5FB674C79D68B7B44842F18E2075B8679A99D43892847B09A0CADFBED479942F599A1666D96EEED85A222431F8637D6FB73F5E08465417DAAA47BD31BDCE2262E06E0B7E5BF6FA9703890997C275CE11CA52A92D0F4889F370164D4EFA8C461E2F3BBABA54F8A1DD165C3D5344DF572B67EF92DC3E8EF66926B673AD59FB5CE5FF5ECED31535CC347374D846F0373EDD82DEFAF4DEEF238A1ABFF44FDC2D9511E8AE69349B69749DD6D2AD5A2A95F579B3A0D232FAB4A915568409150F184F1F58114354235084F9B104F9DA8EC13D34AB93BD61620CC0B93118FF2299B80856CE2A40792F58E37990677E1C4A662D619F835DA5537873CDF05DCDB369AEB2E6159E351E9140DDD5E4FB57EAAD9CB5A41EAC61CD1E95D983832D0E8D35EEFF88E699A33A4AB0FC82B8A1B38F527933108FCC6533C9DE3AFCAE396246399DB878A9D500905A707B3C1F3F490E327A5C219151E7077C9E456F3DD046F6FAC8C3F98CC90FC558E87A7CB654320DA2B48F41BE0D8498A98DF562EE0A33FF61AF92E90DABA5323CF416C7E3B5E0A5190A36442F08AEE80B4886C407A689A81293D7CF6D7F88C112F7D166D4AE27147BCDC4C91E2880F5A4065B0AC7480BCDB9A0BCB790FDDF0370DF819986DA21FE700E15D449F5C0849B70C8A84569F205D74141F87B73D2EE3BB4D7A88F2DC90272219E39B5456F5CE8F0DA1E40E98C1B968112DC3664663B3C2A2B1402657CC0529AD6CED5BD2A177F9ED6FDA41378C8ADA6F33615516CFE0077E9426424F06DF517A5117F2882FFE3144245623DF8DDEF9869E5F6D328884018885209EA24F7F617837E7751D56EF3201D3FD607706B889728591E7C822ED97FF0B9DC111D5D0142387D88CB799345EF48235922632D6610F9E1C7AAAB6368EC0D4A76185686FCDA99499DC1B7F08C8A1BDDEF3F803CF168D818CEAC1F8B79E70C49E37B3E19B0096D1B6C2D4BF73DBF503401AE4EFCF9DEB8AC4A9C39E140CA9086E9927274E2A634801E6B61B
30020170703155054 2 6 100 7679 2 E411B879FDA69428A30BDE74B417706E5936E16C5E1F2B64A07EAE1D69C857C23126701460740D93467EB3A3386827E658069CAC4D55CC4929493C193D53A0D91141135B2F0B19E659BB541883E569D38B329761EDF3C409D34A49870356F3723AD2F720383E49B1752B837DF80F48632A469A0A96AC8F02E5B766B590D722B5BD3ED9191BB70C1D4044A3D5CE850489216C3184D73BAE2B655D76B30EC1851951A756E2A45CD1FF82A83BDC1803005034BEB2EAC35FF7362831D8FBE02E07B1CCA351D47AD65B5282151FB2711A880410CED2C1CF205CC2072F6F244189F5BDB3AFDBA7FB02DD21C99D1EF72C1EF8BC6C68A273D16CB2D3CA190C30BDDEEAD7CA2E519F3AF806B5CBD436B971C1F1981EB35CB4007D129F43E660F7E47E807C889A1DC5FEFA7C304DB41B36982FEFB7390DC6C8E9474D3EEB84B3F757C367475EB1B4CB5B86F9507090F2CB37533E2B96BBC6F75B3BF1F4CECF18F67E7492A681845CF5AFA1B70FB3B0A09CDD3375BCF716CBF2A594533D157CB6C4008CF8C4818C9418E44A995028487B0346BD399BFB431CA94B3FC2AF9822520153105ADACEBE719CC24D1D043AC2AC24BD41759AA452000C43CB885D5F0D71DC2451A2C5C04B0B085BD23B5295B7A109DCD729C34479D51EAB4617FDD163128B25F5803B262C3D97E2D63B3E84D85B67ECDFDE6FA377E208BD2EF867072D341AC731338268AD82285DD6D219DE44EB0588E477CBFCD5F5C068D2FA877339424F324012D346C3E2B3C4408E4FD84535C5D4EA02137ABE0426BC4C3AD6EABAA221579CBA22023F8204ECCC98D143652DEBF5869CD73A81C0E4C6FC9A22F9E648B6783AA1D0F0A1F76B1C4E8692339A6A259F3D8419CF7FD22A26023678BFE4F70C79E7F113882E6C7A0606C5AA9094DB161683E43CCEC8C73FEBC7B82617B90541C2BC15EBA18B55E430373CF21DD235BA332EE6D7A6D042BAB4DEF94939AAD2A1F6FD235B09CA6CCFB45A614C79F3C83253B82BB73826DD22127F3F14292A9B682D607D6C9313DF5324712F976C8978AEDC97B40095E66BF850BCB83F477E1F5AB045844EA5CA0652C7C2C284B90FFDCAE2D5F3C165F66FCE871A5D0AFAA158E77099BFA7A969C8F3425E326D24E7E875D588B5E652ED331ABE4A72AFF7D89CFA9D55116B2610AEA4D1D16BCE1FE8D22849827677FEC8EC9864F5A4B874E7AA3228E31DACECA3ED7E1F31675CCA03E599E748BBCA483821DDC5F1C7ED376EDE7A650AD06CE3FC4E76062354B7D89093EBBF9717CED067846349E8BBEEC4CDDE0907F2DD1C31125F1DBB7B9A94E07677C4EBC756A5ED3D8DB30FB5772328272C6D431F42D3 30020171206235707 2 6 100 7679 5 CF96EF3064F3389AC4D7DA6813F67988F77979BB89C86E3A82B8FBE165D96646B6665C28FE7F5D1742E288AF6A47CEAD57277CF7B7902B8B7F899CB512DDF0EDEC293B152ABA4085290AE8BF93AF988437B549319AF0E18E39805C80A4714E4108DC29DDF708365B8FAC1F220784A8AA89F4C04176DFCEFC652988A6F878937AF8FEFF6A45672DB27EC215CDCBB9C530BDC2F1F357DC69073AA6B3670B988F271386E1B2F72635AA83420CF2A393338D1C4E2B502C11CA2098481EA292ACD7A7BFF84945E9CC04B47B1967F09CC7A4BE5AAA749583318E561E5504F28472B0AEF60B854142AACFE6017786E8B5FB674C79D68B7B44842F18E2075B8679A99D43892847B09A0CADFBED479942F599A1666D96EEED85A222431F8637D6FB73F5E08465417DAAA47BD31BDCE2262E06E0B7E5BF6FA9703890997C275CE11CA52A92D0F4889F370164D4EFA8C461E2F3BBABA54F8A1DD165C3D5344DF572B67EF92DC3E8EF66926B673AD59FB5CE5FF5ECED31535CC347374D846F0373EDD82DEFAF4DEEF238A1ABFF44FDC2D9511E8AE69349B69749DD6D2AD5A2A95F579B3A0D232FAB4A915568409150F184F1F58114354235084F9B104F9DA8EC13D34AB93BD61620CC0B93118FF2299B80856CE2A40792F58E37990677E1C4A662D619F835DA5537873CDF05DCDB369AEB2E6159E351E9140DDD5E4FB57EAAD9CB5A41EAC61CD1E95D983832D0E8D35EEFF88E699A33A4AB0FC82B8A1B38F527933108FCC6533C9DE3AFCAE396246399DB878A9D500905A707B3C1F3F490E327A5C219151E7077C9E456F3DD046F6FAC8C3F98CC90FC558E87A7CB654320DA2B48F41BE0D8498A98DF562EE0A33FF61AF92E90DABA5323CF416C7E3B5E0A5190A36442F08AEE80B4886C407A689A81293D7CF6D7F88C112F7D166D4AE27147BCDC4C91E2880F5A4065B0AC7480BCDB9A0BCB790FDDF0370DF819986DA21FE700E15D449F5C0849B70C8A84569F205D74141F87B73D2EE3BB4D7A88F2DC90272219E39B5456F5CE8F0DA1E40E98C1B968112DC3664663B3C2A2B1402657CC0529AD6CED5BD2A177F9ED6FDA41378C8ADA6F33615516CFE0077E9426424F06DF517A5117F2882FFE3144245623DF8DDEF9869E5F6D328884018885209EA24F7F617837E7751D56EF3201D3FD607706B889728591E7C822ED97FF0B9DC111D5D0142387D88CB799345EF48235922632D6610F9E1C7AAAB6368EC0D4A76185686FCDA99499DC1B7F08C8A1BDDEF3F803CF168D818CEAC1F8B79E70C49E37B3E19B0096D1B6C2D4BF73DBF503401AE4EFCF9DEB8AC4A9C39E140CA9086E9927274E2A6348054D6277
30120170704184253 2 6 100 7679 2 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936A2722BB3 30120171207033003 2 6 100 7679 5 CF96EF3064F3389AC4D7DA6813F67988F77979BB89C86E3A82B8FBE165D96646B6665C28FE7F5D1742E288AF6A47CEAD57277CF7B7902B8B7F899CB512DDF0EDEC293B152ABA4085290AE8BF93AF988437B549319AF0E18E39805C80A4714E4108DC29DDF708365B8FAC1F220784A8AA89F4C04176DFCEFC652988A6F878937AF8FEFF6A45672DB27EC215CDCBB9C530BDC2F1F357DC69073AA6B3670B988F271386E1B2F72635AA83420CF2A393338D1C4E2B502C11CA2098481EA292ACD7A7BFF84945E9CC04B47B1967F09CC7A4BE5AAA749583318E561E5504F28472B0AEF60B854142AACFE6017786E8B5FB674C79D68B7B44842F18E2075B8679A99D43892847B09A0CADFBED479942F599A1666D96EEED85A222431F8637D6FB73F5E08465417DAAA47BD31BDCE2262E06E0B7E5BF6FA9703890997C275CE11CA52A92D0F4889F370164D4EFA8C461E2F3BBABA54F8A1DD165C3D5344DF572B67EF92DC3E8EF66926B673AD59FB5CE5FF5ECED31535CC347374D846F0373EDD82DEFAF4DEEF238A1ABFF44FDC2D9511E8AE69349B69749DD6D2AD5A2A95F579B3A0D232FAB4A915568409150F184F1F58114354235084F9B104F9DA8EC13D34AB93BD61620CC0B93118FF2299B80856CE2A40792F58E37990677E1C4A662D619F835DA5537873CDF05DCDB369AEB2E6159E351E9140DDD5E4FB57EAAD9CB5A41EAC61CD1E95D983832D0E8D35EEFF88E699A33A4AB0FC82B8A1B38F527933108FCC6533C9DE3AFCAE396246399DB878A9D500905A707B3C1F3F490E327A5C219151E7077C9E456F3DD046F6FAC8C3F98CC90FC558E87A7CB654320DA2B48F41BE0D8498A98DF562EE0A33FF61AF92E90DABA5323CF416C7E3B5E0A5190A36442F08AEE80B4886C407A689A81293D7CF6D7F88C112F7D166D4AE27147BCDC4C91E2880F5A4065B0AC7480BCDB9A0BCB790FDDF0370DF819986DA21FE700E15D449F5C0849B70C8A84569F205D74141F87B73D2EE3BB4D7A88F2DC90272219E39B5456F5CE8F0DA1E40E98C1B968112DC3664663B3C2A2B1402657CC0529AD6CED5BD2A177F9ED6FDA41378C8ADA6F33615516CFE0077E9426424F06DF517A5117F2882FFE3144245623DF8DDEF9869E5F6D328884018885209EA24F7F617837E7751D56EF3201D3FD607706B889728591E7C822ED97FF0B9DC111D5D0142387D88CB799345EF48235922632D6610F9E1C7AAAB6368EC0D4A76185686FCDA99499DC1B7F08C8A1BDDEF3F803CF168D818CEAC1F8B79E70C49E37B3E19B0096D1B6C2D4BF73DBF503401AE4EFCF9DEB8AC4A9C39E140CA9086E9927274E2A634808323A27
30220170704204537 2 6 100 7679 2 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936A4446CCB 30220171207054441 2 6 100 7679 5 CF96EF3064F3389AC4D7DA6813F67988F77979BB89C86E3A82B8FBE165D96646B6665C28FE7F5D1742E288AF6A47CEAD57277CF7B7902B8B7F899CB512DDF0EDEC293B152ABA4085290AE8BF93AF988437B549319AF0E18E39805C80A4714E4108DC29DDF708365B8FAC1F220784A8AA89F4C04176DFCEFC652988A6F878937AF8FEFF6A45672DB27EC215CDCBB9C530BDC2F1F357DC69073AA6B3670B988F271386E1B2F72635AA83420CF2A393338D1C4E2B502C11CA2098481EA292ACD7A7BFF84945E9CC04B47B1967F09CC7A4BE5AAA749583318E561E5504F28472B0AEF60B854142AACFE6017786E8B5FB674C79D68B7B44842F18E2075B8679A99D43892847B09A0CADFBED479942F599A1666D96EEED85A222431F8637D6FB73F5E08465417DAAA47BD31BDCE2262E06E0B7E5BF6FA9703890997C275CE11CA52A92D0F4889F370164D4EFA8C461E2F3BBABA54F8A1DD165C3D5344DF572B67EF92DC3E8EF66926B673AD59FB5CE5FF5ECED31535CC347374D846F0373EDD82DEFAF4DEEF238A1ABFF44FDC2D9511E8AE69349B69749DD6D2AD5A2A95F579B3A0D232FAB4A915568409150F184F1F58114354235084F9B104F9DA8EC13D34AB93BD61620CC0B93118FF2299B80856CE2A40792F58E37990677E1C4A662D619F835DA5537873CDF05DCDB369AEB2E6159E351E9140DDD5E4FB57EAAD9CB5A41EAC61CD1E95D983832D0E8D35EEFF88E699A33A4AB0FC82B8A1B38F527933108FCC6533C9DE3AFCAE396246399DB878A9D500905A707B3C1F3F490E327A5C219151E7077C9E456F3DD046F6FAC8C3F98CC90FC558E87A7CB654320DA2B48F41BE0D8498A98DF562EE0A33FF61AF92E90DABA5323CF416C7E3B5E0A5190A36442F08AEE80B4886C407A689A81293D7CF6D7F88C112F7D166D4AE27147BCDC4C91E2880F5A4065B0AC7480BCDB9A0BCB790FDDF0370DF819986DA21FE700E15D449F5C0849B70C8A84569F205D74141F87B73D2EE3BB4D7A88F2DC90272219E39B5456F5CE8F0DA1E40E98C1B968112DC3664663B3C2A2B1402657CC0529AD6CED5BD2A177F9ED6FDA41378C8ADA6F33615516CFE0077E9426424F06DF517A5117F2882FFE3144245623DF8DDEF9869E5F6D328884018885209EA24F7F617837E7751D56EF3201D3FD607706B889728591E7C822ED97FF0B9DC111D5D0142387D88CB799345EF48235922632D6610F9E1C7AAAB6368EC0D4A76185686FCDA99499DC1B7F08C8A1BDDEF3F803CF168D818CEAC1F8B79E70C49E37B3E19B0096D1B6C2D4BF73DBF503401AE4EFCF9DEB8AC4A9C39E140CA9086E9927274E2A634809E6C2F7
30320170705051520 2 6 100 7679 2 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936ABC7F083 30320171207104116 2 6 100 7679 2 CF96EF3064F3389AC4D7DA6813F67988F77979BB89C86E3A82B8FBE165D96646B6665C28FE7F5D1742E288AF6A47CEAD57277CF7B7902B8B7F899CB512DDF0EDEC293B152ABA4085290AE8BF93AF988437B549319AF0E18E39805C80A4714E4108DC29DDF708365B8FAC1F220784A8AA89F4C04176DFCEFC652988A6F878937AF8FEFF6A45672DB27EC215CDCBB9C530BDC2F1F357DC69073AA6B3670B988F271386E1B2F72635AA83420CF2A393338D1C4E2B502C11CA2098481EA292ACD7A7BFF84945E9CC04B47B1967F09CC7A4BE5AAA749583318E561E5504F28472B0AEF60B854142AACFE6017786E8B5FB674C79D68B7B44842F18E2075B8679A99D43892847B09A0CADFBED479942F599A1666D96EEED85A222431F8637D6FB73F5E08465417DAAA47BD31BDCE2262E06E0B7E5BF6FA9703890997C275CE11CA52A92D0F4889F370164D4EFA8C461E2F3BBABA54F8A1DD165C3D5344DF572B67EF92DC3E8EF66926B673AD59FB5CE5FF5ECED31535CC347374D846F0373EDD82DEFAF4DEEF238A1ABFF44FDC2D9511E8AE69349B69749DD6D2AD5A2A95F579B3A0D232FAB4A915568409150F184F1F58114354235084F9B104F9DA8EC13D34AB93BD61620CC0B93118FF2299B80856CE2A40792F58E37990677E1C4A662D619F835DA5537873CDF05DCDB369AEB2E6159E351E9140DDD5E4FB57EAAD9CB5A41EAC61CD1E95D983832D0E8D35EEFF88E699A33A4AB0FC82B8A1B38F527933108FCC6533C9DE3AFCAE396246399DB878A9D500905A707B3C1F3F490E327A5C219151E7077C9E456F3DD046F6FAC8C3F98CC90FC558E87A7CB654320DA2B48F41BE0D8498A98DF562EE0A33FF61AF92E90DABA5323CF416C7E3B5E0A5190A36442F08AEE80B4886C407A689A81293D7CF6D7F88C112F7D166D4AE27147BCDC4C91E2880F5A4065B0AC7480BCDB9A0BCB790FDDF0370DF819986DA21FE700E15D449F5C0849B70C8A84569F205D74141F87B73D2EE3BB4D7A88F2DC90272219E39B5456F5CE8F0DA1E40E98C1B968112DC3664663B3C2A2B1402657CC0529AD6CED5BD2A177F9ED6FDA41378C8ADA6F33615516CFE0077E9426424F06DF517A5117F2882FFE3144245623DF8DDEF9869E5F6D328884018885209EA24F7F617837E7751D56EF3201D3FD607706B889728591E7C822ED97FF0B9DC111D5D0142387D88CB799345EF48235922632D6610F9E1C7AAAB6368EC0D4A76185686FCDA99499DC1B7F08C8A1BDDEF3F803CF168D818CEAC1F8B79E70C49E37B3E19B0096D1B6C2D4BF73DBF503401AE4EFCF9DEB8AC4A9C39E140CA9086E9927274E2A63480D5E19B3
30420170705084652 2 6 100 7679 2 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936AED1CC73 30420171207110410 2 6 100 7679 5 CF96EF3064F3389AC4D7DA6813F67988F77979BB89C86E3A82B8FBE165D96646B6665C28FE7F5D1742E288AF6A47CEAD57277CF7B7902B8B7F899CB512DDF0EDEC293B152ABA4085290AE8BF93AF988437B549319AF0E18E39805C80A4714E4108DC29DDF708365B8FAC1F220784A8AA89F4C04176DFCEFC652988A6F878937AF8FEFF6A45672DB27EC215CDCBB9C530BDC2F1F357DC69073AA6B3670B988F271386E1B2F72635AA83420CF2A393338D1C4E2B502C11CA2098481EA292ACD7A7BFF84945E9CC04B47B1967F09CC7A4BE5AAA749583318E561E5504F28472B0AEF60B854142AACFE6017786E8B5FB674C79D68B7B44842F18E2075B8679A99D43892847B09A0CADFBED479942F599A1666D96EEED85A222431F8637D6FB73F5E08465417DAAA47BD31BDCE2262E06E0B7E5BF6FA9703890997C275CE11CA52A92D0F4889F370164D4EFA8C461E2F3BBABA54F8A1DD165C3D5344DF572B67EF92DC3E8EF66926B673AD59FB5CE5FF5ECED31535CC347374D846F0373EDD82DEFAF4DEEF238A1ABFF44FDC2D9511E8AE69349B69749DD6D2AD5A2A95F579B3A0D232FAB4A915568409150F184F1F58114354235084F9B104F9DA8EC13D34AB93BD61620CC0B93118FF2299B80856CE2A40792F58E37990677E1C4A662D619F835DA5537873CDF05DCDB369AEB2E6159E351E9140DDD5E4FB57EAAD9CB5A41EAC61CD1E95D983832D0E8D35EEFF88E699A33A4AB0FC82B8A1B38F527933108FCC6533C9DE3AFCAE396246399DB878A9D500905A707B3C1F3F490E327A5C219151E7077C9E456F3DD046F6FAC8C3F98CC90FC558E87A7CB654320DA2B48F41BE0D8498A98DF562EE0A33FF61AF92E90DABA5323CF416C7E3B5E0A5190A36442F08AEE80B4886C407A689A81293D7CF6D7F88C112F7D166D4AE27147BCDC4C91E2880F5A4065B0AC7480BCDB9A0BCB790FDDF0370DF819986DA21FE700E15D449F5C0849B70C8A84569F205D74141F87B73D2EE3BB4D7A88F2DC90272219E39B5456F5CE8F0DA1E40E98C1B968112DC3664663B3C2A2B1402657CC0529AD6CED5BD2A177F9ED6FDA41378C8ADA6F33615516CFE0077E9426424F06DF517A5117F2882FFE3144245623DF8DDEF9869E5F6D328884018885209EA24F7F617837E7751D56EF3201D3FD607706B889728591E7C822ED97FF0B9DC111D5D0142387D88CB799345EF48235922632D6610F9E1C7AAAB6368EC0D4A76185686FCDA99499DC1B7F08C8A1BDDEF3F803CF168D818CEAC1F8B79E70C49E37B3E19B0096D1B6C2D4BF73DBF503401AE4EFCF9DEB8AC4A9C39E140CA9086E9927274E2A63480DA1758F
30520170705094007 2 6 100 7679 5 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936AF8A26FF 30520171207170628 2 6 100 7679 2 CF96EF3064F3389AC4D7DA6813F67988F77979BB89C86E3A82B8FBE165D96646B6665C28FE7F5D1742E288AF6A47CEAD57277CF7B7902B8B7F899CB512DDF0EDEC293B152ABA4085290AE8BF93AF988437B549319AF0E18E39805C80A4714E4108DC29DDF708365B8FAC1F220784A8AA89F4C04176DFCEFC652988A6F878937AF8FEFF6A45672DB27EC215CDCBB9C530BDC2F1F357DC69073AA6B3670B988F271386E1B2F72635AA83420CF2A393338D1C4E2B502C11CA2098481EA292ACD7A7BFF84945E9CC04B47B1967F09CC7A4BE5AAA749583318E561E5504F28472B0AEF60B854142AACFE6017786E8B5FB674C79D68B7B44842F18E2075B8679A99D43892847B09A0CADFBED479942F599A1666D96EEED85A222431F8637D6FB73F5E08465417DAAA47BD31BDCE2262E06E0B7E5BF6FA9703890997C275CE11CA52A92D0F4889F370164D4EFA8C461E2F3BBABA54F8A1DD165C3D5344DF572B67EF92DC3E8EF66926B673AD59FB5CE5FF5ECED31535CC347374D846F0373EDD82DEFAF4DEEF238A1ABFF44FDC2D9511E8AE69349B69749DD6D2AD5A2A95F579B3A0D232FAB4A915568409150F184F1F58114354235084F9B104F9DA8EC13D34AB93BD61620CC0B93118FF2299B80856CE2A40792F58E37990677E1C4A662D619F835DA5537873CDF05DCDB369AEB2E6159E351E9140DDD5E4FB57EAAD9CB5A41EAC61CD1E95D983832D0E8D35EEFF88E699A33A4AB0FC82B8A1B38F527933108FCC6533C9DE3AFCAE396246399DB878A9D500905A707B3C1F3F490E327A5C219151E7077C9E456F3DD046F6FAC8C3F98CC90FC558E87A7CB654320DA2B48F41BE0D8498A98DF562EE0A33FF61AF92E90DABA5323CF416C7E3B5E0A5190A36442F08AEE80B4886C407A689A81293D7CF6D7F88C112F7D166D4AE27147BCDC4C91E2880F5A4065B0AC7480BCDB9A0BCB790FDDF0370DF819986DA21FE700E15D449F5C0849B70C8A84569F205D74141F87B73D2EE3BB4D7A88F2DC90272219E39B5456F5CE8F0DA1E40E98C1B968112DC3664663B3C2A2B1402657CC0529AD6CED5BD2A177F9ED6FDA41378C8ADA6F33615516CFE0077E9426424F06DF517A5117F2882FFE3144245623DF8DDEF9869E5F6D328884018885209EA24F7F617837E7751D56EF3201D3FD607706B889728591E7C822ED97FF0B9DC111D5D0142387D88CB799345EF48235922632D6610F9E1C7AAAB6368EC0D4A76185686FCDA99499DC1B7F08C8A1BDDEF3F803CF168D818CEAC1F8B79E70C49E37B3E19B0096D1B6C2D4BF73DBF503401AE4EFCF9DEB8AC4A9C39E140CA9086E9927274E2A634812866F03
30620170705115139 2 6 100 7679 5 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936B15913CF 30620171207183951 2 6 100 7679 5 CF96EF3064F3389AC4D7DA6813F67988F77979BB89C86E3A82B8FBE165D96646B6665C28FE7F5D1742E288AF6A47CEAD57277CF7B7902B8B7F899CB512DDF0EDEC293B152ABA4085290AE8BF93AF988437B549319AF0E18E39805C80A4714E4108DC29DDF708365B8FAC1F220784A8AA89F4C04176DFCEFC652988A6F878937AF8FEFF6A45672DB27EC215CDCBB9C530BDC2F1F357DC69073AA6B3670B988F271386E1B2F72635AA83420CF2A393338D1C4E2B502C11CA2098481EA292ACD7A7BFF84945E9CC04B47B1967F09CC7A4BE5AAA749583318E561E5504F28472B0AEF60B854142AACFE6017786E8B5FB674C79D68B7B44842F18E2075B8679A99D43892847B09A0CADFBED479942F599A1666D96EEED85A222431F8637D6FB73F5E08465417DAAA47BD31BDCE2262E06E0B7E5BF6FA9703890997C275CE11CA52A92D0F4889F370164D4EFA8C461E2F3BBABA54F8A1DD165C3D5344DF572B67EF92DC3E8EF66926B673AD59FB5CE5FF5ECED31535CC347374D846F0373EDD82DEFAF4DEEF238A1ABFF44FDC2D9511E8AE69349B69749DD6D2AD5A2A95F579B3A0D232FAB4A915568409150F184F1F58114354235084F9B104F9DA8EC13D34AB93BD61620CC0B93118FF2299B80856CE2A40792F58E37990677E1C4A662D619F835DA5537873CDF05DCDB369AEB2E6159E351E9140DDD5E4FB57EAAD9CB5A41EAC61CD1E95D983832D0E8D35EEFF88E699A33A4AB0FC82B8A1B38F527933108FCC6533C9DE3AFCAE396246399DB878A9D500905A707B3C1F3F490E327A5C219151E7077C9E456F3DD046F6FAC8C3F98CC90FC558E87A7CB654320DA2B48F41BE0D8498A98DF562EE0A33FF61AF92E90DABA5323CF416C7E3B5E0A5190A36442F08AEE80B4886C407A689A81293D7CF6D7F88C112F7D166D4AE27147BCDC4C91E2880F5A4065B0AC7480BCDB9A0BCB790FDDF0370DF819986DA21FE700E15D449F5C0849B70C8A84569F205D74141F87B73D2EE3BB4D7A88F2DC90272219E39B5456F5CE8F0DA1E40E98C1B968112DC3664663B3C2A2B1402657CC0529AD6CED5BD2A177F9ED6FDA41378C8ADA6F33615516CFE0077E9426424F06DF517A5117F2882FFE3144245623DF8DDEF9869E5F6D328884018885209EA24F7F617837E7751D56EF3201D3FD607706B889728591E7C822ED97FF0B9DC111D5D0142387D88CB799345EF48235922632D6610F9E1C7AAAB6368EC0D4A76185686FCDA99499DC1B7F08C8A1BDDEF3F803CF168D818CEAC1F8B79E70C49E37B3E19B0096D1B6C2D4BF73DBF503401AE4EFCF9DEB8AC4A9C39E140CA9086E9927274E2A634813B1BBCF
30720170705123819 2 6 100 7679 2 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936B1FD105B 30720171207212011 2 6 100 7679 5 CF96EF3064F3389AC4D7DA6813F67988F77979BB89C86E3A82B8FBE165D96646B6665C28FE7F5D1742E288AF6A47CEAD57277CF7B7902B8B7F899CB512DDF0EDEC293B152ABA4085290AE8BF93AF988437B549319AF0E18E39805C80A4714E4108DC29DDF708365B8FAC1F220784A8AA89F4C04176DFCEFC652988A6F878937AF8FEFF6A45672DB27EC215CDCBB9C530BDC2F1F357DC69073AA6B3670B988F271386E1B2F72635AA83420CF2A393338D1C4E2B502C11CA2098481EA292ACD7A7BFF84945E9CC04B47B1967F09CC7A4BE5AAA749583318E561E5504F28472B0AEF60B854142AACFE6017786E8B5FB674C79D68B7B44842F18E2075B8679A99D43892847B09A0CADFBED479942F599A1666D96EEED85A222431F8637D6FB73F5E08465417DAAA47BD31BDCE2262E06E0B7E5BF6FA9703890997C275CE11CA52A92D0F4889F370164D4EFA8C461E2F3BBABA54F8A1DD165C3D5344DF572B67EF92DC3E8EF66926B673AD59FB5CE5FF5ECED31535CC347374D846F0373EDD82DEFAF4DEEF238A1ABFF44FDC2D9511E8AE69349B69749DD6D2AD5A2A95F579B3A0D232FAB4A915568409150F184F1F58114354235084F9B104F9DA8EC13D34AB93BD61620CC0B93118FF2299B80856CE2A40792F58E37990677E1C4A662D619F835DA5537873CDF05DCDB369AEB2E6159E351E9140DDD5E4FB57EAAD9CB5A41EAC61CD1E95D983832D0E8D35EEFF88E699A33A4AB0FC82B8A1B38F527933108FCC6533C9DE3AFCAE396246399DB878A9D500905A707B3C1F3F490E327A5C219151E7077C9E456F3DD046F6FAC8C3F98CC90FC558E87A7CB654320DA2B48F41BE0D8498A98DF562EE0A33FF61AF92E90DABA5323CF416C7E3B5E0A5190A36442F08AEE80B4886C407A689A81293D7CF6D7F88C112F7D166D4AE27147BCDC4C91E2880F5A4065B0AC7480BCDB9A0BCB790FDDF0370DF819986DA21FE700E15D449F5C0849B70C8A84569F205D74141F87B73D2EE3BB4D7A88F2DC90272219E39B5456F5CE8F0DA1E40E98C1B968112DC3664663B3C2A2B1402657CC0529AD6CED5BD2A177F9ED6FDA41378C8ADA6F33615516CFE0077E9426424F06DF517A5117F2882FFE3144245623DF8DDEF9869E5F6D328884018885209EA24F7F617837E7751D56EF3201D3FD607706B889728591E7C822ED97FF0B9DC111D5D0142387D88CB799345EF48235922632D6610F9E1C7AAAB6368EC0D4A76185686FCDA99499DC1B7F08C8A1BDDEF3F803CF168D818CEAC1F8B79E70C49E37B3E19B0096D1B6C2D4BF73DBF503401AE4EFCF9DEB8AC4A9C39E140CA9086E9927274E2A634815D9070F
30820170705150548 2 6 100 7679 2 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936B411305B 30820171208005123 2 6 100 7679 5 CF96EF3064F3389AC4D7DA6813F67988F77979BB89C86E3A82B8FBE165D96646B6665C28FE7F5D1742E288AF6A47CEAD57277CF7B7902B8B7F899CB512DDF0EDEC293B152ABA4085290AE8BF93AF988437B549319AF0E18E39805C80A4714E4108DC29DDF708365B8FAC1F220784A8AA89F4C04176DFCEFC652988A6F878937AF8FEFF6A45672DB27EC215CDCBB9C530BDC2F1F357DC69073AA6B3670B988F271386E1B2F72635AA83420CF2A393338D1C4E2B502C11CA2098481EA292ACD7A7BFF84945E9CC04B47B1967F09CC7A4BE5AAA749583318E561E5504F28472B0AEF60B854142AACFE6017786E8B5FB674C79D68B7B44842F18E2075B8679A99D43892847B09A0CADFBED479942F599A1666D96EEED85A222431F8637D6FB73F5E08465417DAAA47BD31BDCE2262E06E0B7E5BF6FA9703890997C275CE11CA52A92D0F4889F370164D4EFA8C461E2F3BBABA54F8A1DD165C3D5344DF572B67EF92DC3E8EF66926B673AD59FB5CE5FF5ECED31535CC347374D846F0373EDD82DEFAF4DEEF238A1ABFF44FDC2D9511E8AE69349B69749DD6D2AD5A2A95F579B3A0D232FAB4A915568409150F184F1F58114354235084F9B104F9DA8EC13D34AB93BD61620CC0B93118FF2299B80856CE2A40792F58E37990677E1C4A662D619F835DA5537873CDF05DCDB369AEB2E6159E351E9140DDD5E4FB57EAAD9CB5A41EAC61CD1E95D983832D0E8D35EEFF88E699A33A4AB0FC82B8A1B38F527933108FCC6533C9DE3AFCAE396246399DB878A9D500905A707B3C1F3F490E327A5C219151E7077C9E456F3DD046F6FAC8C3F98CC90FC558E87A7CB654320DA2B48F41BE0D8498A98DF562EE0A33FF61AF92E90DABA5323CF416C7E3B5E0A5190A36442F08AEE80B4886C407A689A81293D7CF6D7F88C112F7D166D4AE27147BCDC4C91E2880F5A4065B0AC7480BCDB9A0BCB790FDDF0370DF819986DA21FE700E15D449F5C0849B70C8A84569F205D74141F87B73D2EE3BB4D7A88F2DC90272219E39B5456F5CE8F0DA1E40E98C1B968112DC3664663B3C2A2B1402657CC0529AD6CED5BD2A177F9ED6FDA41378C8ADA6F33615516CFE0077E9426424F06DF517A5117F2882FFE3144245623DF8DDEF9869E5F6D328884018885209EA24F7F617837E7751D56EF3201D3FD607706B889728591E7C822ED97FF0B9DC111D5D0142387D88CB799345EF48235922632D6610F9E1C7AAAB6368EC0D4A76185686FCDA99499DC1B7F08C8A1BDDEF3F803CF168D818CEAC1F8B79E70C49E37B3E19B0096D1B6C2D4BF73DBF503401AE4EFCF9DEB8AC4A9C39E140CA9086E9927274E2A6348189250C7
30920170705152103 2 6 100 7679 2 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936B43D87FB 30920171208011303 2 6 100 7679 2 CF96EF3064F3389AC4D7DA6813F67988F77979BB89C86E3A82B8FBE165D96646B6665C28FE7F5D1742E288AF6A47CEAD57277CF7B7902B8B7F899CB512DDF0EDEC293B152ABA4085290AE8BF93AF988437B549319AF0E18E39805C80A4714E4108DC29DDF708365B8FAC1F220784A8AA89F4C04176DFCEFC652988A6F878937AF8FEFF6A45672DB27EC215CDCBB9C530BDC2F1F357DC69073AA6B3670B988F271386E1B2F72635AA83420CF2A393338D1C4E2B502C11CA2098481EA292ACD7A7BFF84945E9CC04B47B1967F09CC7A4BE5AAA749583318E561E5504F28472B0AEF60B854142AACFE6017786E8B5FB674C79D68B7B44842F18E2075B8679A99D43892847B09A0CADFBED479942F599A1666D96EEED85A222431F8637D6FB73F5E08465417DAAA47BD31BDCE2262E06E0B7E5BF6FA9703890997C275CE11CA52A92D0F4889F370164D4EFA8C461E2F3BBABA54F8A1DD165C3D5344DF572B67EF92DC3E8EF66926B673AD59FB5CE5FF5ECED31535CC347374D846F0373EDD82DEFAF4DEEF238A1ABFF44FDC2D9511E8AE69349B69749DD6D2AD5A2A95F579B3A0D232FAB4A915568409150F184F1F58114354235084F9B104F9DA8EC13D34AB93BD61620CC0B93118FF2299B80856CE2A40792F58E37990677E1C4A662D619F835DA5537873CDF05DCDB369AEB2E6159E351E9140DDD5E4FB57EAAD9CB5A41EAC61CD1E95D983832D0E8D35EEFF88E699A33A4AB0FC82B8A1B38F527933108FCC6533C9DE3AFCAE396246399DB878A9D500905A707B3C1F3F490E327A5C219151E7077C9E456F3DD046F6FAC8C3F98CC90FC558E87A7CB654320DA2B48F41BE0D8498A98DF562EE0A33FF61AF92E90DABA5323CF416C7E3B5E0A5190A36442F08AEE80B4886C407A689A81293D7CF6D7F88C112F7D166D4AE27147BCDC4C91E2880F5A4065B0AC7480BCDB9A0BCB790FDDF0370DF819986DA21FE700E15D449F5C0849B70C8A84569F205D74141F87B73D2EE3BB4D7A88F2DC90272219E39B5456F5CE8F0DA1E40E98C1B968112DC3664663B3C2A2B1402657CC0529AD6CED5BD2A177F9ED6FDA41378C8ADA6F33615516CFE0077E9426424F06DF517A5117F2882FFE3144245623DF8DDEF9869E5F6D328884018885209EA24F7F617837E7751D56EF3201D3FD607706B889728591E7C822ED97FF0B9DC111D5D0142387D88CB799345EF48235922632D6610F9E1C7AAAB6368EC0D4A76185686FCDA99499DC1B7F08C8A1BDDEF3F803CF168D818CEAC1F8B79E70C49E37B3E19B0096D1B6C2D4BF73DBF503401AE4EFCF9DEB8AC4A9C39E140CA9086E9927274E2A634818D35CE3
31020170705174143 2 6 100 7679 5 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936B637D557 31020171208021235 2 6 100 7679 2 CF96EF3064F3389AC4D7DA6813F67988F77979BB89C86E3A82B8FBE165D96646B6665C28FE7F5D1742E288AF6A47CEAD57277CF7B7902B8B7F899CB512DDF0EDEC293B152ABA4085290AE8BF93AF988437B549319AF0E18E39805C80A4714E4108DC29DDF708365B8FAC1F220784A8AA89F4C04176DFCEFC652988A6F878937AF8FEFF6A45672DB27EC215CDCBB9C530BDC2F1F357DC69073AA6B3670B988F271386E1B2F72635AA83420CF2A393338D1C4E2B502C11CA2098481EA292ACD7A7BFF84945E9CC04B47B1967F09CC7A4BE5AAA749583318E561E5504F28472B0AEF60B854142AACFE6017786E8B5FB674C79D68B7B44842F18E2075B8679A99D43892847B09A0CADFBED479942F599A1666D96EEED85A222431F8637D6FB73F5E08465417DAAA47BD31BDCE2262E06E0B7E5BF6FA9703890997C275CE11CA52A92D0F4889F370164D4EFA8C461E2F3BBABA54F8A1DD165C3D5344DF572B67EF92DC3E8EF66926B673AD59FB5CE5FF5ECED31535CC347374D846F0373EDD82DEFAF4DEEF238A1ABFF44FDC2D9511E8AE69349B69749DD6D2AD5A2A95F579B3A0D232FAB4A915568409150F184F1F58114354235084F9B104F9DA8EC13D34AB93BD61620CC0B93118FF2299B80856CE2A40792F58E37990677E1C4A662D619F835DA5537873CDF05DCDB369AEB2E6159E351E9140DDD5E4FB57EAAD9CB5A41EAC61CD1E95D983832D0E8D35EEFF88E699A33A4AB0FC82B8A1B38F527933108FCC6533C9DE3AFCAE396246399DB878A9D500905A707B3C1F3F490E327A5C219151E7077C9E456F3DD046F6FAC8C3F98CC90FC558E87A7CB654320DA2B48F41BE0D8498A98DF562EE0A33FF61AF92E90DABA5323CF416C7E3B5E0A5190A36442F08AEE80B4886C407A689A81293D7CF6D7F88C112F7D166D4AE27147BCDC4C91E2880F5A4065B0AC7480BCDB9A0BCB790FDDF0370DF819986DA21FE700E15D449F5C0849B70C8A84569F205D74141F87B73D2EE3BB4D7A88F2DC90272219E39B5456F5CE8F0DA1E40E98C1B968112DC3664663B3C2A2B1402657CC0529AD6CED5BD2A177F9ED6FDA41378C8ADA6F33615516CFE0077E9426424F06DF517A5117F2882FFE3144245623DF8DDEF9869E5F6D328884018885209EA24F7F617837E7751D56EF3201D3FD607706B889728591E7C822ED97FF0B9DC111D5D0142387D88CB799345EF48235922632D6610F9E1C7AAAB6368EC0D4A76185686FCDA99499DC1B7F08C8A1BDDEF3F803CF168D818CEAC1F8B79E70C49E37B3E19B0096D1B6C2D4BF73DBF503401AE4EFCF9DEB8AC4A9C39E140CA9086E9927274E2A63481996D303
31120170706120313 2 6 100 7679 2 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936C5C0BE63 31120171208133603 2 6 100 7679 5 CF96EF3064F3389AC4D7DA6813F67988F77979BB89C86E3A82B8FBE165D96646B6665C28FE7F5D1742E288AF6A47CEAD57277CF7B7902B8B7F899CB512DDF0EDEC293B152ABA4085290AE8BF93AF988437B549319AF0E18E39805C80A4714E4108DC29DDF708365B8FAC1F220784A8AA89F4C04176DFCEFC652988A6F878937AF8FEFF6A45672DB27EC215CDCBB9C530BDC2F1F357DC69073AA6B3670B988F271386E1B2F72635AA83420CF2A393338D1C4E2B502C11CA2098481EA292ACD7A7BFF84945E9CC04B47B1967F09CC7A4BE5AAA749583318E561E5504F28472B0AEF60B854142AACFE6017786E8B5FB674C79D68B7B44842F18E2075B8679A99D43892847B09A0CADFBED479942F599A1666D96EEED85A222431F8637D6FB73F5E08465417DAAA47BD31BDCE2262E06E0B7E5BF6FA9703890997C275CE11CA52A92D0F4889F370164D4EFA8C461E2F3BBABA54F8A1DD165C3D5344DF572B67EF92DC3E8EF66926B673AD59FB5CE5FF5ECED31535CC347374D846F0373EDD82DEFAF4DEEF238A1ABFF44FDC2D9511E8AE69349B69749DD6D2AD5A2A95F579B3A0D232FAB4A915568409150F184F1F58114354235084F9B104F9DA8EC13D34AB93BD61620CC0B93118FF2299B80856CE2A40792F58E37990677E1C4A662D619F835DA5537873CDF05DCDB369AEB2E6159E351E9140DDD5E4FB57EAAD9CB5A41EAC61CD1E95D983832D0E8D35EEFF88E699A33A4AB0FC82B8A1B38F527933108FCC6533C9DE3AFCAE396246399DB878A9D500905A707B3C1F3F490E327A5C219151E7077C9E456F3DD046F6FAC8C3F98CC90FC558E87A7CB654320DA2B48F41BE0D8498A98DF562EE0A33FF61AF92E90DABA5323CF416C7E3B5E0A5190A36442F08AEE80B4886C407A689A81293D7CF6D7F88C112F7D166D4AE27147BCDC4C91E2880F5A4065B0AC7480BCDB9A0BCB790FDDF0370DF819986DA21FE700E15D449F5C0849B70C8A84569F205D74141F87B73D2EE3BB4D7A88F2DC90272219E39B5456F5CE8F0DA1E40E98C1B968112DC3664663B3C2A2B1402657CC0529AD6CED5BD2A177F9ED6FDA41378C8ADA6F33615516CFE0077E9426424F06DF517A5117F2882FFE3144245623DF8DDEF9869E5F6D328884018885209EA24F7F617837E7751D56EF3201D3FD607706B889728591E7C822ED97FF0B9DC111D5D0142387D88CB799345EF48235922632D6610F9E1C7AAAB6368EC0D4A76185686FCDA99499DC1B7F08C8A1BDDEF3F803CF168D818CEAC1F8B79E70C49E37B3E19B0096D1B6C2D4BF73DBF503401AE4EFCF9DEB8AC4A9C39E140CA9086E9927274E2A634822901357
31220170706131942 2 6 100 7679 5 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936C6CA2F0F 31220171208151649 2 6 100 7679 2 CF96EF3064F3389AC4D7DA6813F67988F77979BB89C86E3A82B8FBE165D96646B6665C28FE7F5D1742E288AF6A47CEAD57277CF7B7902B8B7F899CB512DDF0EDEC293B152ABA4085290AE8BF93AF988437B549319AF0E18E39805C80A4714E4108DC29DDF708365B8FAC1F220784A8AA89F4C04176DFCEFC652988A6F878937AF8FEFF6A45672DB27EC215CDCBB9C530BDC2F1F357DC69073AA6B3670B988F271386E1B2F72635AA83420CF2A393338D1C4E2B502C11CA2098481EA292ACD7A7BFF84945E9CC04B47B1967F09CC7A4BE5AAA749583318E561E5504F28472B0AEF60B854142AACFE6017786E8B5FB674C79D68B7B44842F18E2075B8679A99D43892847B09A0CADFBED479942F599A1666D96EEED85A222431F8637D6FB73F5E08465417DAAA47BD31BDCE2262E06E0B7E5BF6FA9703890997C275CE11CA52A92D0F4889F370164D4EFA8C461E2F3BBABA54F8A1DD165C3D5344DF572B67EF92DC3E8EF66926B673AD59FB5CE5FF5ECED31535CC347374D846F0373EDD82DEFAF4DEEF238A1ABFF44FDC2D9511E8AE69349B69749DD6D2AD5A2A95F579B3A0D232FAB4A915568409150F184F1F58114354235084F9B104F9DA8EC13D34AB93BD61620CC0B93118FF2299B80856CE2A40792F58E37990677E1C4A662D619F835DA5537873CDF05DCDB369AEB2E6159E351E9140DDD5E4FB57EAAD9CB5A41EAC61CD1E95D983832D0E8D35EEFF88E699A33A4AB0FC82B8A1B38F527933108FCC6533C9DE3AFCAE396246399DB878A9D500905A707B3C1F3F490E327A5C219151E7077C9E456F3DD046F6FAC8C3F98CC90FC558E87A7CB654320DA2B48F41BE0D8498A98DF562EE0A33FF61AF92E90DABA5323CF416C7E3B5E0A5190A36442F08AEE80B4886C407A689A81293D7CF6D7F88C112F7D166D4AE27147BCDC4C91E2880F5A4065B0AC7480BCDB9A0BCB790FDDF0370DF819986DA21FE700E15D449F5C0849B70C8A84569F205D74141F87B73D2EE3BB4D7A88F2DC90272219E39B5456F5CE8F0DA1E40E98C1B968112DC3664663B3C2A2B1402657CC0529AD6CED5BD2A177F9ED6FDA41378C8ADA6F33615516CFE0077E9426424F06DF517A5117F2882FFE3144245623DF8DDEF9869E5F6D328884018885209EA24F7F617837E7751D56EF3201D3FD607706B889728591E7C822ED97FF0B9DC111D5D0142387D88CB799345EF48235922632D6610F9E1C7AAAB6368EC0D4A76185686FCDA99499DC1B7F08C8A1BDDEF3F803CF168D818CEAC1F8B79E70C49E37B3E19B0096D1B6C2D4BF73DBF503401AE4EFCF9DEB8AC4A9C39E140CA9086E9927274E2A634823DEBFBB
31320170706141404 2 6 100 7679 2 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936C781A68B 31320171208175501 2 6 100 7679 2 CF96EF3064F3389AC4D7DA6813F67988F77979BB89C86E3A82B8FBE165D96646B6665C28FE7F5D1742E288AF6A47CEAD57277CF7B7902B8B7F899CB512DDF0EDEC293B152ABA4085290AE8BF93AF988437B549319AF0E18E39805C80A4714E4108DC29DDF708365B8FAC1F220784A8AA89F4C04176DFCEFC652988A6F878937AF8FEFF6A45672DB27EC215CDCBB9C530BDC2F1F357DC69073AA6B3670B988F271386E1B2F72635AA83420CF2A393338D1C4E2B502C11CA2098481EA292ACD7A7BFF84945E9CC04B47B1967F09CC7A4BE5AAA749583318E561E5504F28472B0AEF60B854142AACFE6017786E8B5FB674C79D68B7B44842F18E2075B8679A99D43892847B09A0CADFBED479942F599A1666D96EEED85A222431F8637D6FB73F5E08465417DAAA47BD31BDCE2262E06E0B7E5BF6FA9703890997C275CE11CA52A92D0F4889F370164D4EFA8C461E2F3BBABA54F8A1DD165C3D5344DF572B67EF92DC3E8EF66926B673AD59FB5CE5FF5ECED31535CC347374D846F0373EDD82DEFAF4DEEF238A1ABFF44FDC2D9511E8AE69349B69749DD6D2AD5A2A95F579B3A0D232FAB4A915568409150F184F1F58114354235084F9B104F9DA8EC13D34AB93BD61620CC0B93118FF2299B80856CE2A40792F58E37990677E1C4A662D619F835DA5537873CDF05DCDB369AEB2E6159E351E9140DDD5E4FB57EAAD9CB5A41EAC61CD1E95D983832D0E8D35EEFF88E699A33A4AB0FC82B8A1B38F527933108FCC6533C9DE3AFCAE396246399DB878A9D500905A707B3C1F3F490E327A5C219151E7077C9E456F3DD046F6FAC8C3F98CC90FC558E87A7CB654320DA2B48F41BE0D8498A98DF562EE0A33FF61AF92E90DABA5323CF416C7E3B5E0A5190A36442F08AEE80B4886C407A689A81293D7CF6D7F88C112F7D166D4AE27147BCDC4C91E2880F5A4065B0AC7480BCDB9A0BCB790FDDF0370DF819986DA21FE700E15D449F5C0849B70C8A84569F205D74141F87B73D2EE3BB4D7A88F2DC90272219E39B5456F5CE8F0DA1E40E98C1B968112DC3664663B3C2A2B1402657CC0529AD6CED5BD2A177F9ED6FDA41378C8ADA6F33615516CFE0077E9426424F06DF517A5117F2882FFE3144245623DF8DDEF9869E5F6D328884018885209EA24F7F617837E7751D56EF3201D3FD607706B889728591E7C822ED97FF0B9DC111D5D0142387D88CB799345EF48235922632D6610F9E1C7AAAB6368EC0D4A76185686FCDA99499DC1B7F08C8A1BDDEF3F803CF168D818CEAC1F8B79E70C49E37B3E19B0096D1B6C2D4BF73DBF503401AE4EFCF9DEB8AC4A9C39E140CA9086E9927274E2A634825D190FB
31420170706153843 2 6 100 7679 2 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936C8A1C2AB 31420171208193058 2 6 100 7679 5 CF96EF3064F3389AC4D7DA6813F67988F77979BB89C86E3A82B8FBE165D96646B6665C28FE7F5D1742E288AF6A47CEAD57277CF7B7902B8B7F899CB512DDF0EDEC293B152ABA4085290AE8BF93AF988437B549319AF0E18E39805C80A4714E4108DC29DDF708365B8FAC1F220784A8AA89F4C04176DFCEFC652988A6F878937AF8FEFF6A45672DB27EC215CDCBB9C530BDC2F1F357DC69073AA6B3670B988F271386E1B2F72635AA83420CF2A393338D1C4E2B502C11CA2098481EA292ACD7A7BFF84945E9CC04B47B1967F09CC7A4BE5AAA749583318E561E5504F28472B0AEF60B854142AACFE6017786E8B5FB674C79D68B7B44842F18E2075B8679A99D43892847B09A0CADFBED479942F599A1666D96EEED85A222431F8637D6FB73F5E08465417DAAA47BD31BDCE2262E06E0B7E5BF6FA9703890997C275CE11CA52A92D0F4889F370164D4EFA8C461E2F3BBABA54F8A1DD165C3D5344DF572B67EF92DC3E8EF66926B673AD59FB5CE5FF5ECED31535CC347374D846F0373EDD82DEFAF4DEEF238A1ABFF44FDC2D9511E8AE69349B69749DD6D2AD5A2A95F579B3A0D232FAB4A915568409150F184F1F58114354235084F9B104F9DA8EC13D34AB93BD61620CC0B93118FF2299B80856CE2A40792F58E37990677E1C4A662D619F835DA5537873CDF05DCDB369AEB2E6159E351E9140DDD5E4FB57EAAD9CB5A41EAC61CD1E95D983832D0E8D35EEFF88E699A33A4AB0FC82B8A1B38F527933108FCC6533C9DE3AFCAE396246399DB878A9D500905A707B3C1F3F490E327A5C219151E7077C9E456F3DD046F6FAC8C3F98CC90FC558E87A7CB654320DA2B48F41BE0D8498A98DF562EE0A33FF61AF92E90DABA5323CF416C7E3B5E0A5190A36442F08AEE80B4886C407A689A81293D7CF6D7F88C112F7D166D4AE27147BCDC4C91E2880F5A4065B0AC7480BCDB9A0BCB790FDDF0370DF819986DA21FE700E15D449F5C0849B70C8A84569F205D74141F87B73D2EE3BB4D7A88F2DC90272219E39B5456F5CE8F0DA1E40E98C1B968112DC3664663B3C2A2B1402657CC0529AD6CED5BD2A177F9ED6FDA41378C8ADA6F33615516CFE0077E9426424F06DF517A5117F2882FFE3144245623DF8DDEF9869E5F6D328884018885209EA24F7F617837E7751D56EF3201D3FD607706B889728591E7C822ED97FF0B9DC111D5D0142387D88CB799345EF48235922632D6610F9E1C7AAAB6368EC0D4A76185686FCDA99499DC1B7F08C8A1BDDEF3F803CF168D818CEAC1F8B79E70C49E37B3E19B0096D1B6C2D4BF73DBF503401AE4EFCF9DEB8AC4A9C39E140CA9086E9927274E2A634826F30FB7
31520170706173242 2 6 100 7679 5 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936CA322EEF 31520171209011341 2 6 100 7679 2 CF96EF3064F3389AC4D7DA6813F67988F77979BB89C86E3A82B8FBE165D96646B6665C28FE7F5D1742E288AF6A47CEAD57277CF7B7902B8B7F899CB512DDF0EDEC293B152ABA4085290AE8BF93AF988437B549319AF0E18E39805C80A4714E4108DC29DDF708365B8FAC1F220784A8AA89F4C04176DFCEFC652988A6F878937AF8FEFF6A45672DB27EC215CDCBB9C530BDC2F1F357DC69073AA6B3670B988F271386E1B2F72635AA83420CF2A393338D1C4E2B502C11CA2098481EA292ACD7A7BFF84945E9CC04B47B1967F09CC7A4BE5AAA749583318E561E5504F28472B0AEF60B854142AACFE6017786E8B5FB674C79D68B7B44842F18E2075B8679A99D43892847B09A0CADFBED479942F599A1666D96EEED85A222431F8637D6FB73F5E08465417DAAA47BD31BDCE2262E06E0B7E5BF6FA9703890997C275CE11CA52A92D0F4889F370164D4EFA8C461E2F3BBABA54F8A1DD165C3D5344DF572B67EF92DC3E8EF66926B673AD59FB5CE5FF5ECED31535CC347374D846F0373EDD82DEFAF4DEEF238A1ABFF44FDC2D9511E8AE69349B69749DD6D2AD5A2A95F579B3A0D232FAB4A915568409150F184F1F58114354235084F9B104F9DA8EC13D34AB93BD61620CC0B93118FF2299B80856CE2A40792F58E37990677E1C4A662D619F835DA5537873CDF05DCDB369AEB2E6159E351E9140DDD5E4FB57EAAD9CB5A41EAC61CD1E95D983832D0E8D35EEFF88E699A33A4AB0FC82B8A1B38F527933108FCC6533C9DE3AFCAE396246399DB878A9D500905A707B3C1F3F490E327A5C219151E7077C9E456F3DD046F6FAC8C3F98CC90FC558E87A7CB654320DA2B48F41BE0D8498A98DF562EE0A33FF61AF92E90DABA5323CF416C7E3B5E0A5190A36442F08AEE80B4886C407A689A81293D7CF6D7F88C112F7D166D4AE27147BCDC4C91E2880F5A4065B0AC7480BCDB9A0BCB790FDDF0370DF819986DA21FE700E15D449F5C0849B70C8A84569F205D74141F87B73D2EE3BB4D7A88F2DC90272219E39B5456F5CE8F0DA1E40E98C1B968112DC3664663B3C2A2B1402657CC0529AD6CED5BD2A177F9ED6FDA41378C8ADA6F33615516CFE0077E9426424F06DF517A5117F2882FFE3144245623DF8DDEF9869E5F6D328884018885209EA24F7F617837E7751D56EF3201D3FD607706B889728591E7C822ED97FF0B9DC111D5D0142387D88CB799345EF48235922632D6610F9E1C7AAAB6368EC0D4A76185686FCDA99499DC1B7F08C8A1BDDEF3F803CF168D818CEAC1F8B79E70C49E37B3E19B0096D1B6C2D4BF73DBF503401AE4EFCF9DEB8AC4A9C39E140CA9086E9927274E2A63482B5BD51B
31620170706183451 2 6 100 7679 2 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936CB02939B 31620171209030814 2 6 100 7679 5 CF96EF3064F3389AC4D7DA6813F67988F77979BB89C86E3A82B8FBE165D96646B6665C28FE7F5D1742E288AF6A47CEAD57277CF7B7902B8B7F899CB512DDF0EDEC293B152ABA4085290AE8BF93AF988437B549319AF0E18E39805C80A4714E4108DC29DDF708365B8FAC1F220784A8AA89F4C04176DFCEFC652988A6F878937AF8FEFF6A45672DB27EC215CDCBB9C530BDC2F1F357DC69073AA6B3670B988F271386E1B2F72635AA83420CF2A393338D1C4E2B502C11CA2098481EA292ACD7A7BFF84945E9CC04B47B1967F09CC7A4BE5AAA749583318E561E5504F28472B0AEF60B854142AACFE6017786E8B5FB674C79D68B7B44842F18E2075B8679A99D43892847B09A0CADFBED479942F599A1666D96EEED85A222431F8637D6FB73F5E08465417DAAA47BD31BDCE2262E06E0B7E5BF6FA9703890997C275CE11CA52A92D0F4889F370164D4EFA8C461E2F3BBABA54F8A1DD165C3D5344DF572B67EF92DC3E8EF66926B673AD59FB5CE5FF5ECED31535CC347374D846F0373EDD82DEFAF4DEEF238A1ABFF44FDC2D9511E8AE69349B69749DD6D2AD5A2A95F579B3A0D232FAB4A915568409150F184F1F58114354235084F9B104F9DA8EC13D34AB93BD61620CC0B93118FF2299B80856CE2A40792F58E37990677E1C4A662D619F835DA5537873CDF05DCDB369AEB2E6159E351E9140DDD5E4FB57EAAD9CB5A41EAC61CD1E95D983832D0E8D35EEFF88E699A33A4AB0FC82B8A1B38F527933108FCC6533C9DE3AFCAE396246399DB878A9D500905A707B3C1F3F490E327A5C219151E7077C9E456F3DD046F6FAC8C3F98CC90FC558E87A7CB654320DA2B48F41BE0D8498A98DF562EE0A33FF61AF92E90DABA5323CF416C7E3B5E0A5190A36442F08AEE80B4886C407A689A81293D7CF6D7F88C112F7D166D4AE27147BCDC4C91E2880F5A4065B0AC7480BCDB9A0BCB790FDDF0370DF819986DA21FE700E15D449F5C0849B70C8A84569F205D74141F87B73D2EE3BB4D7A88F2DC90272219E39B5456F5CE8F0DA1E40E98C1B968112DC3664663B3C2A2B1402657CC0529AD6CED5BD2A177F9ED6FDA41378C8ADA6F33615516CFE0077E9426424F06DF517A5117F2882FFE3144245623DF8DDEF9869E5F6D328884018885209EA24F7F617837E7751D56EF3201D3FD607706B889728591E7C822ED97FF0B9DC111D5D0142387D88CB799345EF48235922632D6610F9E1C7AAAB6368EC0D4A76185686FCDA99499DC1B7F08C8A1BDDEF3F803CF168D818CEAC1F8B79E70C49E37B3E19B0096D1B6C2D4BF73DBF503401AE4EFCF9DEB8AC4A9C39E140CA9086E9927274E2A63482CD52277
31720170706184330 2 6 100 7679 2 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936CB163C7B 31720171209040411 2 6 100 7679 2 CF96EF3064F3389AC4D7DA6813F67988F77979BB89C86E3A82B8FBE165D96646B6665C28FE7F5D1742E288AF6A47CEAD57277CF7B7902B8B7F899CB512DDF0EDEC293B152ABA4085290AE8BF93AF988437B549319AF0E18E39805C80A4714E4108DC29DDF708365B8FAC1F220784A8AA89F4C04176DFCEFC652988A6F878937AF8FEFF6A45672DB27EC215CDCBB9C530BDC2F1F357DC69073AA6B3670B988F271386E1B2F72635AA83420CF2A393338D1C4E2B502C11CA2098481EA292ACD7A7BFF84945E9CC04B47B1967F09CC7A4BE5AAA749583318E561E5504F28472B0AEF60B854142AACFE6017786E8B5FB674C79D68B7B44842F18E2075B8679A99D43892847B09A0CADFBED479942F599A1666D96EEED85A222431F8637D6FB73F5E08465417DAAA47BD31BDCE2262E06E0B7E5BF6FA9703890997C275CE11CA52A92D0F4889F370164D4EFA8C461E2F3BBABA54F8A1DD165C3D5344DF572B67EF92DC3E8EF66926B673AD59FB5CE5FF5ECED31535CC347374D846F0373EDD82DEFAF4DEEF238A1ABFF44FDC2D9511E8AE69349B69749DD6D2AD5A2A95F579B3A0D232FAB4A915568409150F184F1F58114354235084F9B104F9DA8EC13D34AB93BD61620CC0B93118FF2299B80856CE2A40792F58E37990677E1C4A662D619F835DA5537873CDF05DCDB369AEB2E6159E351E9140DDD5E4FB57EAAD9CB5A41EAC61CD1E95D983832D0E8D35EEFF88E699A33A4AB0FC82B8A1B38F527933108FCC6533C9DE3AFCAE396246399DB878A9D500905A707B3C1F3F490E327A5C219151E7077C9E456F3DD046F6FAC8C3F98CC90FC558E87A7CB654320DA2B48F41BE0D8498A98DF562EE0A33FF61AF92E90DABA5323CF416C7E3B5E0A5190A36442F08AEE80B4886C407A689A81293D7CF6D7F88C112F7D166D4AE27147BCDC4C91E2880F5A4065B0AC7480BCDB9A0BCB790FDDF0370DF819986DA21FE700E15D449F5C0849B70C8A84569F205D74141F87B73D2EE3BB4D7A88F2DC90272219E39B5456F5CE8F0DA1E40E98C1B968112DC3664663B3C2A2B1402657CC0529AD6CED5BD2A177F9ED6FDA41378C8ADA6F33615516CFE0077E9426424F06DF517A5117F2882FFE3144245623DF8DDEF9869E5F6D328884018885209EA24F7F617837E7751D56EF3201D3FD607706B889728591E7C822ED97FF0B9DC111D5D0142387D88CB799345EF48235922632D6610F9E1C7AAAB6368EC0D4A76185686FCDA99499DC1B7F08C8A1BDDEF3F803CF168D818CEAC1F8B79E70C49E37B3E19B0096D1B6C2D4BF73DBF503401AE4EFCF9DEB8AC4A9C39E140CA9086E9927274E2A63482D874DDB
31820170706195815 2 6 100 7679 2 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936CC15613B 31820171209121718 2 6 100 7679 2 CF96EF3064F3389AC4D7DA6813F67988F77979BB89C86E3A82B8FBE165D96646B6665C28FE7F5D1742E288AF6A47CEAD57277CF7B7902B8B7F899CB512DDF0EDEC293B152ABA4085290AE8BF93AF988437B549319AF0E18E39805C80A4714E4108DC29DDF708365B8FAC1F220784A8AA89F4C04176DFCEFC652988A6F878937AF8FEFF6A45672DB27EC215CDCBB9C530BDC2F1F357DC69073AA6B3670B988F271386E1B2F72635AA83420CF2A393338D1C4E2B502C11CA2098481EA292ACD7A7BFF84945E9CC04B47B1967F09CC7A4BE5AAA749583318E561E5504F28472B0AEF60B854142AACFE6017786E8B5FB674C79D68B7B44842F18E2075B8679A99D43892847B09A0CADFBED479942F599A1666D96EEED85A222431F8637D6FB73F5E08465417DAAA47BD31BDCE2262E06E0B7E5BF6FA9703890997C275CE11CA52A92D0F4889F370164D4EFA8C461E2F3BBABA54F8A1DD165C3D5344DF572B67EF92DC3E8EF66926B673AD59FB5CE5FF5ECED31535CC347374D846F0373EDD82DEFAF4DEEF238A1ABFF44FDC2D9511E8AE69349B69749DD6D2AD5A2A95F579B3A0D232FAB4A915568409150F184F1F58114354235084F9B104F9DA8EC13D34AB93BD61620CC0B93118FF2299B80856CE2A40792F58E37990677E1C4A662D619F835DA5537873CDF05DCDB369AEB2E6159E351E9140DDD5E4FB57EAAD9CB5A41EAC61CD1E95D983832D0E8D35EEFF88E699A33A4AB0FC82B8A1B38F527933108FCC6533C9DE3AFCAE396246399DB878A9D500905A707B3C1F3F490E327A5C219151E7077C9E456F3DD046F6FAC8C3F98CC90FC558E87A7CB654320DA2B48F41BE0D8498A98DF562EE0A33FF61AF92E90DABA5323CF416C7E3B5E0A5190A36442F08AEE80B4886C407A689A81293D7CF6D7F88C112F7D166D4AE27147BCDC4C91E2880F5A4065B0AC7480BCDB9A0BCB790FDDF0370DF819986DA21FE700E15D449F5C0849B70C8A84569F205D74141F87B73D2EE3BB4D7A88F2DC90272219E39B5456F5CE8F0DA1E40E98C1B968112DC3664663B3C2A2B1402657CC0529AD6CED5BD2A177F9ED6FDA41378C8ADA6F33615516CFE0077E9426424F06DF517A5117F2882FFE3144245623DF8DDEF9869E5F6D328884018885209EA24F7F617837E7751D56EF3201D3FD607706B889728591E7C822ED97FF0B9DC111D5D0142387D88CB799345EF48235922632D6610F9E1C7AAAB6368EC0D4A76185686FCDA99499DC1B7F08C8A1BDDEF3F803CF168D818CEAC1F8B79E70C49E37B3E19B0096D1B6C2D4BF73DBF503401AE4EFCF9DEB8AC4A9C39E140CA9086E9927274E2A634833C845DB
31920170707002909 2 6 100 7679 2 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936CFBE39B3 31920171209182655 2 6 100 7679 5 CF96EF3064F3389AC4D7DA6813F67988F77979BB89C86E3A82B8FBE165D96646B6665C28FE7F5D1742E288AF6A47CEAD57277CF7B7902B8B7F899CB512DDF0EDEC293B152ABA4085290AE8BF93AF988437B549319AF0E18E39805C80A4714E4108DC29DDF708365B8FAC1F220784A8AA89F4C04176DFCEFC652988A6F878937AF8FEFF6A45672DB27EC215CDCBB9C530BDC2F1F357DC69073AA6B3670B988F271386E1B2F72635AA83420CF2A393338D1C4E2B502C11CA2098481EA292ACD7A7BFF84945E9CC04B47B1967F09CC7A4BE5AAA749583318E561E5504F28472B0AEF60B854142AACFE6017786E8B5FB674C79D68B7B44842F18E2075B8679A99D43892847B09A0CADFBED479942F599A1666D96EEED85A222431F8637D6FB73F5E08465417DAAA47BD31BDCE2262E06E0B7E5BF6FA9703890997C275CE11CA52A92D0F4889F370164D4EFA8C461E2F3BBABA54F8A1DD165C3D5344DF572B67EF92DC3E8EF66926B673AD59FB5CE5FF5ECED31535CC347374D846F0373EDD82DEFAF4DEEF238A1ABFF44FDC2D9511E8AE69349B69749DD6D2AD5A2A95F579B3A0D232FAB4A915568409150F184F1F58114354235084F9B104F9DA8EC13D34AB93BD61620CC0B93118FF2299B80856CE2A40792F58E37990677E1C4A662D619F835DA5537873CDF05DCDB369AEB2E6159E351E9140DDD5E4FB57EAAD9CB5A41EAC61CD1E95D983832D0E8D35EEFF88E699A33A4AB0FC82B8A1B38F527933108FCC6533C9DE3AFCAE396246399DB878A9D500905A707B3C1F3F490E327A5C219151E7077C9E456F3DD046F6FAC8C3F98CC90FC558E87A7CB654320DA2B48F41BE0D8498A98DF562EE0A33FF61AF92E90DABA5323CF416C7E3B5E0A5190A36442F08AEE80B4886C407A689A81293D7CF6D7F88C112F7D166D4AE27147BCDC4C91E2880F5A4065B0AC7480BCDB9A0BCB790FDDF0370DF819986DA21FE700E15D449F5C0849B70C8A84569F205D74141F87B73D2EE3BB4D7A88F2DC90272219E39B5456F5CE8F0DA1E40E98C1B968112DC3664663B3C2A2B1402657CC0529AD6CED5BD2A177F9ED6FDA41378C8ADA6F33615516CFE0077E9426424F06DF517A5117F2882FFE3144245623DF8DDEF9869E5F6D328884018885209EA24F7F617837E7751D56EF3201D3FD607706B889728591E7C822ED97FF0B9DC111D5D0142387D88CB799345EF48235922632D6610F9E1C7AAAB6368EC0D4A76185686FCDA99499DC1B7F08C8A1BDDEF3F803CF168D818CEAC1F8B79E70C49E37B3E19B0096D1B6C2D4BF73DBF503401AE4EFCF9DEB8AC4A9C39E140CA9086E9927274E2A6348386E2CD7
32020170707012259 2 6 100 7679 5 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936D06F0ADF 32020171209190603 2 6 100 7679 5 CF96EF3064F3389AC4D7DA6813F67988F77979BB89C86E3A82B8FBE165D96646B6665C28FE7F5D1742E288AF6A47CEAD57277CF7B7902B8B7F899CB512DDF0EDEC293B152ABA4085290AE8BF93AF988437B549319AF0E18E39805C80A4714E4108DC29DDF708365B8FAC1F220784A8AA89F4C04176DFCEFC652988A6F878937AF8FEFF6A45672DB27EC215CDCBB9C530BDC2F1F357DC69073AA6B3670B988F271386E1B2F72635AA83420CF2A393338D1C4E2B502C11CA2098481EA292ACD7A7BFF84945E9CC04B47B1967F09CC7A4BE5AAA749583318E561E5504F28472B0AEF60B854142AACFE6017786E8B5FB674C79D68B7B44842F18E2075B8679A99D43892847B09A0CADFBED479942F599A1666D96EEED85A222431F8637D6FB73F5E08465417DAAA47BD31BDCE2262E06E0B7E5BF6FA9703890997C275CE11CA52A92D0F4889F370164D4EFA8C461E2F3BBABA54F8A1DD165C3D5344DF572B67EF92DC3E8EF66926B673AD59FB5CE5FF5ECED31535CC347374D846F0373EDD82DEFAF4DEEF238A1ABFF44FDC2D9511E8AE69349B69749DD6D2AD5A2A95F579B3A0D232FAB4A915568409150F184F1F58114354235084F9B104F9DA8EC13D34AB93BD61620CC0B93118FF2299B80856CE2A40792F58E37990677E1C4A662D619F835DA5537873CDF05DCDB369AEB2E6159E351E9140DDD5E4FB57EAAD9CB5A41EAC61CD1E95D983832D0E8D35EEFF88E699A33A4AB0FC82B8A1B38F527933108FCC6533C9DE3AFCAE396246399DB878A9D500905A707B3C1F3F490E327A5C219151E7077C9E456F3DD046F6FAC8C3F98CC90FC558E87A7CB654320DA2B48F41BE0D8498A98DF562EE0A33FF61AF92E90DABA5323CF416C7E3B5E0A5190A36442F08AEE80B4886C407A689A81293D7CF6D7F88C112F7D166D4AE27147BCDC4C91E2880F5A4065B0AC7480BCDB9A0BCB790FDDF0370DF819986DA21FE700E15D449F5C0849B70C8A84569F205D74141F87B73D2EE3BB4D7A88F2DC90272219E39B5456F5CE8F0DA1E40E98C1B968112DC3664663B3C2A2B1402657CC0529AD6CED5BD2A177F9ED6FDA41378C8ADA6F33615516CFE0077E9426424F06DF517A5117F2882FFE3144245623DF8DDEF9869E5F6D328884018885209EA24F7F617837E7751D56EF3201D3FD607706B889728591E7C822ED97FF0B9DC111D5D0142387D88CB799345EF48235922632D6610F9E1C7AAAB6368EC0D4A76185686FCDA99499DC1B7F08C8A1BDDEF3F803CF168D818CEAC1F8B79E70C49E37B3E19B0096D1B6C2D4BF73DBF503401AE4EFCF9DEB8AC4A9C39E140CA9086E9927274E2A634838DD3487
32120170707064939 2 6 100 7679 2 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936D4E0A703 32120171209234111 2 6 100 7679 2 CF96EF3064F3389AC4D7DA6813F67988F77979BB89C86E3A82B8FBE165D96646B6665C28FE7F5D1742E288AF6A47CEAD57277CF7B7902B8B7F899CB512DDF0EDEC293B152ABA4085290AE8BF93AF988437B549319AF0E18E39805C80A4714E4108DC29DDF708365B8FAC1F220784A8AA89F4C04176DFCEFC652988A6F878937AF8FEFF6A45672DB27EC215CDCBB9C530BDC2F1F357DC69073AA6B3670B988F271386E1B2F72635AA83420CF2A393338D1C4E2B502C11CA2098481EA292ACD7A7BFF84945E9CC04B47B1967F09CC7A4BE5AAA749583318E561E5504F28472B0AEF60B854142AACFE6017786E8B5FB674C79D68B7B44842F18E2075B8679A99D43892847B09A0CADFBED479942F599A1666D96EEED85A222431F8637D6FB73F5E08465417DAAA47BD31BDCE2262E06E0B7E5BF6FA9703890997C275CE11CA52A92D0F4889F370164D4EFA8C461E2F3BBABA54F8A1DD165C3D5344DF572B67EF92DC3E8EF66926B673AD59FB5CE5FF5ECED31535CC347374D846F0373EDD82DEFAF4DEEF238A1ABFF44FDC2D9511E8AE69349B69749DD6D2AD5A2A95F579B3A0D232FAB4A915568409150F184F1F58114354235084F9B104F9DA8EC13D34AB93BD61620CC0B93118FF2299B80856CE2A40792F58E37990677E1C4A662D619F835DA5537873CDF05DCDB369AEB2E6159E351E9140DDD5E4FB57EAAD9CB5A41EAC61CD1E95D983832D0E8D35EEFF88E699A33A4AB0FC82B8A1B38F527933108FCC6533C9DE3AFCAE396246399DB878A9D500905A707B3C1F3F490E327A5C219151E7077C9E456F3DD046F6FAC8C3F98CC90FC558E87A7CB654320DA2B48F41BE0D8498A98DF562EE0A33FF61AF92E90DABA5323CF416C7E3B5E0A5190A36442F08AEE80B4886C407A689A81293D7CF6D7F88C112F7D166D4AE27147BCDC4C91E2880F5A4065B0AC7480BCDB9A0BCB790FDDF0370DF819986DA21FE700E15D449F5C0849B70C8A84569F205D74141F87B73D2EE3BB4D7A88F2DC90272219E39B5456F5CE8F0DA1E40E98C1B968112DC3664663B3C2A2B1402657CC0529AD6CED5BD2A177F9ED6FDA41378C8ADA6F33615516CFE0077E9426424F06DF517A5117F2882FFE3144245623DF8DDEF9869E5F6D328884018885209EA24F7F617837E7751D56EF3201D3FD607706B889728591E7C822ED97FF0B9DC111D5D0142387D88CB799345EF48235922632D6610F9E1C7AAAB6368EC0D4A76185686FCDA99499DC1B7F08C8A1BDDEF3F803CF168D818CEAC1F8B79E70C49E37B3E19B0096D1B6C2D4BF73DBF503401AE4EFCF9DEB8AC4A9C39E140CA9086E9927274E2A63483C59DD8B
32220170707065604 2 6 100 7679 5 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936D4EE0BAF 32220171210084529 2 6 100 7679 2 CF96EF3064F3389AC4D7DA6813F67988F77979BB89C86E3A82B8FBE165D96646B6665C28FE7F5D1742E288AF6A47CEAD57277CF7B7902B8B7F899CB512DDF0EDEC293B152ABA4085290AE8BF93AF988437B549319AF0E18E39805C80A4714E4108DC29DDF708365B8FAC1F220784A8AA89F4C04176DFCEFC652988A6F878937AF8FEFF6A45672DB27EC215CDCBB9C530BDC2F1F357DC69073AA6B3670B988F271386E1B2F72635AA83420CF2A393338D1C4E2B502C11CA2098481EA292ACD7A7BFF84945E9CC04B47B1967F09CC7A4BE5AAA749583318E561E5504F28472B0AEF60B854142AACFE6017786E8B5FB674C79D68B7B44842F18E2075B8679A99D43892847B09A0CADFBED479942F599A1666D96EEED85A222431F8637D6FB73F5E08465417DAAA47BD31BDCE2262E06E0B7E5BF6FA9703890997C275CE11CA52A92D0F4889F370164D4EFA8C461E2F3BBABA54F8A1DD165C3D5344DF572B67EF92DC3E8EF66926B673AD59FB5CE5FF5ECED31535CC347374D846F0373EDD82DEFAF4DEEF238A1ABFF44FDC2D9511E8AE69349B69749DD6D2AD5A2A95F579B3A0D232FAB4A915568409150F184F1F58114354235084F9B104F9DA8EC13D34AB93BD61620CC0B93118FF2299B80856CE2A40792F58E37990677E1C4A662D619F835DA5537873CDF05DCDB369AEB2E6159E351E9140DDD5E4FB57EAAD9CB5A41EAC61CD1E95D983832D0E8D35EEFF88E699A33A4AB0FC82B8A1B38F527933108FCC6533C9DE3AFCAE396246399DB878A9D500905A707B3C1F3F490E327A5C219151E7077C9E456F3DD046F6FAC8C3F98CC90FC558E87A7CB654320DA2B48F41BE0D8498A98DF562EE0A33FF61AF92E90DABA5323CF416C7E3B5E0A5190A36442F08AEE80B4886C407A689A81293D7CF6D7F88C112F7D166D4AE27147BCDC4C91E2880F5A4065B0AC7480BCDB9A0BCB790FDDF0370DF819986DA21FE700E15D449F5C0849B70C8A84569F205D74141F87B73D2EE3BB4D7A88F2DC90272219E39B5456F5CE8F0DA1E40E98C1B968112DC3664663B3C2A2B1402657CC0529AD6CED5BD2A177F9ED6FDA41378C8ADA6F33615516CFE0077E9426424F06DF517A5117F2882FFE3144245623DF8DDEF9869E5F6D328884018885209EA24F7F617837E7751D56EF3201D3FD607706B889728591E7C822ED97FF0B9DC111D5D0142387D88CB799345EF48235922632D6610F9E1C7AAAB6368EC0D4A76185686FCDA99499DC1B7F08C8A1BDDEF3F803CF168D818CEAC1F8B79E70C49E37B3E19B0096D1B6C2D4BF73DBF503401AE4EFCF9DEB8AC4A9C39E140CA9086E9927274E2A6348432B34CB
32320170707120623 2 6 100 7679 2 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936D9082CA3 32320171210100748 2 6 100 7679 5 CF96EF3064F3389AC4D7DA6813F67988F77979BB89C86E3A82B8FBE165D96646B6665C28FE7F5D1742E288AF6A47CEAD57277CF7B7902B8B7F899CB512DDF0EDEC293B152ABA4085290AE8BF93AF988437B549319AF0E18E39805C80A4714E4108DC29DDF708365B8FAC1F220784A8AA89F4C04176DFCEFC652988A6F878937AF8FEFF6A45672DB27EC215CDCBB9C530BDC2F1F357DC69073AA6B3670B988F271386E1B2F72635AA83420CF2A393338D1C4E2B502C11CA2098481EA292ACD7A7BFF84945E9CC04B47B1967F09CC7A4BE5AAA749583318E561E5504F28472B0AEF60B854142AACFE6017786E8B5FB674C79D68B7B44842F18E2075B8679A99D43892847B09A0CADFBED479942F599A1666D96EEED85A222431F8637D6FB73F5E08465417DAAA47BD31BDCE2262E06E0B7E5BF6FA9703890997C275CE11CA52A92D0F4889F370164D4EFA8C461E2F3BBABA54F8A1DD165C3D5344DF572B67EF92DC3E8EF66926B673AD59FB5CE5FF5ECED31535CC347374D846F0373EDD82DEFAF4DEEF238A1ABFF44FDC2D9511E8AE69349B69749DD6D2AD5A2A95F579B3A0D232FAB4A915568409150F184F1F58114354235084F9B104F9DA8EC13D34AB93BD61620CC0B93118FF2299B80856CE2A40792F58E37990677E1C4A662D619F835DA5537873CDF05DCDB369AEB2E6159E351E9140DDD5E4FB57EAAD9CB5A41EAC61CD1E95D983832D0E8D35EEFF88E699A33A4AB0FC82B8A1B38F527933108FCC6533C9DE3AFCAE396246399DB878A9D500905A707B3C1F3F490E327A5C219151E7077C9E456F3DD046F6FAC8C3F98CC90FC558E87A7CB654320DA2B48F41BE0D8498A98DF562EE0A33FF61AF92E90DABA5323CF416C7E3B5E0A5190A36442F08AEE80B4886C407A689A81293D7CF6D7F88C112F7D166D4AE27147BCDC4C91E2880F5A4065B0AC7480BCDB9A0BCB790FDDF0370DF819986DA21FE700E15D449F5C0849B70C8A84569F205D74141F87B73D2EE3BB4D7A88F2DC90272219E39B5456F5CE8F0DA1E40E98C1B968112DC3664663B3C2A2B1402657CC0529AD6CED5BD2A177F9ED6FDA41378C8ADA6F33615516CFE0077E9426424F06DF517A5117F2882FFE3144245623DF8DDEF9869E5F6D328884018885209EA24F7F617837E7751D56EF3201D3FD607706B889728591E7C822ED97FF0B9DC111D5D0142387D88CB799345EF48235922632D6610F9E1C7AAAB6368EC0D4A76185686FCDA99499DC1B7F08C8A1BDDEF3F803CF168D818CEAC1F8B79E70C49E37B3E19B0096D1B6C2D4BF73DBF503401AE4EFCF9DEB8AC4A9C39E140CA9086E9927274E2A63484426B89F
32420170707121752 2 6 100 7679 5 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936D928FC67 32420171211113225 2 6 100 7679 5 CF96EF3064F3389AC4D7DA6813F67988F77979BB89C86E3A82B8FBE165D96646B6665C28FE7F5D1742E288AF6A47CEAD57277CF7B7902B8B7F899CB512DDF0EDEC293B152ABA4085290AE8BF93AF988437B549319AF0E18E39805C80A4714E4108DC29DDF708365B8FAC1F220784A8AA89F4C04176DFCEFC652988A6F878937AF8FEFF6A45672DB27EC215CDCBB9C530BDC2F1F357DC69073AA6B3670B988F271386E1B2F72635AA83420CF2A393338D1C4E2B502C11CA2098481EA292ACD7A7BFF84945E9CC04B47B1967F09CC7A4BE5AAA749583318E561E5504F28472B0AEF60B854142AACFE6017786E8B5FB674C79D68B7B44842F18E2075B8679A99D43892847B09A0CADFBED479942F599A1666D96EEED85A222431F8637D6FB73F5E08465417DAAA47BD31BDCE2262E06E0B7E5BF6FA9703890997C275CE11CA52A92D0F4889F370164D4EFA8C461E2F3BBABA54F8A1DD165C3D5344DF572B67EF92DC3E8EF66926B673AD59FB5CE5FF5ECED31535CC347374D846F0373EDD82DEFAF4DEEF238A1ABFF44FDC2D9511E8AE69349B69749DD6D2AD5A2A95F579B3A0D232FAB4A915568409150F184F1F58114354235084F9B104F9DA8EC13D34AB93BD61620CC0B93118FF2299B80856CE2A40792F58E37990677E1C4A662D619F835DA5537873CDF05DCDB369AEB2E6159E351E9140DDD5E4FB57EAAD9CB5A41EAC61CD1E95D983832D0E8D35EEFF88E699A33A4AB0FC82B8A1B38F527933108FCC6533C9DE3AFCAE396246399DB878A9D500905A707B3C1F3F490E327A5C219151E7077C9E456F3DD046F6FAC8C3F98CC90FC558E87A7CB654320DA2B48F41BE0D8498A98DF562EE0A33FF61AF92E90DABA5323CF416C7E3B5E0A5190A36442F08AEE80B4886C407A689A81293D7CF6D7F88C112F7D166D4AE27147BCDC4C91E2880F5A4065B0AC7480BCDB9A0BCB790FDDF0370DF819986DA21FE700E15D449F5C0849B70C8A84569F205D74141F87B73D2EE3BB4D7A88F2DC90272219E39B5456F5CE8F0DA1E40E98C1B968112DC3664663B3C2A2B1402657CC0529AD6CED5BD2A177F9ED6FDA41378C8ADA6F33615516CFE0077E9426424F06DF517A5117F2882FFE3144245623DF8DDEF9869E5F6D328884018885209EA24F7F617837E7751D56EF3201D3FD607706B889728591E7C822ED97FF0B9DC111D5D0142387D88CB799345EF48235922632D6610F9E1C7AAAB6368EC0D4A76185686FCDA99499DC1B7F08C8A1BDDEF3F803CF168D818CEAC1F8B79E70C49E37B3E19B0096D1B6C2D4BF73DBF503401AE4EFCF9DEB8AC4A9C39E140CA9086E9927274E2A634856D74BDF
32520170707164931 2 6 100 7679 2 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936DCD75823 32520171211183528 2 6 100 7679 5 CF96EF3064F3389AC4D7DA6813F67988F77979BB89C86E3A82B8FBE165D96646B6665C28FE7F5D1742E288AF6A47CEAD57277CF7B7902B8B7F899CB512DDF0EDEC293B152ABA4085290AE8BF93AF988437B549319AF0E18E39805C80A4714E4108DC29DDF708365B8FAC1F220784A8AA89F4C04176DFCEFC652988A6F878937AF8FEFF6A45672DB27EC215CDCBB9C530BDC2F1F357DC69073AA6B3670B988F271386E1B2F72635AA83420CF2A393338D1C4E2B502C11CA2098481EA292ACD7A7BFF84945E9CC04B47B1967F09CC7A4BE5AAA749583318E561E5504F28472B0AEF60B854142AACFE6017786E8B5FB674C79D68B7B44842F18E2075B8679A99D43892847B09A0CADFBED479942F599A1666D96EEED85A222431F8637D6FB73F5E08465417DAAA47BD31BDCE2262E06E0B7E5BF6FA9703890997C275CE11CA52A92D0F4889F370164D4EFA8C461E2F3BBABA54F8A1DD165C3D5344DF572B67EF92DC3E8EF66926B673AD59FB5CE5FF5ECED31535CC347374D846F0373EDD82DEFAF4DEEF238A1ABFF44FDC2D9511E8AE69349B69749DD6D2AD5A2A95F579B3A0D232FAB4A915568409150F184F1F58114354235084F9B104F9DA8EC13D34AB93BD61620CC0B93118FF2299B80856CE2A40792F58E37990677E1C4A662D619F835DA5537873CDF05DCDB369AEB2E6159E351E9140DDD5E4FB57EAAD9CB5A41EAC61CD1E95D983832D0E8D35EEFF88E699A33A4AB0FC82B8A1B38F527933108FCC6533C9DE3AFCAE396246399DB878A9D500905A707B3C1F3F490E327A5C219151E7077C9E456F3DD046F6FAC8C3F98CC90FC558E87A7CB654320DA2B48F41BE0D8498A98DF562EE0A33FF61AF92E90DABA5323CF416C7E3B5E0A5190A36442F08AEE80B4886C407A689A81293D7CF6D7F88C112F7D166D4AE27147BCDC4C91E2880F5A4065B0AC7480BCDB9A0BCB790FDDF0370DF819986DA21FE700E15D449F5C0849B70C8A84569F205D74141F87B73D2EE3BB4D7A88F2DC90272219E39B5456F5CE8F0DA1E40E98C1B968112DC3664663B3C2A2B1402657CC0529AD6CED5BD2A177F9ED6FDA41378C8ADA6F33615516CFE0077E9426424F06DF517A5117F2882FFE3144245623DF8DDEF9869E5F6D328884018885209EA24F7F617837E7751D56EF3201D3FD607706B889728591E7C822ED97FF0B9DC111D5D0142387D88CB799345EF48235922632D6610F9E1C7AAAB6368EC0D4A76185686FCDA99499DC1B7F08C8A1BDDEF3F803CF168D818CEAC1F8B79E70C49E37B3E19B0096D1B6C2D4BF73DBF503401AE4EFCF9DEB8AC4A9C39E140CA9086E9927274E2A63485BE7C88F
32620170707220455 2 6 100 7679 2 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936E0F28243 32620171211220143 2 6 100 7679 2 CF96EF3064F3389AC4D7DA6813F67988F77979BB89C86E3A82B8FBE165D96646B6665C28FE7F5D1742E288AF6A47CEAD57277CF7B7902B8B7F899CB512DDF0EDEC293B152ABA4085290AE8BF93AF988437B549319AF0E18E39805C80A4714E4108DC29DDF708365B8FAC1F220784A8AA89F4C04176DFCEFC652988A6F878937AF8FEFF6A45672DB27EC215CDCBB9C530BDC2F1F357DC69073AA6B3670B988F271386E1B2F72635AA83420CF2A393338D1C4E2B502C11CA2098481EA292ACD7A7BFF84945E9CC04B47B1967F09CC7A4BE5AAA749583318E561E5504F28472B0AEF60B854142AACFE6017786E8B5FB674C79D68B7B44842F18E2075B8679A99D43892847B09A0CADFBED479942F599A1666D96EEED85A222431F8637D6FB73F5E08465417DAAA47BD31BDCE2262E06E0B7E5BF6FA9703890997C275CE11CA52A92D0F4889F370164D4EFA8C461E2F3BBABA54F8A1DD165C3D5344DF572B67EF92DC3E8EF66926B673AD59FB5CE5FF5ECED31535CC347374D846F0373EDD82DEFAF4DEEF238A1ABFF44FDC2D9511E8AE69349B69749DD6D2AD5A2A95F579B3A0D232FAB4A915568409150F184F1F58114354235084F9B104F9DA8EC13D34AB93BD61620CC0B93118FF2299B80856CE2A40792F58E37990677E1C4A662D619F835DA5537873CDF05DCDB369AEB2E6159E351E9140DDD5E4FB57EAAD9CB5A41EAC61CD1E95D983832D0E8D35EEFF88E699A33A4AB0FC82B8A1B38F527933108FCC6533C9DE3AFCAE396246399DB878A9D500905A707B3C1F3F490E327A5C219151E7077C9E456F3DD046F6FAC8C3F98CC90FC558E87A7CB654320DA2B48F41BE0D8498A98DF562EE0A33FF61AF92E90DABA5323CF416C7E3B5E0A5190A36442F08AEE80B4886C407A689A81293D7CF6D7F88C112F7D166D4AE27147BCDC4C91E2880F5A4065B0AC7480BCDB9A0BCB790FDDF0370DF819986DA21FE700E15D449F5C0849B70C8A84569F205D74141F87B73D2EE3BB4D7A88F2DC90272219E39B5456F5CE8F0DA1E40E98C1B968112DC3664663B3C2A2B1402657CC0529AD6CED5BD2A177F9ED6FDA41378C8ADA6F33615516CFE0077E9426424F06DF517A5117F2882FFE3144245623DF8DDEF9869E5F6D328884018885209EA24F7F617837E7751D56EF3201D3FD607706B889728591E7C822ED97FF0B9DC111D5D0142387D88CB799345EF48235922632D6610F9E1C7AAAB6368EC0D4A76185686FCDA99499DC1B7F08C8A1BDDEF3F803CF168D818CEAC1F8B79E70C49E37B3E19B0096D1B6C2D4BF73DBF503401AE4EFCF9DEB8AC4A9C39E140CA9086E9927274E2A63485E59F1D3
32720170707233018 2 6 100 7679 2 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936E20BF7B3 32720171212002701 2 6 100 7679 5 CF96EF3064F3389AC4D7DA6813F67988F77979BB89C86E3A82B8FBE165D96646B6665C28FE7F5D1742E288AF6A47CEAD57277CF7B7902B8B7F899CB512DDF0EDEC293B152ABA4085290AE8BF93AF988437B549319AF0E18E39805C80A4714E4108DC29DDF708365B8FAC1F220784A8AA89F4C04176DFCEFC652988A6F878937AF8FEFF6A45672DB27EC215CDCBB9C530BDC2F1F357DC69073AA6B3670B988F271386E1B2F72635AA83420CF2A393338D1C4E2B502C11CA2098481EA292ACD7A7BFF84945E9CC04B47B1967F09CC7A4BE5AAA749583318E561E5504F28472B0AEF60B854142AACFE6017786E8B5FB674C79D68B7B44842F18E2075B8679A99D43892847B09A0CADFBED479942F599A1666D96EEED85A222431F8637D6FB73F5E08465417DAAA47BD31BDCE2262E06E0B7E5BF6FA9703890997C275CE11CA52A92D0F4889F370164D4EFA8C461E2F3BBABA54F8A1DD165C3D5344DF572B67EF92DC3E8EF66926B673AD59FB5CE5FF5ECED31535CC347374D846F0373EDD82DEFAF4DEEF238A1ABFF44FDC2D9511E8AE69349B69749DD6D2AD5A2A95F579B3A0D232FAB4A915568409150F184F1F58114354235084F9B104F9DA8EC13D34AB93BD61620CC0B93118FF2299B80856CE2A40792F58E37990677E1C4A662D619F835DA5537873CDF05DCDB369AEB2E6159E351E9140DDD5E4FB57EAAD9CB5A41EAC61CD1E95D983832D0E8D35EEFF88E699A33A4AB0FC82B8A1B38F527933108FCC6533C9DE3AFCAE396246399DB878A9D500905A707B3C1F3F490E327A5C219151E7077C9E456F3DD046F6FAC8C3F98CC90FC558E87A7CB654320DA2B48F41BE0D8498A98DF562EE0A33FF61AF92E90DABA5323CF416C7E3B5E0A5190A36442F08AEE80B4886C407A689A81293D7CF6D7F88C112F7D166D4AE27147BCDC4C91E2880F5A4065B0AC7480BCDB9A0BCB790FDDF0370DF819986DA21FE700E15D449F5C0849B70C8A84569F205D74141F87B73D2EE3BB4D7A88F2DC90272219E39B5456F5CE8F0DA1E40E98C1B968112DC3664663B3C2A2B1402657CC0529AD6CED5BD2A177F9ED6FDA41378C8ADA6F33615516CFE0077E9426424F06DF517A5117F2882FFE3144245623DF8DDEF9869E5F6D328884018885209EA24F7F617837E7751D56EF3201D3FD607706B889728591E7C822ED97FF0B9DC111D5D0142387D88CB799345EF48235922632D6610F9E1C7AAAB6368EC0D4A76185686FCDA99499DC1B7F08C8A1BDDEF3F803CF168D818CEAC1F8B79E70C49E37B3E19B0096D1B6C2D4BF73DBF503401AE4EFCF9DEB8AC4A9C39E140CA9086E9927274E2A634860299B67
32820170708014205 2 6 100 7679 5 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936E3C89587 32820171212043247 2 6 100 7679 5 CF96EF3064F3389AC4D7DA6813F67988F77979BB89C86E3A82B8FBE165D96646B6665C28FE7F5D1742E288AF6A47CEAD57277CF7B7902B8B7F899CB512DDF0EDEC293B152ABA4085290AE8BF93AF988437B549319AF0E18E39805C80A4714E4108DC29DDF708365B8FAC1F220784A8AA89F4C04176DFCEFC652988A6F878937AF8FEFF6A45672DB27EC215CDCBB9C530BDC2F1F357DC69073AA6B3670B988F271386E1B2F72635AA83420CF2A393338D1C4E2B502C11CA2098481EA292ACD7A7BFF84945E9CC04B47B1967F09CC7A4BE5AAA749583318E561E5504F28472B0AEF60B854142AACFE6017786E8B5FB674C79D68B7B44842F18E2075B8679A99D43892847B09A0CADFBED479942F599A1666D96EEED85A222431F8637D6FB73F5E08465417DAAA47BD31BDCE2262E06E0B7E5BF6FA9703890997C275CE11CA52A92D0F4889F370164D4EFA8C461E2F3BBABA54F8A1DD165C3D5344DF572B67EF92DC3E8EF66926B673AD59FB5CE5FF5ECED31535CC347374D846F0373EDD82DEFAF4DEEF238A1ABFF44FDC2D9511E8AE69349B69749DD6D2AD5A2A95F579B3A0D232FAB4A915568409150F184F1F58114354235084F9B104F9DA8EC13D34AB93BD61620CC0B93118FF2299B80856CE2A40792F58E37990677E1C4A662D619F835DA5537873CDF05DCDB369AEB2E6159E351E9140DDD5E4FB57EAAD9CB5A41EAC61CD1E95D983832D0E8D35EEFF88E699A33A4AB0FC82B8A1B38F527933108FCC6533C9DE3AFCAE396246399DB878A9D500905A707B3C1F3F490E327A5C219151E7077C9E456F3DD046F6FAC8C3F98CC90FC558E87A7CB654320DA2B48F41BE0D8498A98DF562EE0A33FF61AF92E90DABA5323CF416C7E3B5E0A5190A36442F08AEE80B4886C407A689A81293D7CF6D7F88C112F7D166D4AE27147BCDC4C91E2880F5A4065B0AC7480BCDB9A0BCB790FDDF0370DF819986DA21FE700E15D449F5C0849B70C8A84569F205D74141F87B73D2EE3BB4D7A88F2DC90272219E39B5456F5CE8F0DA1E40E98C1B968112DC3664663B3C2A2B1402657CC0529AD6CED5BD2A177F9ED6FDA41378C8ADA6F33615516CFE0077E9426424F06DF517A5117F2882FFE3144245623DF8DDEF9869E5F6D328884018885209EA24F7F617837E7751D56EF3201D3FD607706B889728591E7C822ED97FF0B9DC111D5D0142387D88CB799345EF48235922632D6610F9E1C7AAAB6368EC0D4A76185686FCDA99499DC1B7F08C8A1BDDEF3F803CF168D818CEAC1F8B79E70C49E37B3E19B0096D1B6C2D4BF73DBF503401AE4EFCF9DEB8AC4A9C39E140CA9086E9927274E2A6348632526BF
32920170708023140 2 6 100 7679 2 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936E469C123 32920171212143825 2 6 100 7679 5 CF96EF3064F3389AC4D7DA6813F67988F77979BB89C86E3A82B8FBE165D96646B6665C28FE7F5D1742E288AF6A47CEAD57277CF7B7902B8B7F899CB512DDF0EDEC293B152ABA4085290AE8BF93AF988437B549319AF0E18E39805C80A4714E4108DC29DDF708365B8FAC1F220784A8AA89F4C04176DFCEFC652988A6F878937AF8FEFF6A45672DB27EC215CDCBB9C530BDC2F1F357DC69073AA6B3670B988F271386E1B2F72635AA83420CF2A393338D1C4E2B502C11CA2098481EA292ACD7A7BFF84945E9CC04B47B1967F09CC7A4BE5AAA749583318E561E5504F28472B0AEF60B854142AACFE6017786E8B5FB674C79D68B7B44842F18E2075B8679A99D43892847B09A0CADFBED479942F599A1666D96EEED85A222431F8637D6FB73F5E08465417DAAA47BD31BDCE2262E06E0B7E5BF6FA9703890997C275CE11CA52A92D0F4889F370164D4EFA8C461E2F3BBABA54F8A1DD165C3D5344DF572B67EF92DC3E8EF66926B673AD59FB5CE5FF5ECED31535CC347374D846F0373EDD82DEFAF4DEEF238A1ABFF44FDC2D9511E8AE69349B69749DD6D2AD5A2A95F579B3A0D232FAB4A915568409150F184F1F58114354235084F9B104F9DA8EC13D34AB93BD61620CC0B93118FF2299B80856CE2A40792F58E37990677E1C4A662D619F835DA5537873CDF05DCDB369AEB2E6159E351E9140DDD5E4FB57EAAD9CB5A41EAC61CD1E95D983832D0E8D35EEFF88E699A33A4AB0FC82B8A1B38F527933108FCC6533C9DE3AFCAE396246399DB878A9D500905A707B3C1F3F490E327A5C219151E7077C9E456F3DD046F6FAC8C3F98CC90FC558E87A7CB654320DA2B48F41BE0D8498A98DF562EE0A33FF61AF92E90DABA5323CF416C7E3B5E0A5190A36442F08AEE80B4886C407A689A81293D7CF6D7F88C112F7D166D4AE27147BCDC4C91E2880F5A4065B0AC7480BCDB9A0BCB790FDDF0370DF819986DA21FE700E15D449F5C0849B70C8A84569F205D74141F87B73D2EE3BB4D7A88F2DC90272219E39B5456F5CE8F0DA1E40E98C1B968112DC3664663B3C2A2B1402657CC0529AD6CED5BD2A177F9ED6FDA41378C8ADA6F33615516CFE0077E9426424F06DF517A5117F2882FFE3144245623DF8DDEF9869E5F6D328884018885209EA24F7F617837E7751D56EF3201D3FD607706B889728591E7C822ED97FF0B9DC111D5D0142387D88CB799345EF48235922632D6610F9E1C7AAAB6368EC0D4A76185686FCDA99499DC1B7F08C8A1BDDEF3F803CF168D818CEAC1F8B79E70C49E37B3E19B0096D1B6C2D4BF73DBF503401AE4EFCF9DEB8AC4A9C39E140CA9086E9927274E2A63486A53EDEF
33020170708053646 2 6 100 7679 5 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936E6DBCAE7 33020171212144749 2 6 100 7679 2 CF96EF3064F3389AC4D7DA6813F67988F77979BB89C86E3A82B8FBE165D96646B6665C28FE7F5D1742E288AF6A47CEAD57277CF7B7902B8B7F899CB512DDF0EDEC293B152ABA4085290AE8BF93AF988437B549319AF0E18E39805C80A4714E4108DC29DDF708365B8FAC1F220784A8AA89F4C04176DFCEFC652988A6F878937AF8FEFF6A45672DB27EC215CDCBB9C530BDC2F1F357DC69073AA6B3670B988F271386E1B2F72635AA83420CF2A393338D1C4E2B502C11CA2098481EA292ACD7A7BFF84945E9CC04B47B1967F09CC7A4BE5AAA749583318E561E5504F28472B0AEF60B854142AACFE6017786E8B5FB674C79D68B7B44842F18E2075B8679A99D43892847B09A0CADFBED479942F599A1666D96EEED85A222431F8637D6FB73F5E08465417DAAA47BD31BDCE2262E06E0B7E5BF6FA9703890997C275CE11CA52A92D0F4889F370164D4EFA8C461E2F3BBABA54F8A1DD165C3D5344DF572B67EF92DC3E8EF66926B673AD59FB5CE5FF5ECED31535CC347374D846F0373EDD82DEFAF4DEEF238A1ABFF44FDC2D9511E8AE69349B69749DD6D2AD5A2A95F579B3A0D232FAB4A915568409150F184F1F58114354235084F9B104F9DA8EC13D34AB93BD61620CC0B93118FF2299B80856CE2A40792F58E37990677E1C4A662D619F835DA5537873CDF05DCDB369AEB2E6159E351E9140DDD5E4FB57EAAD9CB5A41EAC61CD1E95D983832D0E8D35EEFF88E699A33A4AB0FC82B8A1B38F527933108FCC6533C9DE3AFCAE396246399DB878A9D500905A707B3C1F3F490E327A5C219151E7077C9E456F3DD046F6FAC8C3F98CC90FC558E87A7CB654320DA2B48F41BE0D8498A98DF562EE0A33FF61AF92E90DABA5323CF416C7E3B5E0A5190A36442F08AEE80B4886C407A689A81293D7CF6D7F88C112F7D166D4AE27147BCDC4C91E2880F5A4065B0AC7480BCDB9A0BCB790FDDF0370DF819986DA21FE700E15D449F5C0849B70C8A84569F205D74141F87B73D2EE3BB4D7A88F2DC90272219E39B5456F5CE8F0DA1E40E98C1B968112DC3664663B3C2A2B1402657CC0529AD6CED5BD2A177F9ED6FDA41378C8ADA6F33615516CFE0077E9426424F06DF517A5117F2882FFE3144245623DF8DDEF9869E5F6D328884018885209EA24F7F617837E7751D56EF3201D3FD607706B889728591E7C822ED97FF0B9DC111D5D0142387D88CB799345EF48235922632D6610F9E1C7AAAB6368EC0D4A76185686FCDA99499DC1B7F08C8A1BDDEF3F803CF168D818CEAC1F8B79E70C49E37B3E19B0096D1B6C2D4BF73DBF503401AE4EFCF9DEB8AC4A9C39E140CA9086E9927274E2A63486A6818FB
33120170708071735 2 6 100 7679 5 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936E8297A7F 33120171212180038 2 6 100 7679 5 CF96EF3064F3389AC4D7DA6813F67988F77979BB89C86E3A82B8FBE165D96646B6665C28FE7F5D1742E288AF6A47CEAD57277CF7B7902B8B7F899CB512DDF0EDEC293B152ABA4085290AE8BF93AF988437B549319AF0E18E39805C80A4714E4108DC29DDF708365B8FAC1F220784A8AA89F4C04176DFCEFC652988A6F878937AF8FEFF6A45672DB27EC215CDCBB9C530BDC2F1F357DC69073AA6B3670B988F271386E1B2F72635AA83420CF2A393338D1C4E2B502C11CA2098481EA292ACD7A7BFF84945E9CC04B47B1967F09CC7A4BE5AAA749583318E561E5504F28472B0AEF60B854142AACFE6017786E8B5FB674C79D68B7B44842F18E2075B8679A99D43892847B09A0CADFBED479942F599A1666D96EEED85A222431F8637D6FB73F5E08465417DAAA47BD31BDCE2262E06E0B7E5BF6FA9703890997C275CE11CA52A92D0F4889F370164D4EFA8C461E2F3BBABA54F8A1DD165C3D5344DF572B67EF92DC3E8EF66926B673AD59FB5CE5FF5ECED31535CC347374D846F0373EDD82DEFAF4DEEF238A1ABFF44FDC2D9511E8AE69349B69749DD6D2AD5A2A95F579B3A0D232FAB4A915568409150F184F1F58114354235084F9B104F9DA8EC13D34AB93BD61620CC0B93118FF2299B80856CE2A40792F58E37990677E1C4A662D619F835DA5537873CDF05DCDB369AEB2E6159E351E9140DDD5E4FB57EAAD9CB5A41EAC61CD1E95D983832D0E8D35EEFF88E699A33A4AB0FC82B8A1B38F527933108FCC6533C9DE3AFCAE396246399DB878A9D500905A707B3C1F3F490E327A5C219151E7077C9E456F3DD046F6FAC8C3F98CC90FC558E87A7CB654320DA2B48F41BE0D8498A98DF562EE0A33FF61AF92E90DABA5323CF416C7E3B5E0A5190A36442F08AEE80B4886C407A689A81293D7CF6D7F88C112F7D166D4AE27147BCDC4C91E2880F5A4065B0AC7480BCDB9A0BCB790FDDF0370DF819986DA21FE700E15D449F5C0849B70C8A84569F205D74141F87B73D2EE3BB4D7A88F2DC90272219E39B5456F5CE8F0DA1E40E98C1B968112DC3664663B3C2A2B1402657CC0529AD6CED5BD2A177F9ED6FDA41378C8ADA6F33615516CFE0077E9426424F06DF517A5117F2882FFE3144245623DF8DDEF9869E5F6D328884018885209EA24F7F617837E7751D56EF3201D3FD607706B889728591E7C822ED97FF0B9DC111D5D0142387D88CB799345EF48235922632D6610F9E1C7AAAB6368EC0D4A76185686FCDA99499DC1B7F08C8A1BDDEF3F803CF168D818CEAC1F8B79E70C49E37B3E19B0096D1B6C2D4BF73DBF503401AE4EFCF9DEB8AC4A9C39E140CA9086E9927274E2A63486CA4B787
33220170708072409 2 6 100 7679 5 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936E836D247 33220171213010731 2 6 100 7679 5 DC810DED621062F0CB271F50E716119CBA30A56C758377BD69D70043B8C9ACA2E7EFA9896D324B18FB1A550BDB994533A67258C7EB28B23D1AFB6D3FE0C5C8AD961F2BFAE67E57978F749D3F33A0D9AEAFD817FD663E60298D0DF73E4B27A85B6799D929240EC6C4C59E0D98E0A7875F3FCC3E29394083D1344F78DC70B5E23C108A03B7B81121BEDD2093262B7E32C7AB695AD545D3A99F410199DDD9759FE1EE8502180206841B3C74CB6A939B38707309B421A75FFEC30C977F91A9F9F3C9F65EF2EA6251E72F8A65C7753815C188320E91B079EDFB9F1D480F529B67075B57523C44895DE2427D32D3935EAC5F46659C5F723C9BB006862EF143A77C384560EB5474F8D034FC8059F6D7BCD9EBD17D2740741FB4025CF87FFE3DAAFF72C8D9D10E1F779AEC56D3C6340426E2D980EAA07C46F2E720D1B8206D2A29162C6CA877FA89C0876DA70FF3A773BDEE1BB5831EFB58A9191430B0DE46EA4F484642F257AC176B74A91A02594D00D2FD30BE4927DED30C4389245EC5ECA93B1B08AFBB86B8012394F8CB874DC092498A2F9B44E27804C039632A192C8329F0DF25B196E6AB5E07FB3732B94990A2F0490FB07D9E33B0AA2830EDB572D7C7968A193B83FF869F65ABEDEC65EB03EA6DF0CD6C077DE627FD3583AFDA1754E655BE7ECF7A2BEAA422E516B26194FAEFEE6F535439B413325E1263E7E797DE9D717540A96AF360F8EE1FD4B190A513E83AEF6BCAB5A245F4A4F129F5F8AED11A558FE968A0CF2E254438384D0EE91BEE99A39696821DBA585144FA65484897CFC517FCE1D1512F792C6996063585F640AC9480220ED1FF3EDC1D7E55344977F71692D6F5DB091821A3F9612B65138848B874A93A71A74039337BF291938B0A8ACA2141BE969DCE4322A276C86C5A8E369EF6717158B46EBE48F8F9BC4F2E46203AC21CDD9F0ED1989F7D964D46D7DA63444C9CADA82AF53E38873A5D3F68868CA4F65748210716658F2A841B3890E773A2623A59073F14A0F2F1B0893FDBE5BA72FC9609DB8E8A56A322E2B4178CE7B2022D741BD256303D926B48D5239B354F611C52B475C62351854D6E27C89231E7E7972C19C7D6F5BEB07D1A1FF827348DA862F422047A2DB7B591AE497578A4BA95CBECFB503F5DC04C0C6A946FFB515F2F0BDC4332F2674706F7C1908B681D8EE3667777092C06DC9CF00F98143F4A1350FCBAEBB5157A5473D33F51778987B35B1D48249A491EE8F8778DE6DC29131F708642884BED0B0D159E1EFE428D18D3631F13A593323F1659FE9E1A708115D2F131DCC3808CE016036FF1D0D9193CBEB2CD1C49F9973E0BCB09A2A9394E2F5561319BBF
33320170708102649 2 6 100 7679 5 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936EA984FCF 33320171213020125 2 6 100 7679 2 DC810DED621062F0CB271F50E716119CBA30A56C758377BD69D70043B8C9ACA2E7EFA9896D324B18FB1A550BDB994533A67258C7EB28B23D1AFB6D3FE0C5C8AD961F2BFAE67E57978F749D3F33A0D9AEAFD817FD663E60298D0DF73E4B27A85B6799D929240EC6C4C59E0D98E0A7875F3FCC3E29394083D1344F78DC70B5E23C108A03B7B81121BEDD2093262B7E32C7AB695AD545D3A99F410199DDD9759FE1EE8502180206841B3C74CB6A939B38707309B421A75FFEC30C977F91A9F9F3C9F65EF2EA6251E72F8A65C7753815C188320E91B079EDFB9F1D480F529B67075B57523C44895DE2427D32D3935EAC5F46659C5F723C9BB006862EF143A77C384560EB5474F8D034FC8059F6D7BCD9EBD17D2740741FB4025CF87FFE3DAAFF72C8D9D10E1F779AEC56D3C6340426E2D980EAA07C46F2E720D1B8206D2A29162C6CA877FA89C0876DA70FF3A773BDEE1BB5831EFB58A9191430B0DE46EA4F484642F257AC176B74A91A02594D00D2FD30BE4927DED30C4389245EC5ECA93B1B08AFBB86B8012394F8CB874DC092498A2F9B44E27804C039632A192C8329F0DF25B196E6AB5E07FB3732B94990A2F0490FB07D9E33B0AA2830EDB572D7C7968A193B83FF869F65ABEDEC65EB03EA6DF0CD6C077DE627FD3583AFDA1754E655BE7ECF7A2BEAA422E516B26194FAEFEE6F535439B413325E1263E7E797DE9D717540A96AF360F8EE1FD4B190A513E83AEF6BCAB5A245F4A4F129F5F8AED11A558FE968A0CF2E254438384D0EE91BEE99A39696821DBA585144FA65484897CFC517FCE1D1512F792C6996063585F640AC9480220ED1FF3EDC1D7E55344977F71692D6F5DB091821A3F9612B65138848B874A93A71A74039337BF291938B0A8ACA2141BE969DCE4322A276C86C5A8E369EF6717158B46EBE48F8F9BC4F2E46203AC21CDD9F0ED1989F7D964D46D7DA63444C9CADA82AF53E38873A5D3F68868CA4F65748210716658F2A841B3890E773A2623A59073F14A0F2F1B0893FDBE5BA72FC9609DB8E8A56A322E2B4178CE7B2022D741BD256303D926B48D5239B354F611C52B475C62351854D6E27C89231E7E7972C19C7D6F5BEB07D1A1FF827348DA862F422047A2DB7B591AE497578A4BA95CBECFB503F5DC04C0C6A946FFB515F2F0BDC4332F2674706F7C1908B681D8EE3667777092C06DC9CF00F98143F4A1350FCBAEBB5157A5473D33F51778987B35B1D48249A491EE8F8778DE6DC29131F708642884BED0B0D159E1EFE428D18D3631F13A593323F1659FE9E1A708115D2F131DCC3808CE016036FF1D0D9193CBEB2CD1C49F9973E0BCB09A2A9394E2F5561E7621B
33420170708144918 2 6 100 7679 2 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936EE06AB6B 33420171213022044 2 6 100 7679 2 DC810DED621062F0CB271F50E716119CBA30A56C758377BD69D70043B8C9ACA2E7EFA9896D324B18FB1A550BDB994533A67258C7EB28B23D1AFB6D3FE0C5C8AD961F2BFAE67E57978F749D3F33A0D9AEAFD817FD663E60298D0DF73E4B27A85B6799D929240EC6C4C59E0D98E0A7875F3FCC3E29394083D1344F78DC70B5E23C108A03B7B81121BEDD2093262B7E32C7AB695AD545D3A99F410199DDD9759FE1EE8502180206841B3C74CB6A939B38707309B421A75FFEC30C977F91A9F9F3C9F65EF2EA6251E72F8A65C7753815C188320E91B079EDFB9F1D480F529B67075B57523C44895DE2427D32D3935EAC5F46659C5F723C9BB006862EF143A77C384560EB5474F8D034FC8059F6D7BCD9EBD17D2740741FB4025CF87FFE3DAAFF72C8D9D10E1F779AEC56D3C6340426E2D980EAA07C46F2E720D1B8206D2A29162C6CA877FA89C0876DA70FF3A773BDEE1BB5831EFB58A9191430B0DE46EA4F484642F257AC176B74A91A02594D00D2FD30BE4927DED30C4389245EC5ECA93B1B08AFBB86B8012394F8CB874DC092498A2F9B44E27804C039632A192C8329F0DF25B196E6AB5E07FB3732B94990A2F0490FB07D9E33B0AA2830EDB572D7C7968A193B83FF869F65ABEDEC65EB03EA6DF0CD6C077DE627FD3583AFDA1754E655BE7ECF7A2BEAA422E516B26194FAEFEE6F535439B413325E1263E7E797DE9D717540A96AF360F8EE1FD4B190A513E83AEF6BCAB5A245F4A4F129F5F8AED11A558FE968A0CF2E254438384D0EE91BEE99A39696821DBA585144FA65484897CFC517FCE1D1512F792C6996063585F640AC9480220ED1FF3EDC1D7E55344977F71692D6F5DB091821A3F9612B65138848B874A93A71A74039337BF291938B0A8ACA2141BE969DCE4322A276C86C5A8E369EF6717158B46EBE48F8F9BC4F2E46203AC21CDD9F0ED1989F7D964D46D7DA63444C9CADA82AF53E38873A5D3F68868CA4F65748210716658F2A841B3890E773A2623A59073F14A0F2F1B0893FDBE5BA72FC9609DB8E8A56A322E2B4178CE7B2022D741BD256303D926B48D5239B354F611C52B475C62351854D6E27C89231E7E7972C19C7D6F5BEB07D1A1FF827348DA862F422047A2DB7B591AE497578A4BA95CBECFB503F5DC04C0C6A946FFB515F2F0BDC4332F2674706F7C1908B681D8EE3667777092C06DC9CF00F98143F4A1350FCBAEBB5157A5473D33F51778987B35B1D48249A491EE8F8778DE6DC29131F708642884BED0B0D159E1EFE428D18D3631F13A593323F1659FE9E1A708115D2F131DCC3808CE016036FF1D0D9193CBEB2CD1C49F9973E0BCB09A2A9394E2F556220C81B
33520170708163647 2 6 100 7679 2 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936EF6DD803 33520171213024903 2 6 100 7679 5 DC810DED621062F0CB271F50E716119CBA30A56C758377BD69D70043B8C9ACA2E7EFA9896D324B18FB1A550BDB994533A67258C7EB28B23D1AFB6D3FE0C5C8AD961F2BFAE67E57978F749D3F33A0D9AEAFD817FD663E60298D0DF73E4B27A85B6799D929240EC6C4C59E0D98E0A7875F3FCC3E29394083D1344F78DC70B5E23C108A03B7B81121BEDD2093262B7E32C7AB695AD545D3A99F410199DDD9759FE1EE8502180206841B3C74CB6A939B38707309B421A75FFEC30C977F91A9F9F3C9F65EF2EA6251E72F8A65C7753815C188320E91B079EDFB9F1D480F529B67075B57523C44895DE2427D32D3935EAC5F46659C5F723C9BB006862EF143A77C384560EB5474F8D034FC8059F6D7BCD9EBD17D2740741FB4025CF87FFE3DAAFF72C8D9D10E1F779AEC56D3C6340426E2D980EAA07C46F2E720D1B8206D2A29162C6CA877FA89C0876DA70FF3A773BDEE1BB5831EFB58A9191430B0DE46EA4F484642F257AC176B74A91A02594D00D2FD30BE4927DED30C4389245EC5ECA93B1B08AFBB86B8012394F8CB874DC092498A2F9B44E27804C039632A192C8329F0DF25B196E6AB5E07FB3732B94990A2F0490FB07D9E33B0AA2830EDB572D7C7968A193B83FF869F65ABEDEC65EB03EA6DF0CD6C077DE627FD3583AFDA1754E655BE7ECF7A2BEAA422E516B26194FAEFEE6F535439B413325E1263E7E797DE9D717540A96AF360F8EE1FD4B190A513E83AEF6BCAB5A245F4A4F129F5F8AED11A558FE968A0CF2E254438384D0EE91BEE99A39696821DBA585144FA65484897CFC517FCE1D1512F792C6996063585F640AC9480220ED1FF3EDC1D7E55344977F71692D6F5DB091821A3F9612B65138848B874A93A71A74039337BF291938B0A8ACA2141BE969DCE4322A276C86C5A8E369EF6717158B46EBE48F8F9BC4F2E46203AC21CDD9F0ED1989F7D964D46D7DA63444C9CADA82AF53E38873A5D3F68868CA4F65748210716658F2A841B3890E773A2623A59073F14A0F2F1B0893FDBE5BA72FC9609DB8E8A56A322E2B4178CE7B2022D741BD256303D926B48D5239B354F611C52B475C62351854D6E27C89231E7E7972C19C7D6F5BEB07D1A1FF827348DA862F422047A2DB7B591AE497578A4BA95CBECFB503F5DC04C0C6A946FFB515F2F0BDC4332F2674706F7C1908B681D8EE3667777092C06DC9CF00F98143F4A1350FCBAEBB5157A5473D33F51778987B35B1D48249A491EE8F8778DE6DC29131F708642884BED0B0D159E1EFE428D18D3631F13A593323F1659FE9E1A708115D2F131DCC3808CE016036FF1D0D9193CBEB2CD1C49F9973E0BCB09A2A9394E2F55627C3CE7
33620170708181531 2 6 100 7679 2 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936F0B07D83 33620171213030139 2 6 100 7679 2 DC810DED621062F0CB271F50E716119CBA30A56C758377BD69D70043B8C9ACA2E7EFA9896D324B18FB1A550BDB994533A67258C7EB28B23D1AFB6D3FE0C5C8AD961F2BFAE67E57978F749D3F33A0D9AEAFD817FD663E60298D0DF73E4B27A85B6799D929240EC6C4C59E0D98E0A7875F3FCC3E29394083D1344F78DC70B5E23C108A03B7B81121BEDD2093262B7E32C7AB695AD545D3A99F410199DDD9759FE1EE8502180206841B3C74CB6A939B38707309B421A75FFEC30C977F91A9F9F3C9F65EF2EA6251E72F8A65C7753815C188320E91B079EDFB9F1D480F529B67075B57523C44895DE2427D32D3935EAC5F46659C5F723C9BB006862EF143A77C384560EB5474F8D034FC8059F6D7BCD9EBD17D2740741FB4025CF87FFE3DAAFF72C8D9D10E1F779AEC56D3C6340426E2D980EAA07C46F2E720D1B8206D2A29162C6CA877FA89C0876DA70FF3A773BDEE1BB5831EFB58A9191430B0DE46EA4F484642F257AC176B74A91A02594D00D2FD30BE4927DED30C4389245EC5ECA93B1B08AFBB86B8012394F8CB874DC092498A2F9B44E27804C039632A192C8329F0DF25B196E6AB5E07FB3732B94990A2F0490FB07D9E33B0AA2830EDB572D7C7968A193B83FF869F65ABEDEC65EB03EA6DF0CD6C077DE627FD3583AFDA1754E655BE7ECF7A2BEAA422E516B26194FAEFEE6F535439B413325E1263E7E797DE9D717540A96AF360F8EE1FD4B190A513E83AEF6BCAB5A245F4A4F129F5F8AED11A558FE968A0CF2E254438384D0EE91BEE99A39696821DBA585144FA65484897CFC517FCE1D1512F792C6996063585F640AC9480220ED1FF3EDC1D7E55344977F71692D6F5DB091821A3F9612B65138848B874A93A71A74039337BF291938B0A8ACA2141BE969DCE4322A276C86C5A8E369EF6717158B46EBE48F8F9BC4F2E46203AC21CDD9F0ED1989F7D964D46D7DA63444C9CADA82AF53E38873A5D3F68868CA4F65748210716658F2A841B3890E773A2623A59073F14A0F2F1B0893FDBE5BA72FC9609DB8E8A56A322E2B4178CE7B2022D741BD256303D926B48D5239B354F611C52B475C62351854D6E27C89231E7E7972C19C7D6F5BEB07D1A1FF827348DA862F422047A2DB7B591AE497578A4BA95CBECFB503F5DC04C0C6A946FFB515F2F0BDC4332F2674706F7C1908B681D8EE3667777092C06DC9CF00F98143F4A1350FCBAEBB5157A5473D33F51778987B35B1D48249A491EE8F8778DE6DC29131F708642884BED0B0D159E1EFE428D18D3631F13A593323F1659FE9E1A708115D2F131DCC3808CE016036FF1D0D9193CBEB2CD1C49F9973E0BCB09A2A9394E2F5562A0B013
33720170708234000 2 6 100 7679 5 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936F4E4D5BF 33720171213055041 2 6 100 7679 5 DC810DED621062F0CB271F50E716119CBA30A56C758377BD69D70043B8C9ACA2E7EFA9896D324B18FB1A550BDB994533A67258C7EB28B23D1AFB6D3FE0C5C8AD961F2BFAE67E57978F749D3F33A0D9AEAFD817FD663E60298D0DF73E4B27A85B6799D929240EC6C4C59E0D98E0A7875F3FCC3E29394083D1344F78DC70B5E23C108A03B7B81121BEDD2093262B7E32C7AB695AD545D3A99F410199DDD9759FE1EE8502180206841B3C74CB6A939B38707309B421A75FFEC30C977F91A9F9F3C9F65EF2EA6251E72F8A65C7753815C188320E91B079EDFB9F1D480F529B67075B57523C44895DE2427D32D3935EAC5F46659C5F723C9BB006862EF143A77C384560EB5474F8D034FC8059F6D7BCD9EBD17D2740741FB4025CF87FFE3DAAFF72C8D9D10E1F779AEC56D3C6340426E2D980EAA07C46F2E720D1B8206D2A29162C6CA877FA89C0876DA70FF3A773BDEE1BB5831EFB58A9191430B0DE46EA4F484642F257AC176B74A91A02594D00D2FD30BE4927DED30C4389245EC5ECA93B1B08AFBB86B8012394F8CB874DC092498A2F9B44E27804C039632A192C8329F0DF25B196E6AB5E07FB3732B94990A2F0490FB07D9E33B0AA2830EDB572D7C7968A193B83FF869F65ABEDEC65EB03EA6DF0CD6C077DE627FD3583AFDA1754E655BE7ECF7A2BEAA422E516B26194FAEFEE6F535439B413325E1263E7E797DE9D717540A96AF360F8EE1FD4B190A513E83AEF6BCAB5A245F4A4F129F5F8AED11A558FE968A0CF2E254438384D0EE91BEE99A39696821DBA585144FA65484897CFC517FCE1D1512F792C6996063585F640AC9480220ED1FF3EDC1D7E55344977F71692D6F5DB091821A3F9612B65138848B874A93A71A74039337BF291938B0A8ACA2141BE969DCE4322A276C86C5A8E369EF6717158B46EBE48F8F9BC4F2E46203AC21CDD9F0ED1989F7D964D46D7DA63444C9CADA82AF53E38873A5D3F68868CA4F65748210716658F2A841B3890E773A2623A59073F14A0F2F1B0893FDBE5BA72FC9609DB8E8A56A322E2B4178CE7B2022D741BD256303D926B48D5239B354F611C52B475C62351854D6E27C89231E7E7972C19C7D6F5BEB07D1A1FF827348DA862F422047A2DB7B591AE497578A4BA95CBECFB503F5DC04C0C6A946FFB515F2F0BDC4332F2674706F7C1908B681D8EE3667777092C06DC9CF00F98143F4A1350FCBAEBB5157A5473D33F51778987B35B1D48249A491EE8F8778DE6DC29131F708642884BED0B0D159E1EFE428D18D3631F13A593323F1659FE9E1A708115D2F131DCC3808CE016036FF1D0D9193CBEB2CD1C49F9973E0BCB09A2A9394E2F5564BC168F
33820170709023719 2 6 100 7679 2 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936F727B0C3 33820171213060909 2 6 100 7679 2 DC810DED621062F0CB271F50E716119CBA30A56C758377BD69D70043B8C9ACA2E7EFA9896D324B18FB1A550BDB994533A67258C7EB28B23D1AFB6D3FE0C5C8AD961F2BFAE67E57978F749D3F33A0D9AEAFD817FD663E60298D0DF73E4B27A85B6799D929240EC6C4C59E0D98E0A7875F3FCC3E29394083D1344F78DC70B5E23C108A03B7B81121BEDD2093262B7E32C7AB695AD545D3A99F410199DDD9759FE1EE8502180206841B3C74CB6A939B38707309B421A75FFEC30C977F91A9F9F3C9F65EF2EA6251E72F8A65C7753815C188320E91B079EDFB9F1D480F529B67075B57523C44895DE2427D32D3935EAC5F46659C5F723C9BB006862EF143A77C384560EB5474F8D034FC8059F6D7BCD9EBD17D2740741FB4025CF87FFE3DAAFF72C8D9D10E1F779AEC56D3C6340426E2D980EAA07C46F2E720D1B8206D2A29162C6CA877FA89C0876DA70FF3A773BDEE1BB5831EFB58A9191430B0DE46EA4F484642F257AC176B74A91A02594D00D2FD30BE4927DED30C4389245EC5ECA93B1B08AFBB86B8012394F8CB874DC092498A2F9B44E27804C039632A192C8329F0DF25B196E6AB5E07FB3732B94990A2F0490FB07D9E33B0AA2830EDB572D7C7968A193B83FF869F65ABEDEC65EB03EA6DF0CD6C077DE627FD3583AFDA1754E655BE7ECF7A2BEAA422E516B26194FAEFEE6F535439B413325E1263E7E797DE9D717540A96AF360F8EE1FD4B190A513E83AEF6BCAB5A245F4A4F129F5F8AED11A558FE968A0CF2E254438384D0EE91BEE99A39696821DBA585144FA65484897CFC517FCE1D1512F792C6996063585F640AC9480220ED1FF3EDC1D7E55344977F71692D6F5DB091821A3F9612B65138848B874A93A71A74039337BF291938B0A8ACA2141BE969DCE4322A276C86C5A8E369EF6717158B46EBE48F8F9BC4F2E46203AC21CDD9F0ED1989F7D964D46D7DA63444C9CADA82AF53E38873A5D3F68868CA4F65748210716658F2A841B3890E773A2623A59073F14A0F2F1B0893FDBE5BA72FC9609DB8E8A56A322E2B4178CE7B2022D741BD256303D926B48D5239B354F611C52B475C62351854D6E27C89231E7E7972C19C7D6F5BEB07D1A1FF827348DA862F422047A2DB7B591AE497578A4BA95CBECFB503F5DC04C0C6A946FFB515F2F0BDC4332F2674706F7C1908B681D8EE3667777092C06DC9CF00F98143F4A1350FCBAEBB5157A5473D33F51778987B35B1D48249A491EE8F8778DE6DC29131F708642884BED0B0D159E1EFE428D18D3631F13A593323F1659FE9E1A708115D2F131DCC3808CE016036FF1D0D9193CBEB2CD1C49F9973E0BCB09A2A9394E2F5564E9CBA3
33920170709063946 2 6 100 7679 2 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936FA3DA1B3 33920171213072312 2 6 100 7679 5 DC810DED621062F0CB271F50E716119CBA30A56C758377BD69D70043B8C9ACA2E7EFA9896D324B18FB1A550BDB994533A67258C7EB28B23D1AFB6D3FE0C5C8AD961F2BFAE67E57978F749D3F33A0D9AEAFD817FD663E60298D0DF73E4B27A85B6799D929240EC6C4C59E0D98E0A7875F3FCC3E29394083D1344F78DC70B5E23C108A03B7B81121BEDD2093262B7E32C7AB695AD545D3A99F410199DDD9759FE1EE8502180206841B3C74CB6A939B38707309B421A75FFEC30C977F91A9F9F3C9F65EF2EA6251E72F8A65C7753815C188320E91B079EDFB9F1D480F529B67075B57523C44895DE2427D32D3935EAC5F46659C5F723C9BB006862EF143A77C384560EB5474F8D034FC8059F6D7BCD9EBD17D2740741FB4025CF87FFE3DAAFF72C8D9D10E1F779AEC56D3C6340426E2D980EAA07C46F2E720D1B8206D2A29162C6CA877FA89C0876DA70FF3A773BDEE1BB5831EFB58A9191430B0DE46EA4F484642F257AC176B74A91A02594D00D2FD30BE4927DED30C4389245EC5ECA93B1B08AFBB86B8012394F8CB874DC092498A2F9B44E27804C039632A192C8329F0DF25B196E6AB5E07FB3732B94990A2F0490FB07D9E33B0AA2830EDB572D7C7968A193B83FF869F65ABEDEC65EB03EA6DF0CD6C077DE627FD3583AFDA1754E655BE7ECF7A2BEAA422E516B26194FAEFEE6F535439B413325E1263E7E797DE9D717540A96AF360F8EE1FD4B190A513E83AEF6BCAB5A245F4A4F129F5F8AED11A558FE968A0CF2E254438384D0EE91BEE99A39696821DBA585144FA65484897CFC517FCE1D1512F792C6996063585F640AC9480220ED1FF3EDC1D7E55344977F71692D6F5DB091821A3F9612B65138848B874A93A71A74039337BF291938B0A8ACA2141BE969DCE4322A276C86C5A8E369EF6717158B46EBE48F8F9BC4F2E46203AC21CDD9F0ED1989F7D964D46D7DA63444C9CADA82AF53E38873A5D3F68868CA4F65748210716658F2A841B3890E773A2623A59073F14A0F2F1B0893FDBE5BA72FC9609DB8E8A56A322E2B4178CE7B2022D741BD256303D926B48D5239B354F611C52B475C62351854D6E27C89231E7E7972C19C7D6F5BEB07D1A1FF827348DA862F422047A2DB7B591AE497578A4BA95CBECFB503F5DC04C0C6A946FFB515F2F0BDC4332F2674706F7C1908B681D8EE3667777092C06DC9CF00F98143F4A1350FCBAEBB5157A5473D33F51778987B35B1D48249A491EE8F8778DE6DC29131F708642884BED0B0D159E1EFE428D18D3631F13A593323F1659FE9E1A708115D2F131DCC3808CE016036FF1D0D9193CBEB2CD1C49F9973E0BCB09A2A9394E2F5565D64617
34020170709093311 2 6 100 7679 5 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145936FC71EB57 34020171214093125 2 6 100 7679 2 DC810DED621062F0CB271F50E716119CBA30A56C758377BD69D70043B8C9ACA2E7EFA9896D324B18FB1A550BDB994533A67258C7EB28B23D1AFB6D3FE0C5C8AD961F2BFAE67E57978F749D3F33A0D9AEAFD817FD663E60298D0DF73E4B27A85B6799D929240EC6C4C59E0D98E0A7875F3FCC3E29394083D1344F78DC70B5E23C108A03B7B81121BEDD2093262B7E32C7AB695AD545D3A99F410199DDD9759FE1EE8502180206841B3C74CB6A939B38707309B421A75FFEC30C977F91A9F9F3C9F65EF2EA6251E72F8A65C7753815C188320E91B079EDFB9F1D480F529B67075B57523C44895DE2427D32D3935EAC5F46659C5F723C9BB006862EF143A77C384560EB5474F8D034FC8059F6D7BCD9EBD17D2740741FB4025CF87FFE3DAAFF72C8D9D10E1F779AEC56D3C6340426E2D980EAA07C46F2E720D1B8206D2A29162C6CA877FA89C0876DA70FF3A773BDEE1BB5831EFB58A9191430B0DE46EA4F484642F257AC176B74A91A02594D00D2FD30BE4927DED30C4389245EC5ECA93B1B08AFBB86B8012394F8CB874DC092498A2F9B44E27804C039632A192C8329F0DF25B196E6AB5E07FB3732B94990A2F0490FB07D9E33B0AA2830EDB572D7C7968A193B83FF869F65ABEDEC65EB03EA6DF0CD6C077DE627FD3583AFDA1754E655BE7ECF7A2BEAA422E516B26194FAEFEE6F535439B413325E1263E7E797DE9D717540A96AF360F8EE1FD4B190A513E83AEF6BCAB5A245F4A4F129F5F8AED11A558FE968A0CF2E254438384D0EE91BEE99A39696821DBA585144FA65484897CFC517FCE1D1512F792C6996063585F640AC9480220ED1FF3EDC1D7E55344977F71692D6F5DB091821A3F9612B65138848B874A93A71A74039337BF291938B0A8ACA2141BE969DCE4322A276C86C5A8E369EF6717158B46EBE48F8F9BC4F2E46203AC21CDD9F0ED1989F7D964D46D7DA63444C9CADA82AF53E38873A5D3F68868CA4F65748210716658F2A841B3890E773A2623A59073F14A0F2F1B0893FDBE5BA72FC9609DB8E8A56A322E2B4178CE7B2022D741BD256303D926B48D5239B354F611C52B475C62351854D6E27C89231E7E7972C19C7D6F5BEB07D1A1FF827348DA862F422047A2DB7B591AE497578A4BA95CBECFB503F5DC04C0C6A946FFB515F2F0BDC4332F2674706F7C1908B681D8EE3667777092C06DC9CF00F98143F4A1350FCBAEBB5157A5473D33F51778987B35B1D48249A491EE8F8778DE6DC29131F708642884BED0B0D159E1EFE428D18D3631F13A593323F1659FE9E1A708115D2F131DCC3808CE016036FF1D0D9193CBEB2CD1C49F9973E0BCB09A2A9394E2F557B083E83
34120170709151341 2 6 100 7679 5 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D14593700D34957 34120171214095927 2 6 100 7679 5 DC810DED621062F0CB271F50E716119CBA30A56C758377BD69D70043B8C9ACA2E7EFA9896D324B18FB1A550BDB994533A67258C7EB28B23D1AFB6D3FE0C5C8AD961F2BFAE67E57978F749D3F33A0D9AEAFD817FD663E60298D0DF73E4B27A85B6799D929240EC6C4C59E0D98E0A7875F3FCC3E29394083D1344F78DC70B5E23C108A03B7B81121BEDD2093262B7E32C7AB695AD545D3A99F410199DDD9759FE1EE8502180206841B3C74CB6A939B38707309B421A75FFEC30C977F91A9F9F3C9F65EF2EA6251E72F8A65C7753815C188320E91B079EDFB9F1D480F529B67075B57523C44895DE2427D32D3935EAC5F46659C5F723C9BB006862EF143A77C384560EB5474F8D034FC8059F6D7BCD9EBD17D2740741FB4025CF87FFE3DAAFF72C8D9D10E1F779AEC56D3C6340426E2D980EAA07C46F2E720D1B8206D2A29162C6CA877FA89C0876DA70FF3A773BDEE1BB5831EFB58A9191430B0DE46EA4F484642F257AC176B74A91A02594D00D2FD30BE4927DED30C4389245EC5ECA93B1B08AFBB86B8012394F8CB874DC092498A2F9B44E27804C039632A192C8329F0DF25B196E6AB5E07FB3732B94990A2F0490FB07D9E33B0AA2830EDB572D7C7968A193B83FF869F65ABEDEC65EB03EA6DF0CD6C077DE627FD3583AFDA1754E655BE7ECF7A2BEAA422E516B26194FAEFEE6F535439B413325E1263E7E797DE9D717540A96AF360F8EE1FD4B190A513E83AEF6BCAB5A245F4A4F129F5F8AED11A558FE968A0CF2E254438384D0EE91BEE99A39696821DBA585144FA65484897CFC517FCE1D1512F792C6996063585F640AC9480220ED1FF3EDC1D7E55344977F71692D6F5DB091821A3F9612B65138848B874A93A71A74039337BF291938B0A8ACA2141BE969DCE4322A276C86C5A8E369EF6717158B46EBE48F8F9BC4F2E46203AC21CDD9F0ED1989F7D964D46D7DA63444C9CADA82AF53E38873A5D3F68868CA4F65748210716658F2A841B3890E773A2623A59073F14A0F2F1B0893FDBE5BA72FC9609DB8E8A56A322E2B4178CE7B2022D741BD256303D926B48D5239B354F611C52B475C62351854D6E27C89231E7E7972C19C7D6F5BEB07D1A1FF827348DA862F422047A2DB7B591AE497578A4BA95CBECFB503F5DC04C0C6A946FFB515F2F0BDC4332F2674706F7C1908B681D8EE3667777092C06DC9CF00F98143F4A1350FCBAEBB5157A5473D33F51778987B35B1D48249A491EE8F8778DE6DC29131F708642884BED0B0D159E1EFE428D18D3631F13A593323F1659FE9E1A708115D2F131DCC3808CE016036FF1D0D9193CBEB2CD1C49F9973E0BCB09A2A9394E2F557B5C6367
34220170709162318 2 6 100 7679 5 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D14593701B3041F 34220171214222602 2 6 100 7679 2 DC810DED621062F0CB271F50E716119CBA30A56C758377BD69D70043B8C9ACA2E7EFA9896D324B18FB1A550BDB994533A67258C7EB28B23D1AFB6D3FE0C5C8AD961F2BFAE67E57978F749D3F33A0D9AEAFD817FD663E60298D0DF73E4B27A85B6799D929240EC6C4C59E0D98E0A7875F3FCC3E29394083D1344F78DC70B5E23C108A03B7B81121BEDD2093262B7E32C7AB695AD545D3A99F410199DDD9759FE1EE8502180206841B3C74CB6A939B38707309B421A75FFEC30C977F91A9F9F3C9F65EF2EA6251E72F8A65C7753815C188320E91B079EDFB9F1D480F529B67075B57523C44895DE2427D32D3935EAC5F46659C5F723C9BB006862EF143A77C384560EB5474F8D034FC8059F6D7BCD9EBD17D2740741FB4025CF87FFE3DAAFF72C8D9D10E1F779AEC56D3C6340426E2D980EAA07C46F2E720D1B8206D2A29162C6CA877FA89C0876DA70FF3A773BDEE1BB5831EFB58A9191430B0DE46EA4F484642F257AC176B74A91A02594D00D2FD30BE4927DED30C4389245EC5ECA93B1B08AFBB86B8012394F8CB874DC092498A2F9B44E27804C039632A192C8329F0DF25B196E6AB5E07FB3732B94990A2F0490FB07D9E33B0AA2830EDB572D7C7968A193B83FF869F65ABEDEC65EB03EA6DF0CD6C077DE627FD3583AFDA1754E655BE7ECF7A2BEAA422E516B26194FAEFEE6F535439B413325E1263E7E797DE9D717540A96AF360F8EE1FD4B190A513E83AEF6BCAB5A245F4A4F129F5F8AED11A558FE968A0CF2E254438384D0EE91BEE99A39696821DBA585144FA65484897CFC517FCE1D1512F792C6996063585F640AC9480220ED1FF3EDC1D7E55344977F71692D6F5DB091821A3F9612B65138848B874A93A71A74039337BF291938B0A8ACA2141BE969DCE4322A276C86C5A8E369EF6717158B46EBE48F8F9BC4F2E46203AC21CDD9F0ED1989F7D964D46D7DA63444C9CADA82AF53E38873A5D3F68868CA4F65748210716658F2A841B3890E773A2623A59073F14A0F2F1B0893FDBE5BA72FC9609DB8E8A56A322E2B4178CE7B2022D741BD256303D926B48D5239B354F611C52B475C62351854D6E27C89231E7E7972C19C7D6F5BEB07D1A1FF827348DA862F422047A2DB7B591AE497578A4BA95CBECFB503F5DC04C0C6A946FFB515F2F0BDC4332F2674706F7C1908B681D8EE3667777092C06DC9CF00F98143F4A1350FCBAEBB5157A5473D33F51778987B35B1D48249A491EE8F8778DE6DC29131F708642884BED0B0D159E1EFE428D18D3631F13A593323F1659FE9E1A708115D2F131DCC3808CE016036FF1D0D9193CBEB2CD1C49F9973E0BCB09A2A9394E2F5585408053
34320170709184215 2 6 100 7679 2 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D1459370374B3A3 34320171214233609 2 6 100 7679 2 DC810DED621062F0CB271F50E716119CBA30A56C758377BD69D70043B8C9ACA2E7EFA9896D324B18FB1A550BDB994533A67258C7EB28B23D1AFB6D3FE0C5C8AD961F2BFAE67E57978F749D3F33A0D9AEAFD817FD663E60298D0DF73E4B27A85B6799D929240EC6C4C59E0D98E0A7875F3FCC3E29394083D1344F78DC70B5E23C108A03B7B81121BEDD2093262B7E32C7AB695AD545D3A99F410199DDD9759FE1EE8502180206841B3C74CB6A939B38707309B421A75FFEC30C977F91A9F9F3C9F65EF2EA6251E72F8A65C7753815C188320E91B079EDFB9F1D480F529B67075B57523C44895DE2427D32D3935EAC5F46659C5F723C9BB006862EF143A77C384560EB5474F8D034FC8059F6D7BCD9EBD17D2740741FB4025CF87FFE3DAAFF72C8D9D10E1F779AEC56D3C6340426E2D980EAA07C46F2E720D1B8206D2A29162C6CA877FA89C0876DA70FF3A773BDEE1BB5831EFB58A9191430B0DE46EA4F484642F257AC176B74A91A02594D00D2FD30BE4927DED30C4389245EC5ECA93B1B08AFBB86B8012394F8CB874DC092498A2F9B44E27804C039632A192C8329F0DF25B196E6AB5E07FB3732B94990A2F0490FB07D9E33B0AA2830EDB572D7C7968A193B83FF869F65ABEDEC65EB03EA6DF0CD6C077DE627FD3583AFDA1754E655BE7ECF7A2BEAA422E516B26194FAEFEE6F535439B413325E1263E7E797DE9D717540A96AF360F8EE1FD4B190A513E83AEF6BCAB5A245F4A4F129F5F8AED11A558FE968A0CF2E254438384D0EE91BEE99A39696821DBA585144FA65484897CFC517FCE1D1512F792C6996063585F640AC9480220ED1FF3EDC1D7E55344977F71692D6F5DB091821A3F9612B65138848B874A93A71A74039337BF291938B0A8ACA2141BE969DCE4322A276C86C5A8E369EF6717158B46EBE48F8F9BC4F2E46203AC21CDD9F0ED1989F7D964D46D7DA63444C9CADA82AF53E38873A5D3F68868CA4F65748210716658F2A841B3890E773A2623A59073F14A0F2F1B0893FDBE5BA72FC9609DB8E8A56A322E2B4178CE7B2022D741BD256303D926B48D5239B354F611C52B475C62351854D6E27C89231E7E7972C19C7D6F5BEB07D1A1FF827348DA862F422047A2DB7B591AE497578A4BA95CBECFB503F5DC04C0C6A946FFB515F2F0BDC4332F2674706F7C1908B681D8EE3667777092C06DC9CF00F98143F4A1350FCBAEBB5157A5473D33F51778987B35B1D48249A491EE8F8778DE6DC29131F708642884BED0B0D159E1EFE428D18D3631F13A593323F1659FE9E1A708115D2F131DCC3808CE016036FF1D0D9193CBEB2CD1C49F9973E0BCB09A2A9394E2F55862A758B
34420170709215933 2 6 100 7679 5 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D14593705ED75E7 34420171215214134 2 6 100 7679 2 DC810DED621062F0CB271F50E716119CBA30A56C758377BD69D70043B8C9ACA2E7EFA9896D324B18FB1A550BDB994533A67258C7EB28B23D1AFB6D3FE0C5C8AD961F2BFAE67E57978F749D3F33A0D9AEAFD817FD663E60298D0DF73E4B27A85B6799D929240EC6C4C59E0D98E0A7875F3FCC3E29394083D1344F78DC70B5E23C108A03B7B81121BEDD2093262B7E32C7AB695AD545D3A99F410199DDD9759FE1EE8502180206841B3C74CB6A939B38707309B421A75FFEC30C977F91A9F9F3C9F65EF2EA6251E72F8A65C7753815C188320E91B079EDFB9F1D480F529B67075B57523C44895DE2427D32D3935EAC5F46659C5F723C9BB006862EF143A77C384560EB5474F8D034FC8059F6D7BCD9EBD17D2740741FB4025CF87FFE3DAAFF72C8D9D10E1F779AEC56D3C6340426E2D980EAA07C46F2E720D1B8206D2A29162C6CA877FA89C0876DA70FF3A773BDEE1BB5831EFB58A9191430B0DE46EA4F484642F257AC176B74A91A02594D00D2FD30BE4927DED30C4389245EC5ECA93B1B08AFBB86B8012394F8CB874DC092498A2F9B44E27804C039632A192C8329F0DF25B196E6AB5E07FB3732B94990A2F0490FB07D9E33B0AA2830EDB572D7C7968A193B83FF869F65ABEDEC65EB03EA6DF0CD6C077DE627FD3583AFDA1754E655BE7ECF7A2BEAA422E516B26194FAEFEE6F535439B413325E1263E7E797DE9D717540A96AF360F8EE1FD4B190A513E83AEF6BCAB5A245F4A4F129F5F8AED11A558FE968A0CF2E254438384D0EE91BEE99A39696821DBA585144FA65484897CFC517FCE1D1512F792C6996063585F640AC9480220ED1FF3EDC1D7E55344977F71692D6F5DB091821A3F9612B65138848B874A93A71A74039337BF291938B0A8ACA2141BE969DCE4322A276C86C5A8E369EF6717158B46EBE48F8F9BC4F2E46203AC21CDD9F0ED1989F7D964D46D7DA63444C9CADA82AF53E38873A5D3F68868CA4F65748210716658F2A841B3890E773A2623A59073F14A0F2F1B0893FDBE5BA72FC9609DB8E8A56A322E2B4178CE7B2022D741BD256303D926B48D5239B354F611C52B475C62351854D6E27C89231E7E7972C19C7D6F5BEB07D1A1FF827348DA862F422047A2DB7B591AE497578A4BA95CBECFB503F5DC04C0C6A946FFB515F2F0BDC4332F2674706F7C1908B681D8EE3667777092C06DC9CF00F98143F4A1350FCBAEBB5157A5473D33F51778987B35B1D48249A491EE8F8778DE6DC29131F708642884BED0B0D159E1EFE428D18D3631F13A593323F1659FE9E1A708115D2F131DCC3808CE016036FF1D0D9193CBEB2CD1C49F9973E0BCB09A2A9394E2F559742D26B
34520170710000252 2 6 100 7679 2 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D145937077174C3 34520171216043116 2 6 100 7679 5 DC810DED621062F0CB271F50E716119CBA30A56C758377BD69D70043B8C9ACA2E7EFA9896D324B18FB1A550BDB994533A67258C7EB28B23D1AFB6D3FE0C5C8AD961F2BFAE67E57978F749D3F33A0D9AEAFD817FD663E60298D0DF73E4B27A85B6799D929240EC6C4C59E0D98E0A7875F3FCC3E29394083D1344F78DC70B5E23C108A03B7B81121BEDD2093262B7E32C7AB695AD545D3A99F410199DDD9759FE1EE8502180206841B3C74CB6A939B38707309B421A75FFEC30C977F91A9F9F3C9F65EF2EA6251E72F8A65C7753815C188320E91B079EDFB9F1D480F529B67075B57523C44895DE2427D32D3935EAC5F46659C5F723C9BB006862EF143A77C384560EB5474F8D034FC8059F6D7BCD9EBD17D2740741FB4025CF87FFE3DAAFF72C8D9D10E1F779AEC56D3C6340426E2D980EAA07C46F2E720D1B8206D2A29162C6CA877FA89C0876DA70FF3A773BDEE1BB5831EFB58A9191430B0DE46EA4F484642F257AC176B74A91A02594D00D2FD30BE4927DED30C4389245EC5ECA93B1B08AFBB86B8012394F8CB874DC092498A2F9B44E27804C039632A192C8329F0DF25B196E6AB5E07FB3732B94990A2F0490FB07D9E33B0AA2830EDB572D7C7968A193B83FF869F65ABEDEC65EB03EA6DF0CD6C077DE627FD3583AFDA1754E655BE7ECF7A2BEAA422E516B26194FAEFEE6F535439B413325E1263E7E797DE9D717540A96AF360F8EE1FD4B190A513E83AEF6BCAB5A245F4A4F129F5F8AED11A558FE968A0CF2E254438384D0EE91BEE99A39696821DBA585144FA65484897CFC517FCE1D1512F792C6996063585F640AC9480220ED1FF3EDC1D7E55344977F71692D6F5DB091821A3F9612B65138848B874A93A71A74039337BF291938B0A8ACA2141BE969DCE4322A276C86C5A8E369EF6717158B46EBE48F8F9BC4F2E46203AC21CDD9F0ED1989F7D964D46D7DA63444C9CADA82AF53E38873A5D3F68868CA4F65748210716658F2A841B3890E773A2623A59073F14A0F2F1B0893FDBE5BA72FC9609DB8E8A56A322E2B4178CE7B2022D741BD256303D926B48D5239B354F611C52B475C62351854D6E27C89231E7E7972C19C7D6F5BEB07D1A1FF827348DA862F422047A2DB7B591AE497578A4BA95CBECFB503F5DC04C0C6A946FFB515F2F0BDC4332F2674706F7C1908B681D8EE3667777092C06DC9CF00F98143F4A1350FCBAEBB5157A5473D33F51778987B35B1D48249A491EE8F8778DE6DC29131F708642884BED0B0D159E1EFE428D18D3631F13A593323F1659FE9E1A708115D2F131DCC3808CE016036FF1D0D9193CBEB2CD1C49F9973E0BCB09A2A9394E2F559C858AD7
34620170710052851 2 6 100 7679 2 C0388038628CD48D5377C99911D89CEDF70AC54721EE6974975D61C9E25580D2108B48CBCDB8B647B271FA822546C00580DB013D19EE5A49EFD9AAECA2036A83BB3E2F96C3E7CB273AA9ACEFCA5A3E4C7C8FCF3332DE11288D8BD76E17B4C530F5F6EFB0D757F63E3B2B519EE960FA8206DF81E7B9DA463CE389E3164588BF5B66355D481DC620F0B2F352782105DF3AB86076DD7D612CE9839CB251D5C975166859A41B740E08E66B746B710479FAA430E2891E60647E04FE71D8F8BC9A6BCD20CFB42299142DC016E672CC350D497809379F54F6F3D1649ADCE72ADECEAAE1ECA85EEE8006700379DE3687A67AF796E1F317815461CFF6E58615CD453265612315FA8F99DC65D9CC218004671E43CE58C9F54862D86B58FD71212199A2A562B1AB9604BF43676A403E8EA56A69E68F1CF0C60C83B8EB31D9C0A23D8410C3A6898D749CAD8CDA9F17A224536BD08436B25E50BA67BAD09276BB55583CEDF48AEEFFD8FA3DBE4F609760DF1EDED136B38792CD164D2EA3C5443F0D8F9117544A9A6AAC615ADE01440B7948B2B53BC3F7218DEDEB16D23C3B0C2AA4BEB99F9A9225D87B6CCB037D8E9A2918C20FE9F2BFF429FD0F23AE370E820842AEDD823DD5B6DDD7F4AD3A06735A2E4144DBABEA5DD83A6AA98EED5F6F3021C246FBABD280986A1E7A24CCBE11BC3050CC04DB566277CECBA8B5BDC1D15E1F066B25B668C7B87EA54894EC7559B64F1400934DCE1C06A10955988E3B3F4A40566B3989608404859335C53EBD6BEE21614EB7C954D543DBA7EB61555B7CED9D08EF560426DBCE3018FBEF788CF69AEAB433B692A9E28CBAFEFC048BD9AB423678D4DD5807329BCC417CF77EC7FD8E50B6D9A8D6B2017B24F6890557AF327980D086499B7C4ED6518B9C23DAB9571CA9E8E949C039C5CC002CBC9BDD08728D543143AFE577738AD309AB2493A8157272196B73C28A4826B37A8274198A4E8188CDADB1D7BB209C84D03500F79B9DFEC1E4441F34069CC01D6B9A57940914F56217C0F3A5CE0C75DE2815EE396D4AB00EC9695DFBCDD88EA6C8017CC29B1257EED39B50E0D075CCF9564D4B22F59F4B5E6667E4CACAC6B63D8CC1C9AB2CC6309A319E559D2062FB99D15B62F08E4DAD676698813D227FF8967B3B3830970E92277B2446A3C269A74FB437800824A8987DA3636A17A53C7E55C66077BE0FBD63441402F19C6C4E1F1C46185A3F3F5D7D7F553F0066EBFCF2ECD74CFC6DB48F6A458AE66EC12532B691FA3AE9A0C19809B3A1AF06340EFB012A33D484D272CA09D5862DAC5E3A00006F260BDE5CE74E007AB12A8F686373949308E574DCE7EA9D1459370B975DE3 34620171216061211 2 6 100 7679 5 DC810DED621062F0CB271F50E716119CBA30A56C758377BD69D70043B8C9ACA2E7EFA9896D324B18FB1A550BDB994533A67258C7EB28B23D1AFB6D3FE0C5C8AD961F2BFAE67E57978F749D3F33A0D9AEAFD817FD663E60298D0DF73E4B27A85B6799D929240EC6C4C59E0D98E0A7875F3FCC3E29394083D1344F78DC70B5E23C108A03B7B81121BEDD2093262B7E32C7AB695AD545D3A99F410199DDD9759FE1EE8502180206841B3C74CB6A939B38707309B421A75FFEC30C977F91A9F9F3C9F65EF2EA6251E72F8A65C7753815C188320E91B079EDFB9F1D480F529B67075B57523C44895DE2427D32D3935EAC5F46659C5F723C9BB006862EF143A77C384560EB5474F8D034FC8059F6D7BCD9EBD17D2740741FB4025CF87FFE3DAAFF72C8D9D10E1F779AEC56D3C6340426E2D980EAA07C46F2E720D1B8206D2A29162C6CA877FA89C0876DA70FF3A773BDEE1BB5831EFB58A9191430B0DE46EA4F484642F257AC176B74A91A02594D00D2FD30BE4927DED30C4389245EC5ECA93B1B08AFBB86B8012394F8CB874DC092498A2F9B44E27804C039632A192C8329F0DF25B196E6AB5E07FB3732B94990A2F0490FB07D9E33B0AA2830EDB572D7C7968A193B83FF869F65ABEDEC65EB03EA6DF0CD6C077DE627FD3583AFDA1754E655BE7ECF7A2BEAA422E516B26194FAEFEE6F535439B413325E1263E7E797DE9D717540A96AF360F8EE1FD4B190A513E83AEF6BCAB5A245F4A4F129F5F8AED11A558FE968A0CF2E254438384D0EE91BEE99A39696821DBA585144FA65484897CFC517FCE1D1512F792C6996063585F640AC9480220ED1FF3EDC1D7E55344977F71692D6F5DB091821A3F9612B65138848B874A93A71A74039337BF291938B0A8ACA2141BE969DCE4322A276C86C5A8E369EF6717158B46EBE48F8F9BC4F2E46203AC21CDD9F0ED1989F7D964D46D7DA63444C9CADA82AF53E38873A5D3F68868CA4F65748210716658F2A841B3890E773A2623A59073F14A0F2F1B0893FDBE5BA72FC9609DB8E8A56A322E2B4178CE7B2022D741BD256303D926B48D5239B354F611C52B475C62351854D6E27C89231E7E7972C19C7D6F5BEB07D1A1FF827348DA862F422047A2DB7B591AE497578A4BA95CBECFB503F5DC04C0C6A946FFB515F2F0BDC4332F2674706F7C1908B681D8EE3667777092C06DC9CF00F98143F4A1350FCBAEBB5157A5473D33F51778987B35B1D48249A491EE8F8778DE6DC29131F708642884BED0B0D159E1EFE428D18D3631F13A593323F1659FE9E1A708115D2F131DCC3808CE016036FF1D0D9193CBEB2CD1C49F9973E0BCB09A2A9394E2F559DBA299F
34720170710074510 2 6 100 8191 2 DDFBC1CD4FB7E30639422038F1FFBA2CD3EC3915F3C923282C6588F6EB218FF7B24870C0FE4B48213AB0948E101686FB7B0093ED467B6CA413EDD4B0BFE2155AEBC4DA3D2DD0C78DA9AD989A0E989010D6D5E86A123C169E126F97826EE5F602FF641FDF642A107E7538CB61740CBAF69F6C7DC5DD4DF28998AB61B8672F0B74A3A8DD7D165828D69DCC1BAE4D45F707C3894E040BCC0AF7AA810A6D5CB89276217EB7AFAFE4966D68C10318E8C8CB23CA593E8057F29FF9154908B11D6530E6352F9406C81D9DAC5C298979320B4E0DD89203A1F680C8084154D0439DB6C53EDAF6FCC0E8682EC99D345180120AEC810CBB0C2F1B6D1B660ACEAAD5996A5D184659B6A1F11456BA6A5E94D223959D8171C030499A9DB458702CB35CA7E7CD75D26FF5E94640AB8740ECE82559784BB6D5CB4D041D053629BD3F4178077F3F7E280296C46A3F0FBC37813A1AA221FBA2612F0CFE56450E9B1F2C2AE278EC7A7AAB66D61FA9749FE997EDC31131091620897014D33B2386B490CFD80656B7D2EB08C9DA9928798986996D60F74D766EB8988E2FF676E38C587E7A6651AA28BEB8BB56EBBD6E641E92309AEAA671A5F2EC72629442D2C3A4C2B8E4304DC71B342CD116527832078E6B53C1E0A72909615B408E17625F7259ACA98E46359448FC141F57B51A069B8A402AE3A87E10AE7E910F3916BAC6CE716C539E825A06626673DE7EBD899A3982FCC599791E7CA964C0D37BB076708C03DC7C022980974025C0EA9B72CC3D0A03E4626E030E9C857ECF6B3807AC9E8E0F72098C7E80DAA05BFF60394A8374096878F015597DD5B22E65646A7DDC87B5F6AE68594DF39B0BDB2675A32369AD81FD62033146B8DA6A801E918572CBC70DEBA9F70D088D69425733ACE0084E60E7FCB459A5B71F74F711184B1AEA240834D28D049474BB2E7ED1B17AA2B5EB7D274341456834320BE8FB245B1C2B84A096E7E40573FEB7C2997ED16C8C2C62409B8064398ED220FA82C59E53AD7E864C24473FCC7F017B897D5855F092A9428957467EFD93F67D3FA302C578328A9484CD0496CC83BEAC96504F9601DA2048D25BF43B5A69E46234A164D854B89DF1DEDC36F0304BA5FC035B27E782087C3EC0A81840A3EC042204C63F9698CC74A818428039B23664C409529C4EDD822DF77819805023795EE625D524F12824C1F1FE99546DF75107AFFF7D424C4C3FB3D0BDA2E9BC0D93603457FFE44FABEAB1E6B62223B201D42784731BEE11E0FF0BF29C930DAF913F974739800522E2B9C4094475A5F35AA92E2939E5719EB4EE19446ADC9ECC7EE6BAB5D264C9E74AB6DE856D541146048341EB51734A34E33EF8D929F645E23FD902CB5676DA9C84C9F46490710DC8CF2AA922252C3885CBD8D0CB1D176CAFEB46A625C56BE949F487C6E35E2CE481F024C8898200FD23 34720171216061646 2 6 100 7679 2 DC810DED621062F0CB271F50E716119CBA30A56C758377BD69D70043B8C9ACA2E7EFA9896D324B18FB1A550BDB994533A67258C7EB28B23D1AFB6D3FE0C5C8AD961F2BFAE67E57978F749D3F33A0D9AEAFD817FD663E60298D0DF73E4B27A85B6799D929240EC6C4C59E0D98E0A7875F3FCC3E29394083D1344F78DC70B5E23C108A03B7B81121BEDD2093262B7E32C7AB695AD545D3A99F410199DDD9759FE1EE8502180206841B3C74CB6A939B38707309B421A75FFEC30C977F91A9F9F3C9F65EF2EA6251E72F8A65C7753815C188320E91B079EDFB9F1D480F529B67075B57523C44895DE2427D32D3935EAC5F46659C5F723C9BB006862EF143A77C384560EB5474F8D034FC8059F6D7BCD9EBD17D2740741FB4025CF87FFE3DAAFF72C8D9D10E1F779AEC56D3C6340426E2D980EAA07C46F2E720D1B8206D2A29162C6CA877FA89C0876DA70FF3A773BDEE1BB5831EFB58A9191430B0DE46EA4F484642F257AC176B74A91A02594D00D2FD30BE4927DED30C4389245EC5ECA93B1B08AFBB86B8012394F8CB874DC092498A2F9B44E27804C039632A192C8329F0DF25B196E6AB5E07FB3732B94990A2F0490FB07D9E33B0AA2830EDB572D7C7968A193B83FF869F65ABEDEC65EB03EA6DF0CD6C077DE627FD3583AFDA1754E655BE7ECF7A2BEAA422E516B26194FAEFEE6F535439B413325E1263E7E797DE9D717540A96AF360F8EE1FD4B190A513E83AEF6BCAB5A245F4A4F129F5F8AED11A558FE968A0CF2E254438384D0EE91BEE99A39696821DBA585144FA65484897CFC517FCE1D1512F792C6996063585F640AC9480220ED1FF3EDC1D7E55344977F71692D6F5DB091821A3F9612B65138848B874A93A71A74039337BF291938B0A8ACA2141BE969DCE4322A276C86C5A8E369EF6717158B46EBE48F8F9BC4F2E46203AC21CDD9F0ED1989F7D964D46D7DA63444C9CADA82AF53E38873A5D3F68868CA4F65748210716658F2A841B3890E773A2623A59073F14A0F2F1B0893FDBE5BA72FC9609DB8E8A56A322E2B4178CE7B2022D741BD256303D926B48D5239B354F611C52B475C62351854D6E27C89231E7E7972C19C7D6F5BEB07D1A1FF827348DA862F422047A2DB7B591AE497578A4BA95CBECFB503F5DC04C0C6A946FFB515F2F0BDC4332F2674706F7C1908B681D8EE3667777092C06DC9CF00F98143F4A1350FCBAEBB5157A5473D33F51778987B35B1D48249A491EE8F8778DE6DC29131F708642884BED0B0D159E1EFE428D18D3631F13A593323F1659FE9E1A708115D2F131DCC3808CE016036FF1D0D9193CBEB2CD1C49F9973E0BCB09A2A9394E2F559DBFD57B
34820170710114649 2 6 100 8191 2 DDFBC1CD4FB7E30639422038F1FFBA2CD3EC3915F3C923282C6588F6EB218FF7B24870C0FE4B48213AB0948E101686FB7B0093ED467B6CA413EDD4B0BFE2155AEBC4DA3D2DD0C78DA9AD989A0E989010D6D5E86A123C169E126F97826EE5F602FF641FDF642A107E7538CB61740CBAF69F6C7DC5DD4DF28998AB61B8672F0B74A3A8DD7D165828D69DCC1BAE4D45F707C3894E040BCC0AF7AA810A6D5CB89276217EB7AFAFE4966D68C10318E8C8CB23CA593E8057F29FF9154908B11D6530E6352F9406C81D9DAC5C298979320B4E0DD89203A1F680C8084154D0439DB6C53EDAF6FCC0E8682EC99D345180120AEC810CBB0C2F1B6D1B660ACEAAD5996A5D184659B6A1F11456BA6A5E94D223959D8171C030499A9DB458702CB35CA7E7CD75D26FF5E94640AB8740ECE82559784BB6D5CB4D041D053629BD3F4178077F3F7E280296C46A3F0FBC37813A1AA221FBA2612F0CFE56450E9B1F2C2AE278EC7A7AAB66D61FA9749FE997EDC31131091620897014D33B2386B490CFD80656B7D2EB08C9DA9928798986996D60F74D766EB8988E2FF676E38C587E7A6651AA28BEB8BB56EBBD6E641E92309AEAA671A5F2EC72629442D2C3A4C2B8E4304DC71B342CD116527832078E6B53C1E0A72909615B408E17625F7259ACA98E46359448FC141F57B51A069B8A402AE3A87E10AE7E910F3916BAC6CE716C539E825A06626673DE7EBD899A3982FCC599791E7CA964C0D37BB076708C03DC7C022980974025C0EA9B72CC3D0A03E4626E030E9C857ECF6B3807AC9E8E0F72098C7E80DAA05BFF60394A8374096878F015597DD5B22E65646A7DDC87B5F6AE68594DF39B0BDB2675A32369AD81FD62033146B8DA6A801E918572CBC70DEBA9F70D088D69425733ACE0084E60E7FCB459A5B71F74F711184B1AEA240834D28D049474BB2E7ED1B17AA2B5EB7D274341456834320BE8FB245B1C2B84A096E7E40573FEB7C2997ED16C8C2C62409B8064398ED220FA82C59E53AD7E864C24473FCC7F017B897D5855F092A9428957467EFD93F67D3FA302C578328A9484CD0496CC83BEAC96504F9601DA2048D25BF43B5A69E46234A164D854B89DF1DEDC36F0304BA5FC035B27E782087C3EC0A81840A3EC042204C63F9698CC74A818428039B23664C409529C4EDD822DF77819805023795EE625D524F12824C1F1FE99546DF75107AFFF7D424C4C3FB3D0BDA2E9BC0D93603457FFE44FABEAB1E6B62223B201D42784731BEE11E0FF0BF29C930DAF913F974739800522E2B9C4094475A5F35AA92E2939E5719EB4EE19446ADC9ECC7EE6BAB5D264C9E74AB6DE856D541146048341EB51734A34E33EF8D929F645E23FD902CB5676DA9C84C9F46490710DC8CF2AA922252C3885CBD8D0CB1D176CAFEB46A625C56BE949F487C6E35E2CE481F024C88984F315BB 34820171216094255 2 6 100 7679 2 DC810DED621062F0CB271F50E716119CBA30A56C758377BD69D70043B8C9ACA2E7EFA9896D324B18FB1A550BDB994533A67258C7EB28B23D1AFB6D3FE0C5C8AD961F2BFAE67E57978F749D3F33A0D9AEAFD817FD663E60298D0DF73E4B27A85B6799D929240EC6C4C59E0D98E0A7875F3FCC3E29394083D1344F78DC70B5E23C108A03B7B81121BEDD2093262B7E32C7AB695AD545D3A99F410199DDD9759FE1EE8502180206841B3C74CB6A939B38707309B421A75FFEC30C977F91A9F9F3C9F65EF2EA6251E72F8A65C7753815C188320E91B079EDFB9F1D480F529B67075B57523C44895DE2427D32D3935EAC5F46659C5F723C9BB006862EF143A77C384560EB5474F8D034FC8059F6D7BCD9EBD17D2740741FB4025CF87FFE3DAAFF72C8D9D10E1F779AEC56D3C6340426E2D980EAA07C46F2E720D1B8206D2A29162C6CA877FA89C0876DA70FF3A773BDEE1BB5831EFB58A9191430B0DE46EA4F484642F257AC176B74A91A02594D00D2FD30BE4927DED30C4389245EC5ECA93B1B08AFBB86B8012394F8CB874DC092498A2F9B44E27804C039632A192C8329F0DF25B196E6AB5E07FB3732B94990A2F0490FB07D9E33B0AA2830EDB572D7C7968A193B83FF869F65ABEDEC65EB03EA6DF0CD6C077DE627FD3583AFDA1754E655BE7ECF7A2BEAA422E516B26194FAEFEE6F535439B413325E1263E7E797DE9D717540A96AF360F8EE1FD4B190A513E83AEF6BCAB5A245F4A4F129F5F8AED11A558FE968A0CF2E254438384D0EE91BEE99A39696821DBA585144FA65484897CFC517FCE1D1512F792C6996063585F640AC9480220ED1FF3EDC1D7E55344977F71692D6F5DB091821A3F9612B65138848B874A93A71A74039337BF291938B0A8ACA2141BE969DCE4322A276C86C5A8E369EF6717158B46EBE48F8F9BC4F2E46203AC21CDD9F0ED1989F7D964D46D7DA63444C9CADA82AF53E38873A5D3F68868CA4F65748210716658F2A841B3890E773A2623A59073F14A0F2F1B0893FDBE5BA72FC9609DB8E8A56A322E2B4178CE7B2022D741BD256303D926B48D5239B354F611C52B475C62351854D6E27C89231E7E7972C19C7D6F5BEB07D1A1FF827348DA862F422047A2DB7B591AE497578A4BA95CBECFB503F5DC04C0C6A946FFB515F2F0BDC4332F2674706F7C1908B681D8EE3667777092C06DC9CF00F98143F4A1350FCBAEBB5157A5473D33F51778987B35B1D48249A491EE8F8778DE6DC29131F708642884BED0B0D159E1EFE428D18D3631F13A593323F1659FE9E1A708115D2F131DCC3808CE016036FF1D0D9193CBEB2CD1C49F9973E0BCB09A2A9394E2F55A0524813
34920170711033842 2 6 100 8191 5 DDFBC1CD4FB7E30639422038F1FFBA2CD3EC3915F3C923282C6588F6EB218FF7B24870C0FE4B48213AB0948E101686FB7B0093ED467B6CA413EDD4B0BFE2155AEBC4DA3D2DD0C78DA9AD989A0E989010D6D5E86A123C169E126F97826EE5F602FF641FDF642A107E7538CB61740CBAF69F6C7DC5DD4DF28998AB61B8672F0B74A3A8DD7D165828D69DCC1BAE4D45F707C3894E040BCC0AF7AA810A6D5CB89276217EB7AFAFE4966D68C10318E8C8CB23CA593E8057F29FF9154908B11D6530E6352F9406C81D9DAC5C298979320B4E0DD89203A1F680C8084154D0439DB6C53EDAF6FCC0E8682EC99D345180120AEC810CBB0C2F1B6D1B660ACEAAD5996A5D184659B6A1F11456BA6A5E94D223959D8171C030499A9DB458702CB35CA7E7CD75D26FF5E94640AB8740ECE82559784BB6D5CB4D041D053629BD3F4178077F3F7E280296C46A3F0FBC37813A1AA221FBA2612F0CFE56450E9B1F2C2AE278EC7A7AAB66D61FA9749FE997EDC31131091620897014D33B2386B490CFD80656B7D2EB08C9DA9928798986996D60F74D766EB8988E2FF676E38C587E7A6651AA28BEB8BB56EBBD6E641E92309AEAA671A5F2EC72629442D2C3A4C2B8E4304DC71B342CD116527832078E6B53C1E0A72909615B408E17625F7259ACA98E46359448FC141F57B51A069B8A402AE3A87E10AE7E910F3916BAC6CE716C539E825A06626673DE7EBD899A3982FCC599791E7CA964C0D37BB076708C03DC7C022980974025C0EA9B72CC3D0A03E4626E030E9C857ECF6B3807AC9E8E0F72098C7E80DAA05BFF60394A8374096878F015597DD5B22E65646A7DDC87B5F6AE68594DF39B0BDB2675A32369AD81FD62033146B8DA6A801E918572CBC70DEBA9F70D088D69425733ACE0084E60E7FCB459A5B71F74F711184B1AEA240834D28D049474BB2E7ED1B17AA2B5EB7D274341456834320BE8FB245B1C2B84A096E7E40573FEB7C2997ED16C8C2C62409B8064398ED220FA82C59E53AD7E864C24473FCC7F017B897D5855F092A9428957467EFD93F67D3FA302C578328A9484CD0496CC83BEAC96504F9601DA2048D25BF43B5A69E46234A164D854B89DF1DEDC36F0304BA5FC035B27E782087C3EC0A81840A3EC042204C63F9698CC74A818428039B23664C409529C4EDD822DF77819805023795EE625D524F12824C1F1FE99546DF75107AFFF7D424C4C3FB3D0BDA2E9BC0D93603457FFE44FABEAB1E6B62223B201D42784731BEE11E0FF0BF29C930DAF913F974739800522E2B9C4094475A5F35AA92E2939E5719EB4EE19446ADC9ECC7EE6BAB5D264C9E74AB6DE856D541146048341EB51734A34E33EF8D929F645E23FD902CB5676DA9C84C9F46490710DC8CF2AA922252C3885CBD8D0CB1D176CAFEB46A625C56BE949F487C6E35E2CE481F024C88990A1C3A7 34920171216110833 2 6 100 7679 5 DC810DED621062F0CB271F50E716119CBA30A56C758377BD69D70043B8C9ACA2E7EFA9896D324B18FB1A550BDB994533A67258C7EB28B23D1AFB6D3FE0C5C8AD961F2BFAE67E57978F749D3F33A0D9AEAFD817FD663E60298D0DF73E4B27A85B6799D929240EC6C4C59E0D98E0A7875F3FCC3E29394083D1344F78DC70B5E23C108A03B7B81121BEDD2093262B7E32C7AB695AD545D3A99F410199DDD9759FE1EE8502180206841B3C74CB6A939B38707309B421A75FFEC30C977F91A9F9F3C9F65EF2EA6251E72F8A65C7753815C188320E91B079EDFB9F1D480F529B67075B57523C44895DE2427D32D3935EAC5F46659C5F723C9BB006862EF143A77C384560EB5474F8D034FC8059F6D7BCD9EBD17D2740741FB4025CF87FFE3DAAFF72C8D9D10E1F779AEC56D3C6340426E2D980EAA07C46F2E720D1B8206D2A29162C6CA877FA89C0876DA70FF3A773BDEE1BB5831EFB58A9191430B0DE46EA4F484642F257AC176B74A91A02594D00D2FD30BE4927DED30C4389245EC5ECA93B1B08AFBB86B8012394F8CB874DC092498A2F9B44E27804C039632A192C8329F0DF25B196E6AB5E07FB3732B94990A2F0490FB07D9E33B0AA2830EDB572D7C7968A193B83FF869F65ABEDEC65EB03EA6DF0CD6C077DE627FD3583AFDA1754E655BE7ECF7A2BEAA422E516B26194FAEFEE6F535439B413325E1263E7E797DE9D717540A96AF360F8EE1FD4B190A513E83AEF6BCAB5A245F4A4F129F5F8AED11A558FE968A0CF2E254438384D0EE91BEE99A39696821DBA585144FA65484897CFC517FCE1D1512F792C6996063585F640AC9480220ED1FF3EDC1D7E55344977F71692D6F5DB091821A3F9612B65138848B874A93A71A74039337BF291938B0A8ACA2141BE969DCE4322A276C86C5A8E369EF6717158B46EBE48F8F9BC4F2E46203AC21CDD9F0ED1989F7D964D46D7DA63444C9CADA82AF53E38873A5D3F68868CA4F65748210716658F2A841B3890E773A2623A59073F14A0F2F1B0893FDBE5BA72FC9609DB8E8A56A322E2B4178CE7B2022D741BD256303D926B48D5239B354F611C52B475C62351854D6E27C89231E7E7972C19C7D6F5BEB07D1A1FF827348DA862F422047A2DB7B591AE497578A4BA95CBECFB503F5DC04C0C6A946FFB515F2F0BDC4332F2674706F7C1908B681D8EE3667777092C06DC9CF00F98143F4A1350FCBAEBB5157A5473D33F51778987B35B1D48249A491EE8F8778DE6DC29131F708642884BED0B0D159E1EFE428D18D3631F13A593323F1659FE9E1A708115D2F131DCC3808CE016036FF1D0D9193CBEB2CD1C49F9973E0BCB09A2A9394E2F55A15D5D1F
35020170711064933 2 6 100 8191 2 DDFBC1CD4FB7E30639422038F1FFBA2CD3EC3915F3C923282C6588F6EB218FF7B24870C0FE4B48213AB0948E101686FB7B0093ED467B6CA413EDD4B0BFE2155AEBC4DA3D2DD0C78DA9AD989A0E989010D6D5E86A123C169E126F97826EE5F602FF641FDF642A107E7538CB61740CBAF69F6C7DC5DD4DF28998AB61B8672F0B74A3A8DD7D165828D69DCC1BAE4D45F707C3894E040BCC0AF7AA810A6D5CB89276217EB7AFAFE4966D68C10318E8C8CB23CA593E8057F29FF9154908B11D6530E6352F9406C81D9DAC5C298979320B4E0DD89203A1F680C8084154D0439DB6C53EDAF6FCC0E8682EC99D345180120AEC810CBB0C2F1B6D1B660ACEAAD5996A5D184659B6A1F11456BA6A5E94D223959D8171C030499A9DB458702CB35CA7E7CD75D26FF5E94640AB8740ECE82559784BB6D5CB4D041D053629BD3F4178077F3F7E280296C46A3F0FBC37813A1AA221FBA2612F0CFE56450E9B1F2C2AE278EC7A7AAB66D61FA9749FE997EDC31131091620897014D33B2386B490CFD80656B7D2EB08C9DA9928798986996D60F74D766EB8988E2FF676E38C587E7A6651AA28BEB8BB56EBBD6E641E92309AEAA671A5F2EC72629442D2C3A4C2B8E4304DC71B342CD116527832078E6B53C1E0A72909615B408E17625F7259ACA98E46359448FC141F57B51A069B8A402AE3A87E10AE7E910F3916BAC6CE716C539E825A06626673DE7EBD899A3982FCC599791E7CA964C0D37BB076708C03DC7C022980974025C0EA9B72CC3D0A03E4626E030E9C857ECF6B3807AC9E8E0F72098C7E80DAA05BFF60394A8374096878F015597DD5B22E65646A7DDC87B5F6AE68594DF39B0BDB2675A32369AD81FD62033146B8DA6A801E918572CBC70DEBA9F70D088D69425733ACE0084E60E7FCB459A5B71F74F711184B1AEA240834D28D049474BB2E7ED1B17AA2B5EB7D274341456834320BE8FB245B1C2B84A096E7E40573FEB7C2997ED16C8C2C62409B8064398ED220FA82C59E53AD7E864C24473FCC7F017B897D5855F092A9428957467EFD93F67D3FA302C578328A9484CD0496CC83BEAC96504F9601DA2048D25BF43B5A69E46234A164D854B89DF1DEDC36F0304BA5FC035B27E782087C3EC0A81840A3EC042204C63F9698CC74A818428039B23664C409529C4EDD822DF77819805023795EE625D524F12824C1F1FE99546DF75107AFFF7D424C4C3FB3D0BDA2E9BC0D93603457FFE44FABEAB1E6B62223B201D42784731BEE11E0FF0BF29C930DAF913F974739800522E2B9C4094475A5F35AA92E2939E5719EB4EE19446ADC9ECC7EE6BAB5D264C9E74AB6DE856D541146048341EB51734A34E33EF8D929F645E23FD902CB5676DA9C84C9F46490710DC8CF2AA922252C3885CBD8D0CB1D176CAFEB46A625C56BE949F487C6E35E2CE481F024C88992F18383 35020171216171002 2 6 100 7679 2 DC810DED621062F0CB271F50E716119CBA30A56C758377BD69D70043B8C9ACA2E7EFA9896D324B18FB1A550BDB994533A67258C7EB28B23D1AFB6D3FE0C5C8AD961F2BFAE67E57978F749D3F33A0D9AEAFD817FD663E60298D0DF73E4B27A85B6799D929240EC6C4C59E0D98E0A7875F3FCC3E29394083D1344F78DC70B5E23C108A03B7B81121BEDD2093262B7E32C7AB695AD545D3A99F410199DDD9759FE1EE8502180206841B3C74CB6A939B38707309B421A75FFEC30C977F91A9F9F3C9F65EF2EA6251E72F8A65C7753815C188320E91B079EDFB9F1D480F529B67075B57523C44895DE2427D32D3935EAC5F46659C5F723C9BB006862EF143A77C384560EB5474F8D034FC8059F6D7BCD9EBD17D2740741FB4025CF87FFE3DAAFF72C8D9D10E1F779AEC56D3C6340426E2D980EAA07C46F2E720D1B8206D2A29162C6CA877FA89C0876DA70FF3A773BDEE1BB5831EFB58A9191430B0DE46EA4F484642F257AC176B74A91A02594D00D2FD30BE4927DED30C4389245EC5ECA93B1B08AFBB86B8012394F8CB874DC092498A2F9B44E27804C039632A192C8329F0DF25B196E6AB5E07FB3732B94990A2F0490FB07D9E33B0AA2830EDB572D7C7968A193B83FF869F65ABEDEC65EB03EA6DF0CD6C077DE627FD3583AFDA1754E655BE7ECF7A2BEAA422E516B26194FAEFEE6F535439B413325E1263E7E797DE9D717540A96AF360F8EE1FD4B190A513E83AEF6BCAB5A245F4A4F129F5F8AED11A558FE968A0CF2E254438384D0EE91BEE99A39696821DBA585144FA65484897CFC517FCE1D1512F792C6996063585F640AC9480220ED1FF3EDC1D7E55344977F71692D6F5DB091821A3F9612B65138848B874A93A71A74039337BF291938B0A8ACA2141BE969DCE4322A276C86C5A8E369EF6717158B46EBE48F8F9BC4F2E46203AC21CDD9F0ED1989F7D964D46D7DA63444C9CADA82AF53E38873A5D3F68868CA4F65748210716658F2A841B3890E773A2623A59073F14A0F2F1B0893FDBE5BA72FC9609DB8E8A56A322E2B4178CE7B2022D741BD256303D926B48D5239B354F611C52B475C62351854D6E27C89231E7E7972C19C7D6F5BEB07D1A1FF827348DA862F422047A2DB7B591AE497578A4BA95CBECFB503F5DC04C0C6A946FFB515F2F0BDC4332F2674706F7C1908B681D8EE3667777092C06DC9CF00F98143F4A1350FCBAEBB5157A5473D33F51778987B35B1D48249A491EE8F8778DE6DC29131F708642884BED0B0D159E1EFE428D18D3631F13A593323F1659FE9E1A708115D2F131DCC3808CE016036FF1D0D9193CBEB2CD1C49F9973E0BCB09A2A9394E2F55A5EC1993
35120170711070835 2 6 100 8191 2 DDFBC1CD4FB7E30639422038F1FFBA2CD3EC3915F3C923282C6588F6EB218FF7B24870C0FE4B48213AB0948E101686FB7B0093ED467B6CA413EDD4B0BFE2155AEBC4DA3D2DD0C78DA9AD989A0E989010D6D5E86A123C169E126F97826EE5F602FF641FDF642A107E7538CB61740CBAF69F6C7DC5DD4DF28998AB61B8672F0B74A3A8DD7D165828D69DCC1BAE4D45F707C3894E040BCC0AF7AA810A6D5CB89276217EB7AFAFE4966D68C10318E8C8CB23CA593E8057F29FF9154908B11D6530E6352F9406C81D9DAC5C298979320B4E0DD89203A1F680C8084154D0439DB6C53EDAF6FCC0E8682EC99D345180120AEC810CBB0C2F1B6D1B660ACEAAD5996A5D184659B6A1F11456BA6A5E94D223959D8171C030499A9DB458702CB35CA7E7CD75D26FF5E94640AB8740ECE82559784BB6D5CB4D041D053629BD3F4178077F3F7E280296C46A3F0FBC37813A1AA221FBA2612F0CFE56450E9B1F2C2AE278EC7A7AAB66D61FA9749FE997EDC31131091620897014D33B2386B490CFD80656B7D2EB08C9DA9928798986996D60F74D766EB8988E2FF676E38C587E7A6651AA28BEB8BB56EBBD6E641E92309AEAA671A5F2EC72629442D2C3A4C2B8E4304DC71B342CD116527832078E6B53C1E0A72909615B408E17625F7259ACA98E46359448FC141F57B51A069B8A402AE3A87E10AE7E910F3916BAC6CE716C539E825A06626673DE7EBD899A3982FCC599791E7CA964C0D37BB076708C03DC7C022980974025C0EA9B72CC3D0A03E4626E030E9C857ECF6B3807AC9E8E0F72098C7E80DAA05BFF60394A8374096878F015597DD5B22E65646A7DDC87B5F6AE68594DF39B0BDB2675A32369AD81FD62033146B8DA6A801E918572CBC70DEBA9F70D088D69425733ACE0084E60E7FCB459A5B71F74F711184B1AEA240834D28D049474BB2E7ED1B17AA2B5EB7D274341456834320BE8FB245B1C2B84A096E7E40573FEB7C2997ED16C8C2C62409B8064398ED220FA82C59E53AD7E864C24473FCC7F017B897D5855F092A9428957467EFD93F67D3FA302C578328A9484CD0496CC83BEAC96504F9601DA2048D25BF43B5A69E46234A164D854B89DF1DEDC36F0304BA5FC035B27E782087C3EC0A81840A3EC042204C63F9698CC74A818428039B23664C409529C4EDD822DF77819805023795EE625D524F12824C1F1FE99546DF75107AFFF7D424C4C3FB3D0BDA2E9BC0D93603457FFE44FABEAB1E6B62223B201D42784731BEE11E0FF0BF29C930DAF913F974739800522E2B9C4094475A5F35AA92E2939E5719EB4EE19446ADC9ECC7EE6BAB5D264C9E74AB6DE856D541146048341EB51734A34E33EF8D929F645E23FD902CB5676DA9C84C9F46490710DC8CF2AA922252C3885CBD8D0CB1D176CAFEB46A625C56BE949F487C6E35E2CE481F024C8899321BE1B 35120171216211154 2 6 100 7679 5 DC810DED621062F0CB271F50E716119CBA30A56C758377BD69D70043B8C9ACA2E7EFA9896D324B18FB1A550BDB994533A67258C7EB28B23D1AFB6D3FE0C5C8AD961F2BFAE67E57978F749D3F33A0D9AEAFD817FD663E60298D0DF73E4B27A85B6799D929240EC6C4C59E0D98E0A7875F3FCC3E29394083D1344F78DC70B5E23C108A03B7B81121BEDD2093262B7E32C7AB695AD545D3A99F410199DDD9759FE1EE8502180206841B3C74CB6A939B38707309B421A75FFEC30C977F91A9F9F3C9F65EF2EA6251E72F8A65C7753815C188320E91B079EDFB9F1D480F529B67075B57523C44895DE2427D32D3935EAC5F46659C5F723C9BB006862EF143A77C384560EB5474F8D034FC8059F6D7BCD9EBD17D2740741FB4025CF87FFE3DAAFF72C8D9D10E1F779AEC56D3C6340426E2D980EAA07C46F2E720D1B8206D2A29162C6CA877FA89C0876DA70FF3A773BDEE1BB5831EFB58A9191430B0DE46EA4F484642F257AC176B74A91A02594D00D2FD30BE4927DED30C4389245EC5ECA93B1B08AFBB86B8012394F8CB874DC092498A2F9B44E27804C039632A192C8329F0DF25B196E6AB5E07FB3732B94990A2F0490FB07D9E33B0AA2830EDB572D7C7968A193B83FF869F65ABEDEC65EB03EA6DF0CD6C077DE627FD3583AFDA1754E655BE7ECF7A2BEAA422E516B26194FAEFEE6F535439B413325E1263E7E797DE9D717540A96AF360F8EE1FD4B190A513E83AEF6BCAB5A245F4A4F129F5F8AED11A558FE968A0CF2E254438384D0EE91BEE99A39696821DBA585144FA65484897CFC517FCE1D1512F792C6996063585F640AC9480220ED1FF3EDC1D7E55344977F71692D6F5DB091821A3F9612B65138848B874A93A71A74039337BF291938B0A8ACA2141BE969DCE4322A276C86C5A8E369EF6717158B46EBE48F8F9BC4F2E46203AC21CDD9F0ED1989F7D964D46D7DA63444C9CADA82AF53E38873A5D3F68868CA4F65748210716658F2A841B3890E773A2623A59073F14A0F2F1B0893FDBE5BA72FC9609DB8E8A56A322E2B4178CE7B2022D741BD256303D926B48D5239B354F611C52B475C62351854D6E27C89231E7E7972C19C7D6F5BEB07D1A1FF827348DA862F422047A2DB7B591AE497578A4BA95CBECFB503F5DC04C0C6A946FFB515F2F0BDC4332F2674706F7C1908B681D8EE3667777092C06DC9CF00F98143F4A1350FCBAEBB5157A5473D33F51778987B35B1D48249A491EE8F8778DE6DC29131F708642884BED0B0D159E1EFE428D18D3631F13A593323F1659FE9E1A708115D2F131DCC3808CE016036FF1D0D9193CBEB2CD1C49F9973E0BCB09A2A9394E2F55A8EA2ED7
35220170712081942 2 6 100 8191 2 DDFBC1CD4FB7E30639422038F1FFBA2CD3EC3915F3C923282C6588F6EB218FF7B24870C0FE4B48213AB0948E101686FB7B0093ED467B6CA413EDD4B0BFE2155AEBC4DA3D2DD0C78DA9AD989A0E989010D6D5E86A123C169E126F97826EE5F602FF641FDF642A107E7538CB61740CBAF69F6C7DC5DD4DF28998AB61B8672F0B74A3A8DD7D165828D69DCC1BAE4D45F707C3894E040BCC0AF7AA810A6D5CB89276217EB7AFAFE4966D68C10318E8C8CB23CA593E8057F29FF9154908B11D6530E6352F9406C81D9DAC5C298979320B4E0DD89203A1F680C8084154D0439DB6C53EDAF6FCC0E8682EC99D345180120AEC810CBB0C2F1B6D1B660ACEAAD5996A5D184659B6A1F11456BA6A5E94D223959D8171C030499A9DB458702CB35CA7E7CD75D26FF5E94640AB8740ECE82559784BB6D5CB4D041D053629BD3F4178077F3F7E280296C46A3F0FBC37813A1AA221FBA2612F0CFE56450E9B1F2C2AE278EC7A7AAB66D61FA9749FE997EDC31131091620897014D33B2386B490CFD80656B7D2EB08C9DA9928798986996D60F74D766EB8988E2FF676E38C587E7A6651AA28BEB8BB56EBBD6E641E92309AEAA671A5F2EC72629442D2C3A4C2B8E4304DC71B342CD116527832078E6B53C1E0A72909615B408E17625F7259ACA98E46359448FC141F57B51A069B8A402AE3A87E10AE7E910F3916BAC6CE716C539E825A06626673DE7EBD899A3982FCC599791E7CA964C0D37BB076708C03DC7C022980974025C0EA9B72CC3D0A03E4626E030E9C857ECF6B3807AC9E8E0F72098C7E80DAA05BFF60394A8374096878F015597DD5B22E65646A7DDC87B5F6AE68594DF39B0BDB2675A32369AD81FD62033146B8DA6A801E918572CBC70DEBA9F70D088D69425733ACE0084E60E7FCB459A5B71F74F711184B1AEA240834D28D049474BB2E7ED1B17AA2B5EB7D274341456834320BE8FB245B1C2B84A096E7E40573FEB7C2997ED16C8C2C62409B8064398ED220FA82C59E53AD7E864C24473FCC7F017B897D5855F092A9428957467EFD93F67D3FA302C578328A9484CD0496CC83BEAC96504F9601DA2048D25BF43B5A69E46234A164D854B89DF1DEDC36F0304BA5FC035B27E782087C3EC0A81840A3EC042204C63F9698CC74A818428039B23664C409529C4EDD822DF77819805023795EE625D524F12824C1F1FE99546DF75107AFFF7D424C4C3FB3D0BDA2E9BC0D93603457FFE44FABEAB1E6B62223B201D42784731BEE11E0FF0BF29C930DAF913F974739800522E2B9C4094475A5F35AA92E2939E5719EB4EE19446ADC9ECC7EE6BAB5D264C9E74AB6DE856D541146048341EB51734A34E33EF8D929F645E23FD902CB5676DA9C84C9F46490710DC8CF2AA922252C3885CBD8D0CB1D176CAFEB46A625C56BE949F487C6E35E2CE481F024C889A5694573 35220171217022713 2 6 100 7679 5 DC810DED621062F0CB271F50E716119CBA30A56C758377BD69D70043B8C9ACA2E7EFA9896D324B18FB1A550BDB994533A67258C7EB28B23D1AFB6D3FE0C5C8AD961F2BFAE67E57978F749D3F33A0D9AEAFD817FD663E60298D0DF73E4B27A85B6799D929240EC6C4C59E0D98E0A7875F3FCC3E29394083D1344F78DC70B5E23C108A03B7B81121BEDD2093262B7E32C7AB695AD545D3A99F410199DDD9759FE1EE8502180206841B3C74CB6A939B38707309B421A75FFEC30C977F91A9F9F3C9F65EF2EA6251E72F8A65C7753815C188320E91B079EDFB9F1D480F529B67075B57523C44895DE2427D32D3935EAC5F46659C5F723C9BB006862EF143A77C384560EB5474F8D034FC8059F6D7BCD9EBD17D2740741FB4025CF87FFE3DAAFF72C8D9D10E1F779AEC56D3C6340426E2D980EAA07C46F2E720D1B8206D2A29162C6CA877FA89C0876DA70FF3A773BDEE1BB5831EFB58A9191430B0DE46EA4F484642F257AC176B74A91A02594D00D2FD30BE4927DED30C4389245EC5ECA93B1B08AFBB86B8012394F8CB874DC092498A2F9B44E27804C039632A192C8329F0DF25B196E6AB5E07FB3732B94990A2F0490FB07D9E33B0AA2830EDB572D7C7968A193B83FF869F65ABEDEC65EB03EA6DF0CD6C077DE627FD3583AFDA1754E655BE7ECF7A2BEAA422E516B26194FAEFEE6F535439B413325E1263E7E797DE9D717540A96AF360F8EE1FD4B190A513E83AEF6BCAB5A245F4A4F129F5F8AED11A558FE968A0CF2E254438384D0EE91BEE99A39696821DBA585144FA65484897CFC517FCE1D1512F792C6996063585F640AC9480220ED1FF3EDC1D7E55344977F71692D6F5DB091821A3F9612B65138848B874A93A71A74039337BF291938B0A8ACA2141BE969DCE4322A276C86C5A8E369EF6717158B46EBE48F8F9BC4F2E46203AC21CDD9F0ED1989F7D964D46D7DA63444C9CADA82AF53E38873A5D3F68868CA4F65748210716658F2A841B3890E773A2623A59073F14A0F2F1B0893FDBE5BA72FC9609DB8E8A56A322E2B4178CE7B2022D741BD256303D926B48D5239B354F611C52B475C62351854D6E27C89231E7E7972C19C7D6F5BEB07D1A1FF827348DA862F422047A2DB7B591AE497578A4BA95CBECFB503F5DC04C0C6A946FFB515F2F0BDC4332F2674706F7C1908B681D8EE3667777092C06DC9CF00F98143F4A1350FCBAEBB5157A5473D33F51778987B35B1D48249A491EE8F8778DE6DC29131F708642884BED0B0D159E1EFE428D18D3631F13A593323F1659FE9E1A708115D2F131DCC3808CE016036FF1D0D9193CBEB2CD1C49F9973E0BCB09A2A9394E2F55ACD2DE8F
35320170712175235 2 6 100 8191 2 DDFBC1CD4FB7E30639422038F1FFBA2CD3EC3915F3C923282C6588F6EB218FF7B24870C0FE4B48213AB0948E101686FB7B0093ED467B6CA413EDD4B0BFE2155AEBC4DA3D2DD0C78DA9AD989A0E989010D6D5E86A123C169E126F97826EE5F602FF641FDF642A107E7538CB61740CBAF69F6C7DC5DD4DF28998AB61B8672F0B74A3A8DD7D165828D69DCC1BAE4D45F707C3894E040BCC0AF7AA810A6D5CB89276217EB7AFAFE4966D68C10318E8C8CB23CA593E8057F29FF9154908B11D6530E6352F9406C81D9DAC5C298979320B4E0DD89203A1F680C8084154D0439DB6C53EDAF6FCC0E8682EC99D345180120AEC810CBB0C2F1B6D1B660ACEAAD5996A5D184659B6A1F11456BA6A5E94D223959D8171C030499A9DB458702CB35CA7E7CD75D26FF5E94640AB8740ECE82559784BB6D5CB4D041D053629BD3F4178077F3F7E280296C46A3F0FBC37813A1AA221FBA2612F0CFE56450E9B1F2C2AE278EC7A7AAB66D61FA9749FE997EDC31131091620897014D33B2386B490CFD80656B7D2EB08C9DA9928798986996D60F74D766EB8988E2FF676E38C587E7A6651AA28BEB8BB56EBBD6E641E92309AEAA671A5F2EC72629442D2C3A4C2B8E4304DC71B342CD116527832078E6B53C1E0A72909615B408E17625F7259ACA98E46359448FC141F57B51A069B8A402AE3A87E10AE7E910F3916BAC6CE716C539E825A06626673DE7EBD899A3982FCC599791E7CA964C0D37BB076708C03DC7C022980974025C0EA9B72CC3D0A03E4626E030E9C857ECF6B3807AC9E8E0F72098C7E80DAA05BFF60394A8374096878F015597DD5B22E65646A7DDC87B5F6AE68594DF39B0BDB2675A32369AD81FD62033146B8DA6A801E918572CBC70DEBA9F70D088D69425733ACE0084E60E7FCB459A5B71F74F711184B1AEA240834D28D049474BB2E7ED1B17AA2B5EB7D274341456834320BE8FB245B1C2B84A096E7E40573FEB7C2997ED16C8C2C62409B8064398ED220FA82C59E53AD7E864C24473FCC7F017B897D5855F092A9428957467EFD93F67D3FA302C578328A9484CD0496CC83BEAC96504F9601DA2048D25BF43B5A69E46234A164D854B89DF1DEDC36F0304BA5FC035B27E782087C3EC0A81840A3EC042204C63F9698CC74A818428039B23664C409529C4EDD822DF77819805023795EE625D524F12824C1F1FE99546DF75107AFFF7D424C4C3FB3D0BDA2E9BC0D93603457FFE44FABEAB1E6B62223B201D42784731BEE11E0FF0BF29C930DAF913F974739800522E2B9C4094475A5F35AA92E2939E5719EB4EE19446ADC9ECC7EE6BAB5D264C9E74AB6DE856D541146048341EB51734A34E33EF8D929F645E23FD902CB5676DA9C84C9F46490710DC8CF2AA922252C3885CBD8D0CB1D176CAFEB46A625C56BE949F487C6E35E2CE481F024C889AC1C9503 35320171217032242 2 6 100 7679 5 DC810DED621062F0CB271F50E716119CBA30A56C758377BD69D70043B8C9ACA2E7EFA9896D324B18FB1A550BDB994533A67258C7EB28B23D1AFB6D3FE0C5C8AD961F2BFAE67E57978F749D3F33A0D9AEAFD817FD663E60298D0DF73E4B27A85B6799D929240EC6C4C59E0D98E0A7875F3FCC3E29394083D1344F78DC70B5E23C108A03B7B81121BEDD2093262B7E32C7AB695AD545D3A99F410199DDD9759FE1EE8502180206841B3C74CB6A939B38707309B421A75FFEC30C977F91A9F9F3C9F65EF2EA6251E72F8A65C7753815C188320E91B079EDFB9F1D480F529B67075B57523C44895DE2427D32D3935EAC5F46659C5F723C9BB006862EF143A77C384560EB5474F8D034FC8059F6D7BCD9EBD17D2740741FB4025CF87FFE3DAAFF72C8D9D10E1F779AEC56D3C6340426E2D980EAA07C46F2E720D1B8206D2A29162C6CA877FA89C0876DA70FF3A773BDEE1BB5831EFB58A9191430B0DE46EA4F484642F257AC176B74A91A02594D00D2FD30BE4927DED30C4389245EC5ECA93B1B08AFBB86B8012394F8CB874DC092498A2F9B44E27804C039632A192C8329F0DF25B196E6AB5E07FB3732B94990A2F0490FB07D9E33B0AA2830EDB572D7C7968A193B83FF869F65ABEDEC65EB03EA6DF0CD6C077DE627FD3583AFDA1754E655BE7ECF7A2BEAA422E516B26194FAEFEE6F535439B413325E1263E7E797DE9D717540A96AF360F8EE1FD4B190A513E83AEF6BCAB5A245F4A4F129F5F8AED11A558FE968A0CF2E254438384D0EE91BEE99A39696821DBA585144FA65484897CFC517FCE1D1512F792C6996063585F640AC9480220ED1FF3EDC1D7E55344977F71692D6F5DB091821A3F9612B65138848B874A93A71A74039337BF291938B0A8ACA2141BE969DCE4322A276C86C5A8E369EF6717158B46EBE48F8F9BC4F2E46203AC21CDD9F0ED1989F7D964D46D7DA63444C9CADA82AF53E38873A5D3F68868CA4F65748210716658F2A841B3890E773A2623A59073F14A0F2F1B0893FDBE5BA72FC9609DB8E8A56A322E2B4178CE7B2022D741BD256303D926B48D5239B354F611C52B475C62351854D6E27C89231E7E7972C19C7D6F5BEB07D1A1FF827348DA862F422047A2DB7B591AE497578A4BA95CBECFB503F5DC04C0C6A946FFB515F2F0BDC4332F2674706F7C1908B681D8EE3667777092C06DC9CF00F98143F4A1350FCBAEBB5157A5473D33F51778987B35B1D48249A491EE8F8778DE6DC29131F708642884BED0B0D159E1EFE428D18D3631F13A593323F1659FE9E1A708115D2F131DCC3808CE016036FF1D0D9193CBEB2CD1C49F9973E0BCB09A2A9394E2F55AD80002F
35420170712184856 2 6 100 8191 2 DDFBC1CD4FB7E30639422038F1FFBA2CD3EC3915F3C923282C6588F6EB218FF7B24870C0FE4B48213AB0948E101686FB7B0093ED467B6CA413EDD4B0BFE2155AEBC4DA3D2DD0C78DA9AD989A0E989010D6D5E86A123C169E126F97826EE5F602FF641FDF642A107E7538CB61740CBAF69F6C7DC5DD4DF28998AB61B8672F0B74A3A8DD7D165828D69DCC1BAE4D45F707C3894E040BCC0AF7AA810A6D5CB89276217EB7AFAFE4966D68C10318E8C8CB23CA593E8057F29FF9154908B11D6530E6352F9406C81D9DAC5C298979320B4E0DD89203A1F680C8084154D0439DB6C53EDAF6FCC0E8682EC99D345180120AEC810CBB0C2F1B6D1B660ACEAAD5996A5D184659B6A1F11456BA6A5E94D223959D8171C030499A9DB458702CB35CA7E7CD75D26FF5E94640AB8740ECE82559784BB6D5CB4D041D053629BD3F4178077F3F7E280296C46A3F0FBC37813A1AA221FBA2612F0CFE56450E9B1F2C2AE278EC7A7AAB66D61FA9749FE997EDC31131091620897014D33B2386B490CFD80656B7D2EB08C9DA9928798986996D60F74D766EB8988E2FF676E38C587E7A6651AA28BEB8BB56EBBD6E641E92309AEAA671A5F2EC72629442D2C3A4C2B8E4304DC71B342CD116527832078E6B53C1E0A72909615B408E17625F7259ACA98E46359448FC141F57B51A069B8A402AE3A87E10AE7E910F3916BAC6CE716C539E825A06626673DE7EBD899A3982FCC599791E7CA964C0D37BB076708C03DC7C022980974025C0EA9B72CC3D0A03E4626E030E9C857ECF6B3807AC9E8E0F72098C7E80DAA05BFF60394A8374096878F015597DD5B22E65646A7DDC87B5F6AE68594DF39B0BDB2675A32369AD81FD62033146B8DA6A801E918572CBC70DEBA9F70D088D69425733ACE0084E60E7FCB459A5B71F74F711184B1AEA240834D28D049474BB2E7ED1B17AA2B5EB7D274341456834320BE8FB245B1C2B84A096E7E40573FEB7C2997ED16C8C2C62409B8064398ED220FA82C59E53AD7E864C24473FCC7F017B897D5855F092A9428957467EFD93F67D3FA302C578328A9484CD0496CC83BEAC96504F9601DA2048D25BF43B5A69E46234A164D854B89DF1DEDC36F0304BA5FC035B27E782087C3EC0A81840A3EC042204C63F9698CC74A818428039B23664C409529C4EDD822DF77819805023795EE625D524F12824C1F1FE99546DF75107AFFF7D424C4C3FB3D0BDA2E9BC0D93603457FFE44FABEAB1E6B62223B201D42784731BEE11E0FF0BF29C930DAF913F974739800522E2B9C4094475A5F35AA92E2939E5719EB4EE19446ADC9ECC7EE6BAB5D264C9E74AB6DE856D541146048341EB51734A34E33EF8D929F645E23FD902CB5676DA9C84C9F46490710DC8CF2AA922252C3885CBD8D0CB1D176CAFEB46A625C56BE949F487C6E35E2CE481F024C889ACBA643B 35420171217074522 2 6 100 7679 5 DC810DED621062F0CB271F50E716119CBA30A56C758377BD69D70043B8C9ACA2E7EFA9896D324B18FB1A550BDB994533A67258C7EB28B23D1AFB6D3FE0C5C8AD961F2BFAE67E57978F749D3F33A0D9AEAFD817FD663E60298D0DF73E4B27A85B6799D929240EC6C4C59E0D98E0A7875F3FCC3E29394083D1344F78DC70B5E23C108A03B7B81121BEDD2093262B7E32C7AB695AD545D3A99F410199DDD9759FE1EE8502180206841B3C74CB6A939B38707309B421A75FFEC30C977F91A9F9F3C9F65EF2EA6251E72F8A65C7753815C188320E91B079EDFB9F1D480F529B67075B57523C44895DE2427D32D3935EAC5F46659C5F723C9BB006862EF143A77C384560EB5474F8D034FC8059F6D7BCD9EBD17D2740741FB4025CF87FFE3DAAFF72C8D9D10E1F779AEC56D3C6340426E2D980EAA07C46F2E720D1B8206D2A29162C6CA877FA89C0876DA70FF3A773BDEE1BB5831EFB58A9191430B0DE46EA4F484642F257AC176B74A91A02594D00D2FD30BE4927DED30C4389245EC5ECA93B1B08AFBB86B8012394F8CB874DC092498A2F9B44E27804C039632A192C8329F0DF25B196E6AB5E07FB3732B94990A2F0490FB07D9E33B0AA2830EDB572D7C7968A193B83FF869F65ABEDEC65EB03EA6DF0CD6C077DE627FD3583AFDA1754E655BE7ECF7A2BEAA422E516B26194FAEFEE6F535439B413325E1263E7E797DE9D717540A96AF360F8EE1FD4B190A513E83AEF6BCAB5A245F4A4F129F5F8AED11A558FE968A0CF2E254438384D0EE91BEE99A39696821DBA585144FA65484897CFC517FCE1D1512F792C6996063585F640AC9480220ED1FF3EDC1D7E55344977F71692D6F5DB091821A3F9612B65138848B874A93A71A74039337BF291938B0A8ACA2141BE969DCE4322A276C86C5A8E369EF6717158B46EBE48F8F9BC4F2E46203AC21CDD9F0ED1989F7D964D46D7DA63444C9CADA82AF53E38873A5D3F68868CA4F65748210716658F2A841B3890E773A2623A59073F14A0F2F1B0893FDBE5BA72FC9609DB8E8A56A322E2B4178CE7B2022D741BD256303D926B48D5239B354F611C52B475C62351854D6E27C89231E7E7972C19C7D6F5BEB07D1A1FF827348DA862F422047A2DB7B591AE497578A4BA95CBECFB503F5DC04C0C6A946FFB515F2F0BDC4332F2674706F7C1908B681D8EE3667777092C06DC9CF00F98143F4A1350FCBAEBB5157A5473D33F51778987B35B1D48249A491EE8F8778DE6DC29131F708642884BED0B0D159E1EFE428D18D3631F13A593323F1659FE9E1A708115D2F131DCC3808CE016036FF1D0D9193CBEB2CD1C49F9973E0BCB09A2A9394E2F55B0B564D7
35520170712224446 2 6 100 8191 2 DDFBC1CD4FB7E30639422038F1FFBA2CD3EC3915F3C923282C6588F6EB218FF7B24870C0FE4B48213AB0948E101686FB7B0093ED467B6CA413EDD4B0BFE2155AEBC4DA3D2DD0C78DA9AD989A0E989010D6D5E86A123C169E126F97826EE5F602FF641FDF642A107E7538CB61740CBAF69F6C7DC5DD4DF28998AB61B8672F0B74A3A8DD7D165828D69DCC1BAE4D45F707C3894E040BCC0AF7AA810A6D5CB89276217EB7AFAFE4966D68C10318E8C8CB23CA593E8057F29FF9154908B11D6530E6352F9406C81D9DAC5C298979320B4E0DD89203A1F680C8084154D0439DB6C53EDAF6FCC0E8682EC99D345180120AEC810CBB0C2F1B6D1B660ACEAAD5996A5D184659B6A1F11456BA6A5E94D223959D8171C030499A9DB458702CB35CA7E7CD75D26FF5E94640AB8740ECE82559784BB6D5CB4D041D053629BD3F4178077F3F7E280296C46A3F0FBC37813A1AA221FBA2612F0CFE56450E9B1F2C2AE278EC7A7AAB66D61FA9749FE997EDC31131091620897014D33B2386B490CFD80656B7D2EB08C9DA9928798986996D60F74D766EB8988E2FF676E38C587E7A6651AA28BEB8BB56EBBD6E641E92309AEAA671A5F2EC72629442D2C3A4C2B8E4304DC71B342CD116527832078E6B53C1E0A72909615B408E17625F7259ACA98E46359448FC141F57B51A069B8A402AE3A87E10AE7E910F3916BAC6CE716C539E825A06626673DE7EBD899A3982FCC599791E7CA964C0D37BB076708C03DC7C022980974025C0EA9B72CC3D0A03E4626E030E9C857ECF6B3807AC9E8E0F72098C7E80DAA05BFF60394A8374096878F015597DD5B22E65646A7DDC87B5F6AE68594DF39B0BDB2675A32369AD81FD62033146B8DA6A801E918572CBC70DEBA9F70D088D69425733ACE0084E60E7FCB459A5B71F74F711184B1AEA240834D28D049474BB2E7ED1B17AA2B5EB7D274341456834320BE8FB245B1C2B84A096E7E40573FEB7C2997ED16C8C2C62409B8064398ED220FA82C59E53AD7E864C24473FCC7F017B897D5855F092A9428957467EFD93F67D3FA302C578328A9484CD0496CC83BEAC96504F9601DA2048D25BF43B5A69E46234A164D854B89DF1DEDC36F0304BA5FC035B27E782087C3EC0A81840A3EC042204C63F9698CC74A818428039B23664C409529C4EDD822DF77819805023795EE625D524F12824C1F1FE99546DF75107AFFF7D424C4C3FB3D0BDA2E9BC0D93603457FFE44FABEAB1E6B62223B201D42784731BEE11E0FF0BF29C930DAF913F974739800522E2B9C4094475A5F35AA92E2939E5719EB4EE19446ADC9ECC7EE6BAB5D264C9E74AB6DE856D541146048341EB51734A34E33EF8D929F645E23FD902CB5676DA9C84C9F46490710DC8CF2AA922252C3885CBD8D0CB1D176CAFEB46A625C56BE949F487C6E35E2CE481F024C889AF76B1E3 35520171217095738 2 6 100 7679 2 DC810DED621062F0CB271F50E716119CBA30A56C758377BD69D70043B8C9ACA2E7EFA9896D324B18FB1A550BDB994533A67258C7EB28B23D1AFB6D3FE0C5C8AD961F2BFAE67E57978F749D3F33A0D9AEAFD817FD663E60298D0DF73E4B27A85B6799D929240EC6C4C59E0D98E0A7875F3FCC3E29394083D1344F78DC70B5E23C108A03B7B81121BEDD2093262B7E32C7AB695AD545D3A99F410199DDD9759FE1EE8502180206841B3C74CB6A939B38707309B421A75FFEC30C977F91A9F9F3C9F65EF2EA6251E72F8A65C7753815C188320E91B079EDFB9F1D480F529B67075B57523C44895DE2427D32D3935EAC5F46659C5F723C9BB006862EF143A77C384560EB5474F8D034FC8059F6D7BCD9EBD17D2740741FB4025CF87FFE3DAAFF72C8D9D10E1F779AEC56D3C6340426E2D980EAA07C46F2E720D1B8206D2A29162C6CA877FA89C0876DA70FF3A773BDEE1BB5831EFB58A9191430B0DE46EA4F484642F257AC176B74A91A02594D00D2FD30BE4927DED30C4389245EC5ECA93B1B08AFBB86B8012394F8CB874DC092498A2F9B44E27804C039632A192C8329F0DF25B196E6AB5E07FB3732B94990A2F0490FB07D9E33B0AA2830EDB572D7C7968A193B83FF869F65ABEDEC65EB03EA6DF0CD6C077DE627FD3583AFDA1754E655BE7ECF7A2BEAA422E516B26194FAEFEE6F535439B413325E1263E7E797DE9D717540A96AF360F8EE1FD4B190A513E83AEF6BCAB5A245F4A4F129F5F8AED11A558FE968A0CF2E254438384D0EE91BEE99A39696821DBA585144FA65484897CFC517FCE1D1512F792C6996063585F640AC9480220ED1FF3EDC1D7E55344977F71692D6F5DB091821A3F9612B65138848B874A93A71A74039337BF291938B0A8ACA2141BE969DCE4322A276C86C5A8E369EF6717158B46EBE48F8F9BC4F2E46203AC21CDD9F0ED1989F7D964D46D7DA63444C9CADA82AF53E38873A5D3F68868CA4F65748210716658F2A841B3890E773A2623A59073F14A0F2F1B0893FDBE5BA72FC9609DB8E8A56A322E2B4178CE7B2022D741BD256303D926B48D5239B354F611C52B475C62351854D6E27C89231E7E7972C19C7D6F5BEB07D1A1FF827348DA862F422047A2DB7B591AE497578A4BA95CBECFB503F5DC04C0C6A946FFB515F2F0BDC4332F2674706F7C1908B681D8EE3667777092C06DC9CF00F98143F4A1350FCBAEBB5157A5473D33F51778987B35B1D48249A491EE8F8778DE6DC29131F708642884BED0B0D159E1EFE428D18D3631F13A593323F1659FE9E1A708115D2F131DCC3808CE016036FF1D0D9193CBEB2CD1C49F9973E0BCB09A2A9394E2F55B254E7FB
35620170713034208 2 6 100 8191 5 DDFBC1CD4FB7E30639422038F1FFBA2CD3EC3915F3C923282C6588F6EB218FF7B24870C0FE4B48213AB0948E101686FB7B0093ED467B6CA413EDD4B0BFE2155AEBC4DA3D2DD0C78DA9AD989A0E989010D6D5E86A123C169E126F97826EE5F602FF641FDF642A107E7538CB61740CBAF69F6C7DC5DD4DF28998AB61B8672F0B74A3A8DD7D165828D69DCC1BAE4D45F707C3894E040BCC0AF7AA810A6D5CB89276217EB7AFAFE4966D68C10318E8C8CB23CA593E8057F29FF9154908B11D6530E6352F9406C81D9DAC5C298979320B4E0DD89203A1F680C8084154D0439DB6C53EDAF6FCC0E8682EC99D345180120AEC810CBB0C2F1B6D1B660ACEAAD5996A5D184659B6A1F11456BA6A5E94D223959D8171C030499A9DB458702CB35CA7E7CD75D26FF5E94640AB8740ECE82559784BB6D5CB4D041D053629BD3F4178077F3F7E280296C46A3F0FBC37813A1AA221FBA2612F0CFE56450E9B1F2C2AE278EC7A7AAB66D61FA9749FE997EDC31131091620897014D33B2386B490CFD80656B7D2EB08C9DA9928798986996D60F74D766EB8988E2FF676E38C587E7A6651AA28BEB8BB56EBBD6E641E92309AEAA671A5F2EC72629442D2C3A4C2B8E4304DC71B342CD116527832078E6B53C1E0A72909615B408E17625F7259ACA98E46359448FC141F57B51A069B8A402AE3A87E10AE7E910F3916BAC6CE716C539E825A06626673DE7EBD899A3982FCC599791E7CA964C0D37BB076708C03DC7C022980974025C0EA9B72CC3D0A03E4626E030E9C857ECF6B3807AC9E8E0F72098C7E80DAA05BFF60394A8374096878F015597DD5B22E65646A7DDC87B5F6AE68594DF39B0BDB2675A32369AD81FD62033146B8DA6A801E918572CBC70DEBA9F70D088D69425733ACE0084E60E7FCB459A5B71F74F711184B1AEA240834D28D049474BB2E7ED1B17AA2B5EB7D274341456834320BE8FB245B1C2B84A096E7E40573FEB7C2997ED16C8C2C62409B8064398ED220FA82C59E53AD7E864C24473FCC7F017B897D5855F092A9428957467EFD93F67D3FA302C578328A9484CD0496CC83BEAC96504F9601DA2048D25BF43B5A69E46234A164D854B89DF1DEDC36F0304BA5FC035B27E782087C3EC0A81840A3EC042204C63F9698CC74A818428039B23664C409529C4EDD822DF77819805023795EE625D524F12824C1F1FE99546DF75107AFFF7D424C4C3FB3D0BDA2E9BC0D93603457FFE44FABEAB1E6B62223B201D42784731BEE11E0FF0BF29C930DAF913F974739800522E2B9C4094475A5F35AA92E2939E5719EB4EE19446ADC9ECC7EE6BAB5D264C9E74AB6DE856D541146048341EB51734A34E33EF8D929F645E23FD902CB5676DA9C84C9F46490710DC8CF2AA922252C3885CBD8D0CB1D176CAFEB46A625C56BE949F487C6E35E2CE481F024C889B2F38EEF 35620171217120716 2 6 100 7679 2 DC810DED621062F0CB271F50E716119CBA30A56C758377BD69D70043B8C9ACA2E7EFA9896D324B18FB1A550BDB994533A67258C7EB28B23D1AFB6D3FE0C5C8AD961F2BFAE67E57978F749D3F33A0D9AEAFD817FD663E60298D0DF73E4B27A85B6799D929240EC6C4C59E0D98E0A7875F3FCC3E29394083D1344F78DC70B5E23C108A03B7B81121BEDD2093262B7E32C7AB695AD545D3A99F410199DDD9759FE1EE8502180206841B3C74CB6A939B38707309B421A75FFEC30C977F91A9F9F3C9F65EF2EA6251E72F8A65C7753815C188320E91B079EDFB9F1D480F529B67075B57523C44895DE2427D32D3935EAC5F46659C5F723C9BB006862EF143A77C384560EB5474F8D034FC8059F6D7BCD9EBD17D2740741FB4025CF87FFE3DAAFF72C8D9D10E1F779AEC56D3C6340426E2D980EAA07C46F2E720D1B8206D2A29162C6CA877FA89C0876DA70FF3A773BDEE1BB5831EFB58A9191430B0DE46EA4F484642F257AC176B74A91A02594D00D2FD30BE4927DED30C4389245EC5ECA93B1B08AFBB86B8012394F8CB874DC092498A2F9B44E27804C039632A192C8329F0DF25B196E6AB5E07FB3732B94990A2F0490FB07D9E33B0AA2830EDB572D7C7968A193B83FF869F65ABEDEC65EB03EA6DF0CD6C077DE627FD3583AFDA1754E655BE7ECF7A2BEAA422E516B26194FAEFEE6F535439B413325E1263E7E797DE9D717540A96AF360F8EE1FD4B190A513E83AEF6BCAB5A245F4A4F129F5F8AED11A558FE968A0CF2E254438384D0EE91BEE99A39696821DBA585144FA65484897CFC517FCE1D1512F792C6996063585F640AC9480220ED1FF3EDC1D7E55344977F71692D6F5DB091821A3F9612B65138848B874A93A71A74039337BF291938B0A8ACA2141BE969DCE4322A276C86C5A8E369EF6717158B46EBE48F8F9BC4F2E46203AC21CDD9F0ED1989F7D964D46D7DA63444C9CADA82AF53E38873A5D3F68868CA4F65748210716658F2A841B3890E773A2623A59073F14A0F2F1B0893FDBE5BA72FC9609DB8E8A56A322E2B4178CE7B2022D741BD256303D926B48D5239B354F611C52B475C62351854D6E27C89231E7E7972C19C7D6F5BEB07D1A1FF827348DA862F422047A2DB7B591AE497578A4BA95CBECFB503F5DC04C0C6A946FFB515F2F0BDC4332F2674706F7C1908B681D8EE3667777092C06DC9CF00F98143F4A1350FCBAEBB5157A5473D33F51778987B35B1D48249A491EE8F8778DE6DC29131F708642884BED0B0D159E1EFE428D18D3631F13A593323F1659FE9E1A708115D2F131DCC3808CE016036FF1D0D9193CBEB2CD1C49F9973E0BCB09A2A9394E2F55B3EDC9EB
35720170713034622 2 6 100 8191 5 DDFBC1CD4FB7E30639422038F1FFBA2CD3EC3915F3C923282C6588F6EB218FF7B24870C0FE4B48213AB0948E101686FB7B0093ED467B6CA413EDD4B0BFE2155AEBC4DA3D2DD0C78DA9AD989A0E989010D6D5E86A123C169E126F97826EE5F602FF641FDF642A107E7538CB61740CBAF69F6C7DC5DD4DF28998AB61B8672F0B74A3A8DD7D165828D69DCC1BAE4D45F707C3894E040BCC0AF7AA810A6D5CB89276217EB7AFAFE4966D68C10318E8C8CB23CA593E8057F29FF9154908B11D6530E6352F9406C81D9DAC5C298979320B4E0DD89203A1F680C8084154D0439DB6C53EDAF6FCC0E8682EC99D345180120AEC810CBB0C2F1B6D1B660ACEAAD5996A5D184659B6A1F11456BA6A5E94D223959D8171C030499A9DB458702CB35CA7E7CD75D26FF5E94640AB8740ECE82559784BB6D5CB4D041D053629BD3F4178077F3F7E280296C46A3F0FBC37813A1AA221FBA2612F0CFE56450E9B1F2C2AE278EC7A7AAB66D61FA9749FE997EDC31131091620897014D33B2386B490CFD80656B7D2EB08C9DA9928798986996D60F74D766EB8988E2FF676E38C587E7A6651AA28BEB8BB56EBBD6E641E92309AEAA671A5F2EC72629442D2C3A4C2B8E4304DC71B342CD116527832078E6B53C1E0A72909615B408E17625F7259ACA98E46359448FC141F57B51A069B8A402AE3A87E10AE7E910F3916BAC6CE716C539E825A06626673DE7EBD899A3982FCC599791E7CA964C0D37BB076708C03DC7C022980974025C0EA9B72CC3D0A03E4626E030E9C857ECF6B3807AC9E8E0F72098C7E80DAA05BFF60394A8374096878F015597DD5B22E65646A7DDC87B5F6AE68594DF39B0BDB2675A32369AD81FD62033146B8DA6A801E918572CBC70DEBA9F70D088D69425733ACE0084E60E7FCB459A5B71F74F711184B1AEA240834D28D049474BB2E7ED1B17AA2B5EB7D274341456834320BE8FB245B1C2B84A096E7E40573FEB7C2997ED16C8C2C62409B8064398ED220FA82C59E53AD7E864C24473FCC7F017B897D5855F092A9428957467EFD93F67D3FA302C578328A9484CD0496CC83BEAC96504F9601DA2048D25BF43B5A69E46234A164D854B89DF1DEDC36F0304BA5FC035B27E782087C3EC0A81840A3EC042204C63F9698CC74A818428039B23664C409529C4EDD822DF77819805023795EE625D524F12824C1F1FE99546DF75107AFFF7D424C4C3FB3D0BDA2E9BC0D93603457FFE44FABEAB1E6B62223B201D42784731BEE11E0FF0BF29C930DAF913F974739800522E2B9C4094475A5F35AA92E2939E5719EB4EE19446ADC9ECC7EE6BAB5D264C9E74AB6DE856D541146048341EB51734A34E33EF8D929F645E23FD902CB5676DA9C84C9F46490710DC8CF2AA922252C3885CBD8D0CB1D176CAFEB46A625C56BE949F487C6E35E2CE481F024C889B2F6567F 35720171217153508 2 6 100 7679 2 DC810DED621062F0CB271F50E716119CBA30A56C758377BD69D70043B8C9ACA2E7EFA9896D324B18FB1A550BDB994533A67258C7EB28B23D1AFB6D3FE0C5C8AD961F2BFAE67E57978F749D3F33A0D9AEAFD817FD663E60298D0DF73E4B27A85B6799D929240EC6C4C59E0D98E0A7875F3FCC3E29394083D1344F78DC70B5E23C108A03B7B81121BEDD2093262B7E32C7AB695AD545D3A99F410199DDD9759FE1EE8502180206841B3C74CB6A939B38707309B421A75FFEC30C977F91A9F9F3C9F65EF2EA6251E72F8A65C7753815C188320E91B079EDFB9F1D480F529B67075B57523C44895DE2427D32D3935EAC5F46659C5F723C9BB006862EF143A77C384560EB5474F8D034FC8059F6D7BCD9EBD17D2740741FB4025CF87FFE3DAAFF72C8D9D10E1F779AEC56D3C6340426E2D980EAA07C46F2E720D1B8206D2A29162C6CA877FA89C0876DA70FF3A773BDEE1BB5831EFB58A9191430B0DE46EA4F484642F257AC176B74A91A02594D00D2FD30BE4927DED30C4389245EC5ECA93B1B08AFBB86B8012394F8CB874DC092498A2F9B44E27804C039632A192C8329F0DF25B196E6AB5E07FB3732B94990A2F0490FB07D9E33B0AA2830EDB572D7C7968A193B83FF869F65ABEDEC65EB03EA6DF0CD6C077DE627FD3583AFDA1754E655BE7ECF7A2BEAA422E516B26194FAEFEE6F535439B413325E1263E7E797DE9D717540A96AF360F8EE1FD4B190A513E83AEF6BCAB5A245F4A4F129F5F8AED11A558FE968A0CF2E254438384D0EE91BEE99A39696821DBA585144FA65484897CFC517FCE1D1512F792C6996063585F640AC9480220ED1FF3EDC1D7E55344977F71692D6F5DB091821A3F9612B65138848B874A93A71A74039337BF291938B0A8ACA2141BE969DCE4322A276C86C5A8E369EF6717158B46EBE48F8F9BC4F2E46203AC21CDD9F0ED1989F7D964D46D7DA63444C9CADA82AF53E38873A5D3F68868CA4F65748210716658F2A841B3890E773A2623A59073F14A0F2F1B0893FDBE5BA72FC9609DB8E8A56A322E2B4178CE7B2022D741BD256303D926B48D5239B354F611C52B475C62351854D6E27C89231E7E7972C19C7D6F5BEB07D1A1FF827348DA862F422047A2DB7B591AE497578A4BA95CBECFB503F5DC04C0C6A946FFB515F2F0BDC4332F2674706F7C1908B681D8EE3667777092C06DC9CF00F98143F4A1350FCBAEBB5157A5473D33F51778987B35B1D48249A491EE8F8778DE6DC29131F708642884BED0B0D159E1EFE428D18D3631F13A593323F1659FE9E1A708115D2F131DCC3808CE016036FF1D0D9193CBEB2CD1C49F9973E0BCB09A2A9394E2F55B680123B
35820170713071216 2 6 100 8191 2 DDFBC1CD4FB7E30639422038F1FFBA2CD3EC3915F3C923282C6588F6EB218FF7B24870C0FE4B48213AB0948E101686FB7B0093ED467B6CA413EDD4B0BFE2155AEBC4DA3D2DD0C78DA9AD989A0E989010D6D5E86A123C169E126F97826EE5F602FF641FDF642A107E7538CB61740CBAF69F6C7DC5DD4DF28998AB61B8672F0B74A3A8DD7D165828D69DCC1BAE4D45F707C3894E040BCC0AF7AA810A6D5CB89276217EB7AFAFE4966D68C10318E8C8CB23CA593E8057F29FF9154908B11D6530E6352F9406C81D9DAC5C298979320B4E0DD89203A1F680C8084154D0439DB6C53EDAF6FCC0E8682EC99D345180120AEC810CBB0C2F1B6D1B660ACEAAD5996A5D184659B6A1F11456BA6A5E94D223959D8171C030499A9DB458702CB35CA7E7CD75D26FF5E94640AB8740ECE82559784BB6D5CB4D041D053629BD3F4178077F3F7E280296C46A3F0FBC37813A1AA221FBA2612F0CFE56450E9B1F2C2AE278EC7A7AAB66D61FA9749FE997EDC31131091620897014D33B2386B490CFD80656B7D2EB08C9DA9928798986996D60F74D766EB8988E2FF676E38C587E7A6651AA28BEB8BB56EBBD6E641E92309AEAA671A5F2EC72629442D2C3A4C2B8E4304DC71B342CD116527832078E6B53C1E0A72909615B408E17625F7259ACA98E46359448FC141F57B51A069B8A402AE3A87E10AE7E910F3916BAC6CE716C539E825A06626673DE7EBD899A3982FCC599791E7CA964C0D37BB076708C03DC7C022980974025C0EA9B72CC3D0A03E4626E030E9C857ECF6B3807AC9E8E0F72098C7E80DAA05BFF60394A8374096878F015597DD5B22E65646A7DDC87B5F6AE68594DF39B0BDB2675A32369AD81FD62033146B8DA6A801E918572CBC70DEBA9F70D088D69425733ACE0084E60E7FCB459A5B71F74F711184B1AEA240834D28D049474BB2E7ED1B17AA2B5EB7D274341456834320BE8FB245B1C2B84A096E7E40573FEB7C2997ED16C8C2C62409B8064398ED220FA82C59E53AD7E864C24473FCC7F017B897D5855F092A9428957467EFD93F67D3FA302C578328A9484CD0496CC83BEAC96504F9601DA2048D25BF43B5A69E46234A164D854B89DF1DEDC36F0304BA5FC035B27E782087C3EC0A81840A3EC042204C63F9698CC74A818428039B23664C409529C4EDD822DF77819805023795EE625D524F12824C1F1FE99546DF75107AFFF7D424C4C3FB3D0BDA2E9BC0D93603457FFE44FABEAB1E6B62223B201D42784731BEE11E0FF0BF29C930DAF913F974739800522E2B9C4094475A5F35AA92E2939E5719EB4EE19446ADC9ECC7EE6BAB5D264C9E74AB6DE856D541146048341EB51734A34E33EF8D929F645E23FD902CB5676DA9C84C9F46490710DC8CF2AA922252C3885CBD8D0CB1D176CAFEB46A625C56BE949F487C6E35E2CE481F024C889B55B411B 35820171217162942 2 6 100 7679 2 DC810DED621062F0CB271F50E716119CBA30A56C758377BD69D70043B8C9ACA2E7EFA9896D324B18FB1A550BDB994533A67258C7EB28B23D1AFB6D3FE0C5C8AD961F2BFAE67E57978F749D3F33A0D9AEAFD817FD663E60298D0DF73E4B27A85B6799D929240EC6C4C59E0D98E0A7875F3FCC3E29394083D1344F78DC70B5E23C108A03B7B81121BEDD2093262B7E32C7AB695AD545D3A99F410199DDD9759FE1EE8502180206841B3C74CB6A939B38707309B421A75FFEC30C977F91A9F9F3C9F65EF2EA6251E72F8A65C7753815C188320E91B079EDFB9F1D480F529B67075B57523C44895DE2427D32D3935EAC5F46659C5F723C9BB006862EF143A77C384560EB5474F8D034FC8059F6D7BCD9EBD17D2740741FB4025CF87FFE3DAAFF72C8D9D10E1F779AEC56D3C6340426E2D980EAA07C46F2E720D1B8206D2A29162C6CA877FA89C0876DA70FF3A773BDEE1BB5831EFB58A9191430B0DE46EA4F484642F257AC176B74A91A02594D00D2FD30BE4927DED30C4389245EC5ECA93B1B08AFBB86B8012394F8CB874DC092498A2F9B44E27804C039632A192C8329F0DF25B196E6AB5E07FB3732B94990A2F0490FB07D9E33B0AA2830EDB572D7C7968A193B83FF869F65ABEDEC65EB03EA6DF0CD6C077DE627FD3583AFDA1754E655BE7ECF7A2BEAA422E516B26194FAEFEE6F535439B413325E1263E7E797DE9D717540A96AF360F8EE1FD4B190A513E83AEF6BCAB5A245F4A4F129F5F8AED11A558FE968A0CF2E254438384D0EE91BEE99A39696821DBA585144FA65484897CFC517FCE1D1512F792C6996063585F640AC9480220ED1FF3EDC1D7E55344977F71692D6F5DB091821A3F9612B65138848B874A93A71A74039337BF291938B0A8ACA2141BE969DCE4322A276C86C5A8E369EF6717158B46EBE48F8F9BC4F2E46203AC21CDD9F0ED1989F7D964D46D7DA63444C9CADA82AF53E38873A5D3F68868CA4F65748210716658F2A841B3890E773A2623A59073F14A0F2F1B0893FDBE5BA72FC9609DB8E8A56A322E2B4178CE7B2022D741BD256303D926B48D5239B354F611C52B475C62351854D6E27C89231E7E7972C19C7D6F5BEB07D1A1FF827348DA862F422047A2DB7B591AE497578A4BA95CBECFB503F5DC04C0C6A946FFB515F2F0BDC4332F2674706F7C1908B681D8EE3667777092C06DC9CF00F98143F4A1350FCBAEBB5157A5473D33F51778987B35B1D48249A491EE8F8778DE6DC29131F708642884BED0B0D159E1EFE428D18D3631F13A593323F1659FE9E1A708115D2F131DCC3808CE016036FF1D0D9193CBEB2CD1C49F9973E0BCB09A2A9394E2F55B727103B
35920170713222010 2 6 100 8191 2 DDFBC1CD4FB7E30639422038F1FFBA2CD3EC3915F3C923282C6588F6EB218FF7B24870C0FE4B48213AB0948E101686FB7B0093ED467B6CA413EDD4B0BFE2155AEBC4DA3D2DD0C78DA9AD989A0E989010D6D5E86A123C169E126F97826EE5F602FF641FDF642A107E7538CB61740CBAF69F6C7DC5DD4DF28998AB61B8672F0B74A3A8DD7D165828D69DCC1BAE4D45F707C3894E040BCC0AF7AA810A6D5CB89276217EB7AFAFE4966D68C10318E8C8CB23CA593E8057F29FF9154908B11D6530E6352F9406C81D9DAC5C298979320B4E0DD89203A1F680C8084154D0439DB6C53EDAF6FCC0E8682EC99D345180120AEC810CBB0C2F1B6D1B660ACEAAD5996A5D184659B6A1F11456BA6A5E94D223959D8171C030499A9DB458702CB35CA7E7CD75D26FF5E94640AB8740ECE82559784BB6D5CB4D041D053629BD3F4178077F3F7E280296C46A3F0FBC37813A1AA221FBA2612F0CFE56450E9B1F2C2AE278EC7A7AAB66D61FA9749FE997EDC31131091620897014D33B2386B490CFD80656B7D2EB08C9DA9928798986996D60F74D766EB8988E2FF676E38C587E7A6651AA28BEB8BB56EBBD6E641E92309AEAA671A5F2EC72629442D2C3A4C2B8E4304DC71B342CD116527832078E6B53C1E0A72909615B408E17625F7259ACA98E46359448FC141F57B51A069B8A402AE3A87E10AE7E910F3916BAC6CE716C539E825A06626673DE7EBD899A3982FCC599791E7CA964C0D37BB076708C03DC7C022980974025C0EA9B72CC3D0A03E4626E030E9C857ECF6B3807AC9E8E0F72098C7E80DAA05BFF60394A8374096878F015597DD5B22E65646A7DDC87B5F6AE68594DF39B0BDB2675A32369AD81FD62033146B8DA6A801E918572CBC70DEBA9F70D088D69425733ACE0084E60E7FCB459A5B71F74F711184B1AEA240834D28D049474BB2E7ED1B17AA2B5EB7D274341456834320BE8FB245B1C2B84A096E7E40573FEB7C2997ED16C8C2C62409B8064398ED220FA82C59E53AD7E864C24473FCC7F017B897D5855F092A9428957467EFD93F67D3FA302C578328A9484CD0496CC83BEAC96504F9601DA2048D25BF43B5A69E46234A164D854B89DF1DEDC36F0304BA5FC035B27E782087C3EC0A81840A3EC042204C63F9698CC74A818428039B23664C409529C4EDD822DF77819805023795EE625D524F12824C1F1FE99546DF75107AFFF7D424C4C3FB3D0BDA2E9BC0D93603457FFE44FABEAB1E6B62223B201D42784731BEE11E0FF0BF29C930DAF913F974739800522E2B9C4094475A5F35AA92E2939E5719EB4EE19446ADC9ECC7EE6BAB5D264C9E74AB6DE856D541146048341EB51734A34E33EF8D929F645E23FD902CB5676DA9C84C9F46490710DC8CF2AA922252C3885CBD8D0CB1D176CAFEB46A625C56BE949F487C6E35E2CE481F024C889BFD2C803 35920171218014406 2 6 100 7679 2 DC810DED621062F0CB271F50E716119CBA30A56C758377BD69D70043B8C9ACA2E7EFA9896D324B18FB1A550BDB994533A67258C7EB28B23D1AFB6D3FE0C5C8AD961F2BFAE67E57978F749D3F33A0D9AEAFD817FD663E60298D0DF73E4B27A85B6799D929240EC6C4C59E0D98E0A7875F3FCC3E29394083D1344F78DC70B5E23C108A03B7B81121BEDD2093262B7E32C7AB695AD545D3A99F410199DDD9759FE1EE8502180206841B3C74CB6A939B38707309B421A75FFEC30C977F91A9F9F3C9F65EF2EA6251E72F8A65C7753815C188320E91B079EDFB9F1D480F529B67075B57523C44895DE2427D32D3935EAC5F46659C5F723C9BB006862EF143A77C384560EB5474F8D034FC8059F6D7BCD9EBD17D2740741FB4025CF87FFE3DAAFF72C8D9D10E1F779AEC56D3C6340426E2D980EAA07C46F2E720D1B8206D2A29162C6CA877FA89C0876DA70FF3A773BDEE1BB5831EFB58A9191430B0DE46EA4F484642F257AC176B74A91A02594D00D2FD30BE4927DED30C4389245EC5ECA93B1B08AFBB86B8012394F8CB874DC092498A2F9B44E27804C039632A192C8329F0DF25B196E6AB5E07FB3732B94990A2F0490FB07D9E33B0AA2830EDB572D7C7968A193B83FF869F65ABEDEC65EB03EA6DF0CD6C077DE627FD3583AFDA1754E655BE7ECF7A2BEAA422E516B26194FAEFEE6F535439B413325E1263E7E797DE9D717540A96AF360F8EE1FD4B190A513E83AEF6BCAB5A245F4A4F129F5F8AED11A558FE968A0CF2E254438384D0EE91BEE99A39696821DBA585144FA65484897CFC517FCE1D1512F792C6996063585F640AC9480220ED1FF3EDC1D7E55344977F71692D6F5DB091821A3F9612B65138848B874A93A71A74039337BF291938B0A8ACA2141BE969DCE4322A276C86C5A8E369EF6717158B46EBE48F8F9BC4F2E46203AC21CDD9F0ED1989F7D964D46D7DA63444C9CADA82AF53E38873A5D3F68868CA4F65748210716658F2A841B3890E773A2623A59073F14A0F2F1B0893FDBE5BA72FC9609DB8E8A56A322E2B4178CE7B2022D741BD256303D926B48D5239B354F611C52B475C62351854D6E27C89231E7E7972C19C7D6F5BEB07D1A1FF827348DA862F422047A2DB7B591AE497578A4BA95CBECFB503F5DC04C0C6A946FFB515F2F0BDC4332F2674706F7C1908B681D8EE3667777092C06DC9CF00F98143F4A1350FCBAEBB5157A5473D33F51778987B35B1D48249A491EE8F8778DE6DC29131F708642884BED0B0D159E1EFE428D18D3631F13A593323F1659FE9E1A708115D2F131DCC3808CE016036FF1D0D9193CBEB2CD1C49F9973E0BCB09A2A9394E2F55BDE7E6A3
36020170714013005 2 6 100 8191 5 DDFBC1CD4FB7E30639422038F1FFBA2CD3EC3915F3C923282C6588F6EB218FF7B24870C0FE4B48213AB0948E101686FB7B0093ED467B6CA413EDD4B0BFE2155AEBC4DA3D2DD0C78DA9AD989A0E989010D6D5E86A123C169E126F97826EE5F602FF641FDF642A107E7538CB61740CBAF69F6C7DC5DD4DF28998AB61B8672F0B74A3A8DD7D165828D69DCC1BAE4D45F707C3894E040BCC0AF7AA810A6D5CB89276217EB7AFAFE4966D68C10318E8C8CB23CA593E8057F29FF9154908B11D6530E6352F9406C81D9DAC5C298979320B4E0DD89203A1F680C8084154D0439DB6C53EDAF6FCC0E8682EC99D345180120AEC810CBB0C2F1B6D1B660ACEAAD5996A5D184659B6A1F11456BA6A5E94D223959D8171C030499A9DB458702CB35CA7E7CD75D26FF5E94640AB8740ECE82559784BB6D5CB4D041D053629BD3F4178077F3F7E280296C46A3F0FBC37813A1AA221FBA2612F0CFE56450E9B1F2C2AE278EC7A7AAB66D61FA9749FE997EDC31131091620897014D33B2386B490CFD80656B7D2EB08C9DA9928798986996D60F74D766EB8988E2FF676E38C587E7A6651AA28BEB8BB56EBBD6E641E92309AEAA671A5F2EC72629442D2C3A4C2B8E4304DC71B342CD116527832078E6B53C1E0A72909615B408E17625F7259ACA98E46359448FC141F57B51A069B8A402AE3A87E10AE7E910F3916BAC6CE716C539E825A06626673DE7EBD899A3982FCC599791E7CA964C0D37BB076708C03DC7C022980974025C0EA9B72CC3D0A03E4626E030E9C857ECF6B3807AC9E8E0F72098C7E80DAA05BFF60394A8374096878F015597DD5B22E65646A7DDC87B5F6AE68594DF39B0BDB2675A32369AD81FD62033146B8DA6A801E918572CBC70DEBA9F70D088D69425733ACE0084E60E7FCB459A5B71F74F711184B1AEA240834D28D049474BB2E7ED1B17AA2B5EB7D274341456834320BE8FB245B1C2B84A096E7E40573FEB7C2997ED16C8C2C62409B8064398ED220FA82C59E53AD7E864C24473FCC7F017B897D5855F092A9428957467EFD93F67D3FA302C578328A9484CD0496CC83BEAC96504F9601DA2048D25BF43B5A69E46234A164D854B89DF1DEDC36F0304BA5FC035B27E782087C3EC0A81840A3EC042204C63F9698CC74A818428039B23664C409529C4EDD822DF77819805023795EE625D524F12824C1F1FE99546DF75107AFFF7D424C4C3FB3D0BDA2E9BC0D93603457FFE44FABEAB1E6B62223B201D42784731BEE11E0FF0BF29C930DAF913F974739800522E2B9C4094475A5F35AA92E2939E5719EB4EE19446ADC9ECC7EE6BAB5D264C9E74AB6DE856D541146048341EB51734A34E33EF8D929F645E23FD902CB5676DA9C84C9F46490710DC8CF2AA922252C3885CBD8D0CB1D176CAFEB46A625C56BE949F487C6E35E2CE481F024C889C1EF6397 36020171218033011 2 6 100 7679 2 DC810DED621062F0CB271F50E716119CBA30A56C758377BD69D70043B8C9ACA2E7EFA9896D324B18FB1A550BDB994533A67258C7EB28B23D1AFB6D3FE0C5C8AD961F2BFAE67E57978F749D3F33A0D9AEAFD817FD663E60298D0DF73E4B27A85B6799D929240EC6C4C59E0D98E0A7875F3FCC3E29394083D1344F78DC70B5E23C108A03B7B81121BEDD2093262B7E32C7AB695AD545D3A99F410199DDD9759FE1EE8502180206841B3C74CB6A939B38707309B421A75FFEC30C977F91A9F9F3C9F65EF2EA6251E72F8A65C7753815C188320E91B079EDFB9F1D480F529B67075B57523C44895DE2427D32D3935EAC5F46659C5F723C9BB006862EF143A77C384560EB5474F8D034FC8059F6D7BCD9EBD17D2740741FB4025CF87FFE3DAAFF72C8D9D10E1F779AEC56D3C6340426E2D980EAA07C46F2E720D1B8206D2A29162C6CA877FA89C0876DA70FF3A773BDEE1BB5831EFB58A9191430B0DE46EA4F484642F257AC176B74A91A02594D00D2FD30BE4927DED30C4389245EC5ECA93B1B08AFBB86B8012394F8CB874DC092498A2F9B44E27804C039632A192C8329F0DF25B196E6AB5E07FB3732B94990A2F0490FB07D9E33B0AA2830EDB572D7C7968A193B83FF869F65ABEDEC65EB03EA6DF0CD6C077DE627FD3583AFDA1754E655BE7ECF7A2BEAA422E516B26194FAEFEE6F535439B413325E1263E7E797DE9D717540A96AF360F8EE1FD4B190A513E83AEF6BCAB5A245F4A4F129F5F8AED11A558FE968A0CF2E254438384D0EE91BEE99A39696821DBA585144FA65484897CFC517FCE1D1512F792C6996063585F640AC9480220ED1FF3EDC1D7E55344977F71692D6F5DB091821A3F9612B65138848B874A93A71A74039337BF291938B0A8ACA2141BE969DCE4322A276C86C5A8E369EF6717158B46EBE48F8F9BC4F2E46203AC21CDD9F0ED1989F7D964D46D7DA63444C9CADA82AF53E38873A5D3F68868CA4F65748210716658F2A841B3890E773A2623A59073F14A0F2F1B0893FDBE5BA72FC9609DB8E8A56A322E2B4178CE7B2022D741BD256303D926B48D5239B354F611C52B475C62351854D6E27C89231E7E7972C19C7D6F5BEB07D1A1FF827348DA862F422047A2DB7B591AE497578A4BA95CBECFB503F5DC04C0C6A946FFB515F2F0BDC4332F2674706F7C1908B681D8EE3667777092C06DC9CF00F98143F4A1350FCBAEBB5157A5473D33F51778987B35B1D48249A491EE8F8778DE6DC29131F708642884BED0B0D159E1EFE428D18D3631F13A593323F1659FE9E1A708115D2F131DCC3808CE016036FF1D0D9193CBEB2CD1C49F9973E0BCB09A2A9394E2F55BF2DBDBB
36120170714094721 2 6 100 8191 2 DDFBC1CD4FB7E30639422038F1FFBA2CD3EC3915F3C923282C6588F6EB218FF7B24870C0FE4B48213AB0948E101686FB7B0093ED467B6CA413EDD4B0BFE2155AEBC4DA3D2DD0C78DA9AD989A0E989010D6D5E86A123C169E126F97826EE5F602FF641FDF642A107E7538CB61740CBAF69F6C7DC5DD4DF28998AB61B8672F0B74A3A8DD7D165828D69DCC1BAE4D45F707C3894E040BCC0AF7AA810A6D5CB89276217EB7AFAFE4966D68C10318E8C8CB23CA593E8057F29FF9154908B11D6530E6352F9406C81D9DAC5C298979320B4E0DD89203A1F680C8084154D0439DB6C53EDAF6FCC0E8682EC99D345180120AEC810CBB0C2F1B6D1B660ACEAAD5996A5D184659B6A1F11456BA6A5E94D223959D8171C030499A9DB458702CB35CA7E7CD75D26FF5E94640AB8740ECE82559784BB6D5CB4D041D053629BD3F4178077F3F7E280296C46A3F0FBC37813A1AA221FBA2612F0CFE56450E9B1F2C2AE278EC7A7AAB66D61FA9749FE997EDC31131091620897014D33B2386B490CFD80656B7D2EB08C9DA9928798986996D60F74D766EB8988E2FF676E38C587E7A6651AA28BEB8BB56EBBD6E641E92309AEAA671A5F2EC72629442D2C3A4C2B8E4304DC71B342CD116527832078E6B53C1E0A72909615B408E17625F7259ACA98E46359448FC141F57B51A069B8A402AE3A87E10AE7E910F3916BAC6CE716C539E825A06626673DE7EBD899A3982FCC599791E7CA964C0D37BB076708C03DC7C022980974025C0EA9B72CC3D0A03E4626E030E9C857ECF6B3807AC9E8E0F72098C7E80DAA05BFF60394A8374096878F015597DD5B22E65646A7DDC87B5F6AE68594DF39B0BDB2675A32369AD81FD62033146B8DA6A801E918572CBC70DEBA9F70D088D69425733ACE0084E60E7FCB459A5B71F74F711184B1AEA240834D28D049474BB2E7ED1B17AA2B5EB7D274341456834320BE8FB245B1C2B84A096E7E40573FEB7C2997ED16C8C2C62409B8064398ED220FA82C59E53AD7E864C24473FCC7F017B897D5855F092A9428957467EFD93F67D3FA302C578328A9484CD0496CC83BEAC96504F9601DA2048D25BF43B5A69E46234A164D854B89DF1DEDC36F0304BA5FC035B27E782087C3EC0A81840A3EC042204C63F9698CC74A818428039B23664C409529C4EDD822DF77819805023795EE625D524F12824C1F1FE99546DF75107AFFF7D424C4C3FB3D0BDA2E9BC0D93603457FFE44FABEAB1E6B62223B201D42784731BEE11E0FF0BF29C930DAF913F974739800522E2B9C4094475A5F35AA92E2939E5719EB4EE19446ADC9ECC7EE6BAB5D264C9E74AB6DE856D541146048341EB51734A34E33EF8D929F645E23FD902CB5676DA9C84C9F46490710DC8CF2AA922252C3885CBD8D0CB1D176CAFEB46A625C56BE949F487C6E35E2CE481F024C889C7A27293 36120171218052822 2 6 100 7679 5 DC810DED621062F0CB271F50E716119CBA30A56C758377BD69D70043B8C9ACA2E7EFA9896D324B18FB1A550BDB994533A67258C7EB28B23D1AFB6D3FE0C5C8AD961F2BFAE67E57978F749D3F33A0D9AEAFD817FD663E60298D0DF73E4B27A85B6799D929240EC6C4C59E0D98E0A7875F3FCC3E29394083D1344F78DC70B5E23C108A03B7B81121BEDD2093262B7E32C7AB695AD545D3A99F410199DDD9759FE1EE8502180206841B3C74CB6A939B38707309B421A75FFEC30C977F91A9F9F3C9F65EF2EA6251E72F8A65C7753815C188320E91B079EDFB9F1D480F529B67075B57523C44895DE2427D32D3935EAC5F46659C5F723C9BB006862EF143A77C384560EB5474F8D034FC8059F6D7BCD9EBD17D2740741FB4025CF87FFE3DAAFF72C8D9D10E1F779AEC56D3C6340426E2D980EAA07C46F2E720D1B8206D2A29162C6CA877FA89C0876DA70FF3A773BDEE1BB5831EFB58A9191430B0DE46EA4F484642F257AC176B74A91A02594D00D2FD30BE4927DED30C4389245EC5ECA93B1B08AFBB86B8012394F8CB874DC092498A2F9B44E27804C039632A192C8329F0DF25B196E6AB5E07FB3732B94990A2F0490FB07D9E33B0AA2830EDB572D7C7968A193B83FF869F65ABEDEC65EB03EA6DF0CD6C077DE627FD3583AFDA1754E655BE7ECF7A2BEAA422E516B26194FAEFEE6F535439B413325E1263E7E797DE9D717540A96AF360F8EE1FD4B190A513E83AEF6BCAB5A245F4A4F129F5F8AED11A558FE968A0CF2E254438384D0EE91BEE99A39696821DBA585144FA65484897CFC517FCE1D1512F792C6996063585F640AC9480220ED1FF3EDC1D7E55344977F71692D6F5DB091821A3F9612B65138848B874A93A71A74039337BF291938B0A8ACA2141BE969DCE4322A276C86C5A8E369EF6717158B46EBE48F8F9BC4F2E46203AC21CDD9F0ED1989F7D964D46D7DA63444C9CADA82AF53E38873A5D3F68868CA4F65748210716658F2A841B3890E773A2623A59073F14A0F2F1B0893FDBE5BA72FC9609DB8E8A56A322E2B4178CE7B2022D741BD256303D926B48D5239B354F611C52B475C62351854D6E27C89231E7E7972C19C7D6F5BEB07D1A1FF827348DA862F422047A2DB7B591AE497578A4BA95CBECFB503F5DC04C0C6A946FFB515F2F0BDC4332F2674706F7C1908B681D8EE3667777092C06DC9CF00F98143F4A1350FCBAEBB5157A5473D33F51778987B35B1D48249A491EE8F8778DE6DC29131F708642884BED0B0D159E1EFE428D18D3631F13A593323F1659FE9E1A708115D2F131DCC3808CE016036FF1D0D9193CBEB2CD1C49F9973E0BCB09A2A9394E2F55C08EEBC7
36220170714141853 2 6 100 8191 5 DDFBC1CD4FB7E30639422038F1FFBA2CD3EC3915F3C923282C6588F6EB218FF7B24870C0FE4B48213AB0948E101686FB7B0093ED467B6CA413EDD4B0BFE2155AEBC4DA3D2DD0C78DA9AD989A0E989010D6D5E86A123C169E126F97826EE5F602FF641FDF642A107E7538CB61740CBAF69F6C7DC5DD4DF28998AB61B8672F0B74A3A8DD7D165828D69DCC1BAE4D45F707C3894E040BCC0AF7AA810A6D5CB89276217EB7AFAFE4966D68C10318E8C8CB23CA593E8057F29FF9154908B11D6530E6352F9406C81D9DAC5C298979320B4E0DD89203A1F680C8084154D0439DB6C53EDAF6FCC0E8682EC99D345180120AEC810CBB0C2F1B6D1B660ACEAAD5996A5D184659B6A1F11456BA6A5E94D223959D8171C030499A9DB458702CB35CA7E7CD75D26FF5E94640AB8740ECE82559784BB6D5CB4D041D053629BD3F4178077F3F7E280296C46A3F0FBC37813A1AA221FBA2612F0CFE56450E9B1F2C2AE278EC7A7AAB66D61FA9749FE997EDC31131091620897014D33B2386B490CFD80656B7D2EB08C9DA9928798986996D60F74D766EB8988E2FF676E38C587E7A6651AA28BEB8BB56EBBD6E641E92309AEAA671A5F2EC72629442D2C3A4C2B8E4304DC71B342CD116527832078E6B53C1E0A72909615B408E17625F7259ACA98E46359448FC141F57B51A069B8A402AE3A87E10AE7E910F3916BAC6CE716C539E825A06626673DE7EBD899A3982FCC599791E7CA964C0D37BB076708C03DC7C022980974025C0EA9B72CC3D0A03E4626E030E9C857ECF6B3807AC9E8E0F72098C7E80DAA05BFF60394A8374096878F015597DD5B22E65646A7DDC87B5F6AE68594DF39B0BDB2675A32369AD81FD62033146B8DA6A801E918572CBC70DEBA9F70D088D69425733ACE0084E60E7FCB459A5B71F74F711184B1AEA240834D28D049474BB2E7ED1B17AA2B5EB7D274341456834320BE8FB245B1C2B84A096E7E40573FEB7C2997ED16C8C2C62409B8064398ED220FA82C59E53AD7E864C24473FCC7F017B897D5855F092A9428957467EFD93F67D3FA302C578328A9484CD0496CC83BEAC96504F9601DA2048D25BF43B5A69E46234A164D854B89DF1DEDC36F0304BA5FC035B27E782087C3EC0A81840A3EC042204C63F9698CC74A818428039B23664C409529C4EDD822DF77819805023795EE625D524F12824C1F1FE99546DF75107AFFF7D424C4C3FB3D0BDA2E9BC0D93603457FFE44FABEAB1E6B62223B201D42784731BEE11E0FF0BF29C930DAF913F974739800522E2B9C4094475A5F35AA92E2939E5719EB4EE19446ADC9ECC7EE6BAB5D264C9E74AB6DE856D541146048341EB51734A34E33EF8D929F645E23FD902CB5676DA9C84C9F46490710DC8CF2AA922252C3885CBD8D0CB1D176CAFEB46A625C56BE949F487C6E35E2CE481F024C889CAA42B27 36220171218071736 2 6 100 7679 2 DC810DED621062F0CB271F50E716119CBA30A56C758377BD69D70043B8C9ACA2E7EFA9896D324B18FB1A550BDB994533A67258C7EB28B23D1AFB6D3FE0C5C8AD961F2BFAE67E57978F749D3F33A0D9AEAFD817FD663E60298D0DF73E4B27A85B6799D929240EC6C4C59E0D98E0A7875F3FCC3E29394083D1344F78DC70B5E23C108A03B7B81121BEDD2093262B7E32C7AB695AD545D3A99F410199DDD9759FE1EE8502180206841B3C74CB6A939B38707309B421A75FFEC30C977F91A9F9F3C9F65EF2EA6251E72F8A65C7753815C188320E91B079EDFB9F1D480F529B67075B57523C44895DE2427D32D3935EAC5F46659C5F723C9BB006862EF143A77C384560EB5474F8D034FC8059F6D7BCD9EBD17D2740741FB4025CF87FFE3DAAFF72C8D9D10E1F779AEC56D3C6340426E2D980EAA07C46F2E720D1B8206D2A29162C6CA877FA89C0876DA70FF3A773BDEE1BB5831EFB58A9191430B0DE46EA4F484642F257AC176B74A91A02594D00D2FD30BE4927DED30C4389245EC5ECA93B1B08AFBB86B8012394F8CB874DC092498A2F9B44E27804C039632A192C8329F0DF25B196E6AB5E07FB3732B94990A2F0490FB07D9E33B0AA2830EDB572D7C7968A193B83FF869F65ABEDEC65EB03EA6DF0CD6C077DE627FD3583AFDA1754E655BE7ECF7A2BEAA422E516B26194FAEFEE6F535439B413325E1263E7E797DE9D717540A96AF360F8EE1FD4B190A513E83AEF6BCAB5A245F4A4F129F5F8AED11A558FE968A0CF2E254438384D0EE91BEE99A39696821DBA585144FA65484897CFC517FCE1D1512F792C6996063585F640AC9480220ED1FF3EDC1D7E55344977F71692D6F5DB091821A3F9612B65138848B874A93A71A74039337BF291938B0A8ACA2141BE969DCE4322A276C86C5A8E369EF6717158B46EBE48F8F9BC4F2E46203AC21CDD9F0ED1989F7D964D46D7DA63444C9CADA82AF53E38873A5D3F68868CA4F65748210716658F2A841B3890E773A2623A59073F14A0F2F1B0893FDBE5BA72FC9609DB8E8A56A322E2B4178CE7B2022D741BD256303D926B48D5239B354F611C52B475C62351854D6E27C89231E7E7972C19C7D6F5BEB07D1A1FF827348DA862F422047A2DB7B591AE497578A4BA95CBECFB503F5DC04C0C6A946FFB515F2F0BDC4332F2674706F7C1908B681D8EE3667777092C06DC9CF00F98143F4A1350FCBAEBB5157A5473D33F51778987B35B1D48249A491EE8F8778DE6DC29131F708642884BED0B0D159E1EFE428D18D3631F13A593323F1659FE9E1A708115D2F131DCC3808CE016036FF1D0D9193CBEB2CD1C49F9973E0BCB09A2A9394E2F55C1D36F8B
36320170714204505 2 6 100 8191 5 DDFBC1CD4FB7E30639422038F1FFBA2CD3EC3915F3C923282C6588F6EB218FF7B24870C0FE4B48213AB0948E101686FB7B0093ED467B6CA413EDD4B0BFE2155AEBC4DA3D2DD0C78DA9AD989A0E989010D6D5E86A123C169E126F97826EE5F602FF641FDF642A107E7538CB61740CBAF69F6C7DC5DD4DF28998AB61B8672F0B74A3A8DD7D165828D69DCC1BAE4D45F707C3894E040BCC0AF7AA810A6D5CB89276217EB7AFAFE4966D68C10318E8C8CB23CA593E8057F29FF9154908B11D6530E6352F9406C81D9DAC5C298979320B4E0DD89203A1F680C8084154D0439DB6C53EDAF6FCC0E8682EC99D345180120AEC810CBB0C2F1B6D1B660ACEAAD5996A5D184659B6A1F11456BA6A5E94D223959D8171C030499A9DB458702CB35CA7E7CD75D26FF5E94640AB8740ECE82559784BB6D5CB4D041D053629BD3F4178077F3F7E280296C46A3F0FBC37813A1AA221FBA2612F0CFE56450E9B1F2C2AE278EC7A7AAB66D61FA9749FE997EDC31131091620897014D33B2386B490CFD80656B7D2EB08C9DA9928798986996D60F74D766EB8988E2FF676E38C587E7A6651AA28BEB8BB56EBBD6E641E92309AEAA671A5F2EC72629442D2C3A4C2B8E4304DC71B342CD116527832078E6B53C1E0A72909615B408E17625F7259ACA98E46359448FC141F57B51A069B8A402AE3A87E10AE7E910F3916BAC6CE716C539E825A06626673DE7EBD899A3982FCC599791E7CA964C0D37BB076708C03DC7C022980974025C0EA9B72CC3D0A03E4626E030E9C857ECF6B3807AC9E8E0F72098C7E80DAA05BFF60394A8374096878F015597DD5B22E65646A7DDC87B5F6AE68594DF39B0BDB2675A32369AD81FD62033146B8DA6A801E918572CBC70DEBA9F70D088D69425733ACE0084E60E7FCB459A5B71F74F711184B1AEA240834D28D049474BB2E7ED1B17AA2B5EB7D274341456834320BE8FB245B1C2B84A096E7E40573FEB7C2997ED16C8C2C62409B8064398ED220FA82C59E53AD7E864C24473FCC7F017B897D5855F092A9428957467EFD93F67D3FA302C578328A9484CD0496CC83BEAC96504F9601DA2048D25BF43B5A69E46234A164D854B89DF1DEDC36F0304BA5FC035B27E782087C3EC0A81840A3EC042204C63F9698CC74A818428039B23664C409529C4EDD822DF77819805023795EE625D524F12824C1F1FE99546DF75107AFFF7D424C4C3FB3D0BDA2E9BC0D93603457FFE44FABEAB1E6B62223B201D42784731BEE11E0FF0BF29C930DAF913F974739800522E2B9C4094475A5F35AA92E2939E5719EB4EE19446ADC9ECC7EE6BAB5D264C9E74AB6DE856D541146048341EB51734A34E33EF8D929F645E23FD902CB5676DA9C84C9F46490710DC8CF2AA922252C3885CBD8D0CB1D176CAFEB46A625C56BE949F487C6E35E2CE481F024C889CEF31E77 36320171218072625 2 6 100 7679 2 DC810DED621062F0CB271F50E716119CBA30A56C758377BD69D70043B8C9ACA2E7EFA9896D324B18FB1A550BDB994533A67258C7EB28B23D1AFB6D3FE0C5C8AD961F2BFAE67E57978F749D3F33A0D9AEAFD817FD663E60298D0DF73E4B27A85B6799D929240EC6C4C59E0D98E0A7875F3FCC3E29394083D1344F78DC70B5E23C108A03B7B81121BEDD2093262B7E32C7AB695AD545D3A99F410199DDD9759FE1EE8502180206841B3C74CB6A939B38707309B421A75FFEC30C977F91A9F9F3C9F65EF2EA6251E72F8A65C7753815C188320E91B079EDFB9F1D480F529B67075B57523C44895DE2427D32D3935EAC5F46659C5F723C9BB006862EF143A77C384560EB5474F8D034FC8059F6D7BCD9EBD17D2740741FB4025CF87FFE3DAAFF72C8D9D10E1F779AEC56D3C6340426E2D980EAA07C46F2E720D1B8206D2A29162C6CA877FA89C0876DA70FF3A773BDEE1BB5831EFB58A9191430B0DE46EA4F484642F257AC176B74A91A02594D00D2FD30BE4927DED30C4389245EC5ECA93B1B08AFBB86B8012394F8CB874DC092498A2F9B44E27804C039632A192C8329F0DF25B196E6AB5E07FB3732B94990A2F0490FB07D9E33B0AA2830EDB572D7C7968A193B83FF869F65ABEDEC65EB03EA6DF0CD6C077DE627FD3583AFDA1754E655BE7ECF7A2BEAA422E516B26194FAEFEE6F535439B413325E1263E7E797DE9D717540A96AF360F8EE1FD4B190A513E83AEF6BCAB5A245F4A4F129F5F8AED11A558FE968A0CF2E254438384D0EE91BEE99A39696821DBA585144FA65484897CFC517FCE1D1512F792C6996063585F640AC9480220ED1FF3EDC1D7E55344977F71692D6F5DB091821A3F9612B65138848B874A93A71A74039337BF291938B0A8ACA2141BE969DCE4322A276C86C5A8E369EF6717158B46EBE48F8F9BC4F2E46203AC21CDD9F0ED1989F7D964D46D7DA63444C9CADA82AF53E38873A5D3F68868CA4F65748210716658F2A841B3890E773A2623A59073F14A0F2F1B0893FDBE5BA72FC9609DB8E8A56A322E2B4178CE7B2022D741BD256303D926B48D5239B354F611C52B475C62351854D6E27C89231E7E7972C19C7D6F5BEB07D1A1FF827348DA862F422047A2DB7B591AE497578A4BA95CBECFB503F5DC04C0C6A946FFB515F2F0BDC4332F2674706F7C1908B681D8EE3667777092C06DC9CF00F98143F4A1350FCBAEBB5157A5473D33F51778987B35B1D48249A491EE8F8778DE6DC29131F708642884BED0B0D159E1EFE428D18D3631F13A593323F1659FE9E1A708115D2F131DCC3808CE016036FF1D0D9193CBEB2CD1C49F9973E0BCB09A2A9394E2F55C1E549DB
36420170714205139 2 6 100 8191 2 DDFBC1CD4FB7E30639422038F1FFBA2CD3EC3915F3C923282C6588F6EB218FF7B24870C0FE4B48213AB0948E101686FB7B0093ED467B6CA413EDD4B0BFE2155AEBC4DA3D2DD0C78DA9AD989A0E989010D6D5E86A123C169E126F97826EE5F602FF641FDF642A107E7538CB61740CBAF69F6C7DC5DD4DF28998AB61B8672F0B74A3A8DD7D165828D69DCC1BAE4D45F707C3894E040BCC0AF7AA810A6D5CB89276217EB7AFAFE4966D68C10318E8C8CB23CA593E8057F29FF9154908B11D6530E6352F9406C81D9DAC5C298979320B4E0DD89203A1F680C8084154D0439DB6C53EDAF6FCC0E8682EC99D345180120AEC810CBB0C2F1B6D1B660ACEAAD5996A5D184659B6A1F11456BA6A5E94D223959D8171C030499A9DB458702CB35CA7E7CD75D26FF5E94640AB8740ECE82559784BB6D5CB4D041D053629BD3F4178077F3F7E280296C46A3F0FBC37813A1AA221FBA2612F0CFE56450E9B1F2C2AE278EC7A7AAB66D61FA9749FE997EDC31131091620897014D33B2386B490CFD80656B7D2EB08C9DA9928798986996D60F74D766EB8988E2FF676E38C587E7A6651AA28BEB8BB56EBBD6E641E92309AEAA671A5F2EC72629442D2C3A4C2B8E4304DC71B342CD116527832078E6B53C1E0A72909615B408E17625F7259ACA98E46359448FC141F57B51A069B8A402AE3A87E10AE7E910F3916BAC6CE716C539E825A06626673DE7EBD899A3982FCC599791E7CA964C0D37BB076708C03DC7C022980974025C0EA9B72CC3D0A03E4626E030E9C857ECF6B3807AC9E8E0F72098C7E80DAA05BFF60394A8374096878F015597DD5B22E65646A7DDC87B5F6AE68594DF39B0BDB2675A32369AD81FD62033146B8DA6A801E918572CBC70DEBA9F70D088D69425733ACE0084E60E7FCB459A5B71F74F711184B1AEA240834D28D049474BB2E7ED1B17AA2B5EB7D274341456834320BE8FB245B1C2B84A096E7E40573FEB7C2997ED16C8C2C62409B8064398ED220FA82C59E53AD7E864C24473FCC7F017B897D5855F092A9428957467EFD93F67D3FA302C578328A9484CD0496CC83BEAC96504F9601DA2048D25BF43B5A69E46234A164D854B89DF1DEDC36F0304BA5FC035B27E782087C3EC0A81840A3EC042204C63F9698CC74A818428039B23664C409529C4EDD822DF77819805023795EE625D524F12824C1F1FE99546DF75107AFFF7D424C4C3FB3D0BDA2E9BC0D93603457FFE44FABEAB1E6B62223B201D42784731BEE11E0FF0BF29C930DAF913F974739800522E2B9C4094475A5F35AA92E2939E5719EB4EE19446ADC9ECC7EE6BAB5D264C9E74AB6DE856D541146048341EB51734A34E33EF8D929F645E23FD902CB5676DA9C84C9F46490710DC8CF2AA922252C3885CBD8D0CB1D176CAFEB46A625C56BE949F487C6E35E2CE481F024C889CEFD860B 36420171218081603 2 6 100 7679 5 DC810DED621062F0CB271F50E716119CBA30A56C758377BD69D70043B8C9ACA2E7EFA9896D324B18FB1A550BDB994533A67258C7EB28B23D1AFB6D3FE0C5C8AD961F2BFAE67E57978F749D3F33A0D9AEAFD817FD663E60298D0DF73E4B27A85B6799D929240EC6C4C59E0D98E0A7875F3FCC3E29394083D1344F78DC70B5E23C108A03B7B81121BEDD2093262B7E32C7AB695AD545D3A99F410199DDD9759FE1EE8502180206841B3C74CB6A939B38707309B421A75FFEC30C977F91A9F9F3C9F65EF2EA6251E72F8A65C7753815C188320E91B079EDFB9F1D480F529B67075B57523C44895DE2427D32D3935EAC5F46659C5F723C9BB006862EF143A77C384560EB5474F8D034FC8059F6D7BCD9EBD17D2740741FB4025CF87FFE3DAAFF72C8D9D10E1F779AEC56D3C6340426E2D980EAA07C46F2E720D1B8206D2A29162C6CA877FA89C0876DA70FF3A773BDEE1BB5831EFB58A9191430B0DE46EA4F484642F257AC176B74A91A02594D00D2FD30BE4927DED30C4389245EC5ECA93B1B08AFBB86B8012394F8CB874DC092498A2F9B44E27804C039632A192C8329F0DF25B196E6AB5E07FB3732B94990A2F0490FB07D9E33B0AA2830EDB572D7C7968A193B83FF869F65ABEDEC65EB03EA6DF0CD6C077DE627FD3583AFDA1754E655BE7ECF7A2BEAA422E516B26194FAEFEE6F535439B413325E1263E7E797DE9D717540A96AF360F8EE1FD4B190A513E83AEF6BCAB5A245F4A4F129F5F8AED11A558FE968A0CF2E254438384D0EE91BEE99A39696821DBA585144FA65484897CFC517FCE1D1512F792C6996063585F640AC9480220ED1FF3EDC1D7E55344977F71692D6F5DB091821A3F9612B65138848B874A93A71A74039337BF291938B0A8ACA2141BE969DCE4322A276C86C5A8E369EF6717158B46EBE48F8F9BC4F2E46203AC21CDD9F0ED1989F7D964D46D7DA63444C9CADA82AF53E38873A5D3F68868CA4F65748210716658F2A841B3890E773A2623A59073F14A0F2F1B0893FDBE5BA72FC9609DB8E8A56A322E2B4178CE7B2022D741BD256303D926B48D5239B354F611C52B475C62351854D6E27C89231E7E7972C19C7D6F5BEB07D1A1FF827348DA862F422047A2DB7B591AE497578A4BA95CBECFB503F5DC04C0C6A946FFB515F2F0BDC4332F2674706F7C1908B681D8EE3667777092C06DC9CF00F98143F4A1350FCBAEBB5157A5473D33F51778987B35B1D48249A491EE8F8778DE6DC29131F708642884BED0B0D159E1EFE428D18D3631F13A593323F1659FE9E1A708115D2F131DCC3808CE016036FF1D0D9193CBEB2CD1C49F9973E0BCB09A2A9394E2F55C2747B77
36520170714214942 2 6 100 8191 2 DDFBC1CD4FB7E30639422038F1FFBA2CD3EC3915F3C923282C6588F6EB218FF7B24870C0FE4B48213AB0948E101686FB7B0093ED467B6CA413EDD4B0BFE2155AEBC4DA3D2DD0C78DA9AD989A0E989010D6D5E86A123C169E126F97826EE5F602FF641FDF642A107E7538CB61740CBAF69F6C7DC5DD4DF28998AB61B8672F0B74A3A8DD7D165828D69DCC1BAE4D45F707C3894E040BCC0AF7AA810A6D5CB89276217EB7AFAFE4966D68C10318E8C8CB23CA593E8057F29FF9154908B11D6530E6352F9406C81D9DAC5C298979320B4E0DD89203A1F680C8084154D0439DB6C53EDAF6FCC0E8682EC99D345180120AEC810CBB0C2F1B6D1B660ACEAAD5996A5D184659B6A1F11456BA6A5E94D223959D8171C030499A9DB458702CB35CA7E7CD75D26FF5E94640AB8740ECE82559784BB6D5CB4D041D053629BD3F4178077F3F7E280296C46A3F0FBC37813A1AA221FBA2612F0CFE56450E9B1F2C2AE278EC7A7AAB66D61FA9749FE997EDC31131091620897014D33B2386B490CFD80656B7D2EB08C9DA9928798986996D60F74D766EB8988E2FF676E38C587E7A6651AA28BEB8BB56EBBD6E641E92309AEAA671A5F2EC72629442D2C3A4C2B8E4304DC71B342CD116527832078E6B53C1E0A72909615B408E17625F7259ACA98E46359448FC141F57B51A069B8A402AE3A87E10AE7E910F3916BAC6CE716C539E825A06626673DE7EBD899A3982FCC599791E7CA964C0D37BB076708C03DC7C022980974025C0EA9B72CC3D0A03E4626E030E9C857ECF6B3807AC9E8E0F72098C7E80DAA05BFF60394A8374096878F015597DD5B22E65646A7DDC87B5F6AE68594DF39B0BDB2675A32369AD81FD62033146B8DA6A801E918572CBC70DEBA9F70D088D69425733ACE0084E60E7FCB459A5B71F74F711184B1AEA240834D28D049474BB2E7ED1B17AA2B5EB7D274341456834320BE8FB245B1C2B84A096E7E40573FEB7C2997ED16C8C2C62409B8064398ED220FA82C59E53AD7E864C24473FCC7F017B897D5855F092A9428957467EFD93F67D3FA302C578328A9484CD0496CC83BEAC96504F9601DA2048D25BF43B5A69E46234A164D854B89DF1DEDC36F0304BA5FC035B27E782087C3EC0A81840A3EC042204C63F9698CC74A818428039B23664C409529C4EDD822DF77819805023795EE625D524F12824C1F1FE99546DF75107AFFF7D424C4C3FB3D0BDA2E9BC0D93603457FFE44FABEAB1E6B62223B201D42784731BEE11E0FF0BF29C930DAF913F974739800522E2B9C4094475A5F35AA92E2939E5719EB4EE19446ADC9ECC7EE6BAB5D264C9E74AB6DE856D541146048341EB51734A34E33EF8D929F645E23FD902CB5676DA9C84C9F46490710DC8CF2AA922252C3885CBD8D0CB1D176CAFEB46A625C56BE949F487C6E35E2CE481F024C889CF9B7253 36520171218163834 2 6 100 7679 5 DC810DED621062F0CB271F50E716119CBA30A56C758377BD69D70043B8C9ACA2E7EFA9896D324B18FB1A550BDB994533A67258C7EB28B23D1AFB6D3FE0C5C8AD961F2BFAE67E57978F749D3F33A0D9AEAFD817FD663E60298D0DF73E4B27A85B6799D929240EC6C4C59E0D98E0A7875F3FCC3E29394083D1344F78DC70B5E23C108A03B7B81121BEDD2093262B7E32C7AB695AD545D3A99F410199DDD9759FE1EE8502180206841B3C74CB6A939B38707309B421A75FFEC30C977F91A9F9F3C9F65EF2EA6251E72F8A65C7753815C188320E91B079EDFB9F1D480F529B67075B57523C44895DE2427D32D3935EAC5F46659C5F723C9BB006862EF143A77C384560EB5474F8D034FC8059F6D7BCD9EBD17D2740741FB4025CF87FFE3DAAFF72C8D9D10E1F779AEC56D3C6340426E2D980EAA07C46F2E720D1B8206D2A29162C6CA877FA89C0876DA70FF3A773BDEE1BB5831EFB58A9191430B0DE46EA4F484642F257AC176B74A91A02594D00D2FD30BE4927DED30C4389245EC5ECA93B1B08AFBB86B8012394F8CB874DC092498A2F9B44E27804C039632A192C8329F0DF25B196E6AB5E07FB3732B94990A2F0490FB07D9E33B0AA2830EDB572D7C7968A193B83FF869F65ABEDEC65EB03EA6DF0CD6C077DE627FD3583AFDA1754E655BE7ECF7A2BEAA422E516B26194FAEFEE6F535439B413325E1263E7E797DE9D717540A96AF360F8EE1FD4B190A513E83AEF6BCAB5A245F4A4F129F5F8AED11A558FE968A0CF2E254438384D0EE91BEE99A39696821DBA585144FA65484897CFC517FCE1D1512F792C6996063585F640AC9480220ED1FF3EDC1D7E55344977F71692D6F5DB091821A3F9612B65138848B874A93A71A74039337BF291938B0A8ACA2141BE969DCE4322A276C86C5A8E369EF6717158B46EBE48F8F9BC4F2E46203AC21CDD9F0ED1989F7D964D46D7DA63444C9CADA82AF53E38873A5D3F68868CA4F65748210716658F2A841B3890E773A2623A59073F14A0F2F1B0893FDBE5BA72FC9609DB8E8A56A322E2B4178CE7B2022D741BD256303D926B48D5239B354F611C52B475C62351854D6E27C89231E7E7972C19C7D6F5BEB07D1A1FF827348DA862F422047A2DB7B591AE497578A4BA95CBECFB503F5DC04C0C6A946FFB515F2F0BDC4332F2674706F7C1908B681D8EE3667777092C06DC9CF00F98143F4A1350FCBAEBB5157A5473D33F51778987B35B1D48249A491EE8F8778DE6DC29131F708642884BED0B0D159E1EFE428D18D3631F13A593323F1659FE9E1A708115D2F131DCC3808CE016036FF1D0D9193CBEB2CD1C49F9973E0BCB09A2A9394E2F55C883ECE7
36620170714230801 2 6 100 8191 2 DDFBC1CD4FB7E30639422038F1FFBA2CD3EC3915F3C923282C6588F6EB218FF7B24870C0FE4B48213AB0948E101686FB7B0093ED467B6CA413EDD4B0BFE2155AEBC4DA3D2DD0C78DA9AD989A0E989010D6D5E86A123C169E126F97826EE5F602FF641FDF642A107E7538CB61740CBAF69F6C7DC5DD4DF28998AB61B8672F0B74A3A8DD7D165828D69DCC1BAE4D45F707C3894E040BCC0AF7AA810A6D5CB89276217EB7AFAFE4966D68C10318E8C8CB23CA593E8057F29FF9154908B11D6530E6352F9406C81D9DAC5C298979320B4E0DD89203A1F680C8084154D0439DB6C53EDAF6FCC0E8682EC99D345180120AEC810CBB0C2F1B6D1B660ACEAAD5996A5D184659B6A1F11456BA6A5E94D223959D8171C030499A9DB458702CB35CA7E7CD75D26FF5E94640AB8740ECE82559784BB6D5CB4D041D053629BD3F4178077F3F7E280296C46A3F0FBC37813A1AA221FBA2612F0CFE56450E9B1F2C2AE278EC7A7AAB66D61FA9749FE997EDC31131091620897014D33B2386B490CFD80656B7D2EB08C9DA9928798986996D60F74D766EB8988E2FF676E38C587E7A6651AA28BEB8BB56EBBD6E641E92309AEAA671A5F2EC72629442D2C3A4C2B8E4304DC71B342CD116527832078E6B53C1E0A72909615B408E17625F7259ACA98E46359448FC141F57B51A069B8A402AE3A87E10AE7E910F3916BAC6CE716C539E825A06626673DE7EBD899A3982FCC599791E7CA964C0D37BB076708C03DC7C022980974025C0EA9B72CC3D0A03E4626E030E9C857ECF6B3807AC9E8E0F72098C7E80DAA05BFF60394A8374096878F015597DD5B22E65646A7DDC87B5F6AE68594DF39B0BDB2675A32369AD81FD62033146B8DA6A801E918572CBC70DEBA9F70D088D69425733ACE0084E60E7FCB459A5B71F74F711184B1AEA240834D28D049474BB2E7ED1B17AA2B5EB7D274341456834320BE8FB245B1C2B84A096E7E40573FEB7C2997ED16C8C2C62409B8064398ED220FA82C59E53AD7E864C24473FCC7F017B897D5855F092A9428957467EFD93F67D3FA302C578328A9484CD0496CC83BEAC96504F9601DA2048D25BF43B5A69E46234A164D854B89DF1DEDC36F0304BA5FC035B27E782087C3EC0A81840A3EC042204C63F9698CC74A818428039B23664C409529C4EDD822DF77819805023795EE625D524F12824C1F1FE99546DF75107AFFF7D424C4C3FB3D0BDA2E9BC0D93603457FFE44FABEAB1E6B62223B201D42784731BEE11E0FF0BF29C930DAF913F974739800522E2B9C4094475A5F35AA92E2939E5719EB4EE19446ADC9ECC7EE6BAB5D264C9E74AB6DE856D541146048341EB51734A34E33EF8D929F645E23FD902CB5676DA9C84C9F46490710DC8CF2AA922252C3885CBD8D0CB1D176CAFEB46A625C56BE949F487C6E35E2CE481F024C889D071D153 36620171218165317 2 6 100 7679 2 DC810DED621062F0CB271F50E716119CBA30A56C758377BD69D70043B8C9ACA2E7EFA9896D324B18FB1A550BDB994533A67258C7EB28B23D1AFB6D3FE0C5C8AD961F2BFAE67E57978F749D3F33A0D9AEAFD817FD663E60298D0DF73E4B27A85B6799D929240EC6C4C59E0D98E0A7875F3FCC3E29394083D1344F78DC70B5E23C108A03B7B81121BEDD2093262B7E32C7AB695AD545D3A99F410199DDD9759FE1EE8502180206841B3C74CB6A939B38707309B421A75FFEC30C977F91A9F9F3C9F65EF2EA6251E72F8A65C7753815C188320E91B079EDFB9F1D480F529B67075B57523C44895DE2427D32D3935EAC5F46659C5F723C9BB006862EF143A77C384560EB5474F8D034FC8059F6D7BCD9EBD17D2740741FB4025CF87FFE3DAAFF72C8D9D10E1F779AEC56D3C6340426E2D980EAA07C46F2E720D1B8206D2A29162C6CA877FA89C0876DA70FF3A773BDEE1BB5831EFB58A9191430B0DE46EA4F484642F257AC176B74A91A02594D00D2FD30BE4927DED30C4389245EC5ECA93B1B08AFBB86B8012394F8CB874DC092498A2F9B44E27804C039632A192C8329F0DF25B196E6AB5E07FB3732B94990A2F0490FB07D9E33B0AA2830EDB572D7C7968A193B83FF869F65ABEDEC65EB03EA6DF0CD6C077DE627FD3583AFDA1754E655BE7ECF7A2BEAA422E516B26194FAEFEE6F535439B413325E1263E7E797DE9D717540A96AF360F8EE1FD4B190A513E83AEF6BCAB5A245F4A4F129F5F8AED11A558FE968A0CF2E254438384D0EE91BEE99A39696821DBA585144FA65484897CFC517FCE1D1512F792C6996063585F640AC9480220ED1FF3EDC1D7E55344977F71692D6F5DB091821A3F9612B65138848B874A93A71A74039337BF291938B0A8ACA2141BE969DCE4322A276C86C5A8E369EF6717158B46EBE48F8F9BC4F2E46203AC21CDD9F0ED1989F7D964D46D7DA63444C9CADA82AF53E38873A5D3F68868CA4F65748210716658F2A841B3890E773A2623A59073F14A0F2F1B0893FDBE5BA72FC9609DB8E8A56A322E2B4178CE7B2022D741BD256303D926B48D5239B354F611C52B475C62351854D6E27C89231E7E7972C19C7D6F5BEB07D1A1FF827348DA862F422047A2DB7B591AE497578A4BA95CBECFB503F5DC04C0C6A946FFB515F2F0BDC4332F2674706F7C1908B681D8EE3667777092C06DC9CF00F98143F4A1350FCBAEBB5157A5473D33F51778987B35B1D48249A491EE8F8778DE6DC29131F708642884BED0B0D159E1EFE428D18D3631F13A593323F1659FE9E1A708115D2F131DCC3808CE016036FF1D0D9193CBEB2CD1C49F9973E0BCB09A2A9394E2F55C8AA3DD3
36720170715054028 2 6 100 8191 5 DDFBC1CD4FB7E30639422038F1FFBA2CD3EC3915F3C923282C6588F6EB218FF7B24870C0FE4B48213AB0948E101686FB7B0093ED467B6CA413EDD4B0BFE2155AEBC4DA3D2DD0C78DA9AD989A0E989010D6D5E86A123C169E126F97826EE5F602FF641FDF642A107E7538CB61740CBAF69F6C7DC5DD4DF28998AB61B8672F0B74A3A8DD7D165828D69DCC1BAE4D45F707C3894E040BCC0AF7AA810A6D5CB89276217EB7AFAFE4966D68C10318E8C8CB23CA593E8057F29FF9154908B11D6530E6352F9406C81D9DAC5C298979320B4E0DD89203A1F680C8084154D0439DB6C53EDAF6FCC0E8682EC99D345180120AEC810CBB0C2F1B6D1B660ACEAAD5996A5D184659B6A1F11456BA6A5E94D223959D8171C030499A9DB458702CB35CA7E7CD75D26FF5E94640AB8740ECE82559784BB6D5CB4D041D053629BD3F4178077F3F7E280296C46A3F0FBC37813A1AA221FBA2612F0CFE56450E9B1F2C2AE278EC7A7AAB66D61FA9749FE997EDC31131091620897014D33B2386B490CFD80656B7D2EB08C9DA9928798986996D60F74D766EB8988E2FF676E38C587E7A6651AA28BEB8BB56EBBD6E641E92309AEAA671A5F2EC72629442D2C3A4C2B8E4304DC71B342CD116527832078E6B53C1E0A72909615B408E17625F7259ACA98E46359448FC141F57B51A069B8A402AE3A87E10AE7E910F3916BAC6CE716C539E825A06626673DE7EBD899A3982FCC599791E7CA964C0D37BB076708C03DC7C022980974025C0EA9B72CC3D0A03E4626E030E9C857ECF6B3807AC9E8E0F72098C7E80DAA05BFF60394A8374096878F015597DD5B22E65646A7DDC87B5F6AE68594DF39B0BDB2675A32369AD81FD62033146B8DA6A801E918572CBC70DEBA9F70D088D69425733ACE0084E60E7FCB459A5B71F74F711184B1AEA240834D28D049474BB2E7ED1B17AA2B5EB7D274341456834320BE8FB245B1C2B84A096E7E40573FEB7C2997ED16C8C2C62409B8064398ED220FA82C59E53AD7E864C24473FCC7F017B897D5855F092A9428957467EFD93F67D3FA302C578328A9484CD0496CC83BEAC96504F9601DA2048D25BF43B5A69E46234A164D854B89DF1DEDC36F0304BA5FC035B27E782087C3EC0A81840A3EC042204C63F9698CC74A818428039B23664C409529C4EDD822DF77819805023795EE625D524F12824C1F1FE99546DF75107AFFF7D424C4C3FB3D0BDA2E9BC0D93603457FFE44FABEAB1E6B62223B201D42784731BEE11E0FF0BF29C930DAF913F974739800522E2B9C4094475A5F35AA92E2939E5719EB4EE19446ADC9ECC7EE6BAB5D264C9E74AB6DE856D541146048341EB51734A34E33EF8D929F645E23FD902CB5676DA9C84C9F46490710DC8CF2AA922252C3885CBD8D0CB1D176CAFEB46A625C56BE949F487C6E35E2CE481F024C889D4C6B33F 36720171218195505 2 6 100 7679 2 DC810DED621062F0CB271F50E716119CBA30A56C758377BD69D70043B8C9ACA2E7EFA9896D324B18FB1A550BDB994533A67258C7EB28B23D1AFB6D3FE0C5C8AD961F2BFAE67E57978F749D3F33A0D9AEAFD817FD663E60298D0DF73E4B27A85B6799D929240EC6C4C59E0D98E0A7875F3FCC3E29394083D1344F78DC70B5E23C108A03B7B81121BEDD2093262B7E32C7AB695AD545D3A99F410199DDD9759FE1EE8502180206841B3C74CB6A939B38707309B421A75FFEC30C977F91A9F9F3C9F65EF2EA6251E72F8A65C7753815C188320E91B079EDFB9F1D480F529B67075B57523C44895DE2427D32D3935EAC5F46659C5F723C9BB006862EF143A77C384560EB5474F8D034FC8059F6D7BCD9EBD17D2740741FB4025CF87FFE3DAAFF72C8D9D10E1F779AEC56D3C6340426E2D980EAA07C46F2E720D1B8206D2A29162C6CA877FA89C0876DA70FF3A773BDEE1BB5831EFB58A9191430B0DE46EA4F484642F257AC176B74A91A02594D00D2FD30BE4927DED30C4389245EC5ECA93B1B08AFBB86B8012394F8CB874DC092498A2F9B44E27804C039632A192C8329F0DF25B196E6AB5E07FB3732B94990A2F0490FB07D9E33B0AA2830EDB572D7C7968A193B83FF869F65ABEDEC65EB03EA6DF0CD6C077DE627FD3583AFDA1754E655BE7ECF7A2BEAA422E516B26194FAEFEE6F535439B413325E1263E7E797DE9D717540A96AF360F8EE1FD4B190A513E83AEF6BCAB5A245F4A4F129F5F8AED11A558FE968A0CF2E254438384D0EE91BEE99A39696821DBA585144FA65484897CFC517FCE1D1512F792C6996063585F640AC9480220ED1FF3EDC1D7E55344977F71692D6F5DB091821A3F9612B65138848B874A93A71A74039337BF291938B0A8ACA2141BE969DCE4322A276C86C5A8E369EF6717158B46EBE48F8F9BC4F2E46203AC21CDD9F0ED1989F7D964D46D7DA63444C9CADA82AF53E38873A5D3F68868CA4F65748210716658F2A841B3890E773A2623A59073F14A0F2F1B0893FDBE5BA72FC9609DB8E8A56A322E2B4178CE7B2022D741BD256303D926B48D5239B354F611C52B475C62351854D6E27C89231E7E7972C19C7D6F5BEB07D1A1FF827348DA862F422047A2DB7B591AE497578A4BA95CBECFB503F5DC04C0C6A946FFB515F2F0BDC4332F2674706F7C1908B681D8EE3667777092C06DC9CF00F98143F4A1350FCBAEBB5157A5473D33F51778987B35B1D48249A491EE8F8778DE6DC29131F708642884BED0B0D159E1EFE428D18D3631F13A593323F1659FE9E1A708115D2F131DCC3808CE016036FF1D0D9193CBEB2CD1C49F9973E0BCB09A2A9394E2F55CABFB253
36820170715152910 2 6 100 8191 2 DDFBC1CD4FB7E30639422038F1FFBA2CD3EC3915F3C923282C6588F6EB218FF7B24870C0FE4B48213AB0948E101686FB7B0093ED467B6CA413EDD4B0BFE2155AEBC4DA3D2DD0C78DA9AD989A0E989010D6D5E86A123C169E126F97826EE5F602FF641FDF642A107E7538CB61740CBAF69F6C7DC5DD4DF28998AB61B8672F0B74A3A8DD7D165828D69DCC1BAE4D45F707C3894E040BCC0AF7AA810A6D5CB89276217EB7AFAFE4966D68C10318E8C8CB23CA593E8057F29FF9154908B11D6530E6352F9406C81D9DAC5C298979320B4E0DD89203A1F680C8084154D0439DB6C53EDAF6FCC0E8682EC99D345180120AEC810CBB0C2F1B6D1B660ACEAAD5996A5D184659B6A1F11456BA6A5E94D223959D8171C030499A9DB458702CB35CA7E7CD75D26FF5E94640AB8740ECE82559784BB6D5CB4D041D053629BD3F4178077F3F7E280296C46A3F0FBC37813A1AA221FBA2612F0CFE56450E9B1F2C2AE278EC7A7AAB66D61FA9749FE997EDC31131091620897014D33B2386B490CFD80656B7D2EB08C9DA9928798986996D60F74D766EB8988E2FF676E38C587E7A6651AA28BEB8BB56EBBD6E641E92309AEAA671A5F2EC72629442D2C3A4C2B8E4304DC71B342CD116527832078E6B53C1E0A72909615B408E17625F7259ACA98E46359448FC141F57B51A069B8A402AE3A87E10AE7E910F3916BAC6CE716C539E825A06626673DE7EBD899A3982FCC599791E7CA964C0D37BB076708C03DC7C022980974025C0EA9B72CC3D0A03E4626E030E9C857ECF6B3807AC9E8E0F72098C7E80DAA05BFF60394A8374096878F015597DD5B22E65646A7DDC87B5F6AE68594DF39B0BDB2675A32369AD81FD62033146B8DA6A801E918572CBC70DEBA9F70D088D69425733ACE0084E60E7FCB459A5B71F74F711184B1AEA240834D28D049474BB2E7ED1B17AA2B5EB7D274341456834320BE8FB245B1C2B84A096E7E40573FEB7C2997ED16C8C2C62409B8064398ED220FA82C59E53AD7E864C24473FCC7F017B897D5855F092A9428957467EFD93F67D3FA302C578328A9484CD0496CC83BEAC96504F9601DA2048D25BF43B5A69E46234A164D854B89DF1DEDC36F0304BA5FC035B27E782087C3EC0A81840A3EC042204C63F9698CC74A818428039B23664C409529C4EDD822DF77819805023795EE625D524F12824C1F1FE99546DF75107AFFF7D424C4C3FB3D0BDA2E9BC0D93603457FFE44FABEAB1E6B62223B201D42784731BEE11E0FF0BF29C930DAF913F974739800522E2B9C4094475A5F35AA92E2939E5719EB4EE19446ADC9ECC7EE6BAB5D264C9E74AB6DE856D541146048341EB51734A34E33EF8D929F645E23FD902CB5676DA9C84C9F46490710DC8CF2AA922252C3885CBD8D0CB1D176CAFEB46A625C56BE949F487C6E35E2CE481F024C889DB4248D3 36820171219124324 2 6 100 8191 2 EE490FB8716A6562BB33AA7C81BBFDCF2BC4C7257F68FC888B014D4D06FF9501EDEC5B4B462DBA35A9C6E541F218CB4A44F6F9FC88F4B4CC522803FA78E320467D89DC594A89B9718278C390023E9A367EDC39614216835EC52511F0ABAD50A37B742603D8ECA51491AC9A0F61B8A0AE8C09831869F2BF140277A0DA761C57856191FB3D6BCA46D51AC32A52FA6012B8AF5531F1E361751EC530B502B9001CAD88C0E921D4F809CA97C06278C0503B17BAE6B082168C34AB558BAC649EC3A69D2D136804E89B4FC952AF03C5056A6CA50D130934CBA7FA852BB950328E6BA2BFCF86C7319C96E5AC7172B03A000D678E4734BF756645816DCFA5710D65F77B994C1D12000502CC31478258694CFEE378707F7111E7337A0EBBD8EA3E91459AEB73B310DEE37464DF317FB6BBBD6A4DB32B505F7F6D0D5A6C8BE439514BAA032CB41864647F64F18B414BA2A2BF7AEF787D1F84B2EFDF5935857C9A6167CA426109FEBA69EE58FEF126F3F98FBC46570EF50DD3F502044DBD580E5DCFD214DA8788B7104D4A77C4006AC153E704B395F061118D5898155A7BC758C13D6D9B381F40B1998FFBB520D78110956D7E01EB07F2AA4CE132C3CDE594E3FEF45F2FD2C6B8B2C75B8C232DEC3C82BDF494E846D8AD466F8F234FE2698C90B203C989F9EBE77DF2126CE4C765E19BCBC628F6B70FFEE9214B88E27CF989939EF396D513BDD2CA737EDB8C6845E5883D283445F3FB8F662F0CFC29F405A592C8C0D68575361B09BA4D1398D61B552D239F897D84B8D46A6E1B113D76AE9BABA8D5617B3ACC1A8F4AFBA8597BA96CF872A5AE48BE79A44771937D01D0EF76C99C1C99C7EE94DBDFE3FBA41B69DEC9F4B1858E3D4F488CAEA52692C9334ADB39A8FEDC815A1E4D7057AE7CF4BD2A67B02141F98306D4A67C759414F03AE3A9D2C0F1090B29C8833E3500ED05FF6175D29408D8DB6D0651AFC77142FA7F44114274C0575B4F2EAF27714B56F450DE6F02423B4BEDC090E91ECD92F5DF5B9D053E095149B069FB60D51BB700A188EABD493773B7BEBA99CA21E981BF14188926E5F2DB6348B8E85AE4E2D498F116C9A240567F71B9D86B8173A42BA29100F02322DE24241DF8333F7A7A2A8C71513B734BC7E35D25F469B27F9B0883E1B62E1C4FC60FC6EB4A1E9B1AD1DD26A8D64D27944577E8ABE51EA225B0FFE27B5592D6EA5FBAA81BE6E3657FBBE67D359D0D18622545E8C1093D542F31FEBD00E0C687BB66D6F4E8F3FA0AD435F303F1108CE3604FF199E5DBF7E7309EBECA4ADB0F2AED26B87E7B50C23F0AA8370EEABFEEF273B64EFAD3167D78689907C500FAB9AC160968BA738AC40B23F50BEAD01C6343D7B7190034C79FFDD250938A84E499D5583F5213287F495DF9008DB8A9A51DFEA454A8215683A53A6A5CE5BFDA0D827704203ABF9DA753
36920170715213011 2 6 100 8191 2 DDFBC1CD4FB7E30639422038F1FFBA2CD3EC3915F3C923282C6588F6EB218FF7B24870C0FE4B48213AB0948E101686FB7B0093ED467B6CA413EDD4B0BFE2155AEBC4DA3D2DD0C78DA9AD989A0E989010D6D5E86A123C169E126F97826EE5F602FF641FDF642A107E7538CB61740CBAF69F6C7DC5DD4DF28998AB61B8672F0B74A3A8DD7D165828D69DCC1BAE4D45F707C3894E040BCC0AF7AA810A6D5CB89276217EB7AFAFE4966D68C10318E8C8CB23CA593E8057F29FF9154908B11D6530E6352F9406C81D9DAC5C298979320B4E0DD89203A1F680C8084154D0439DB6C53EDAF6FCC0E8682EC99D345180120AEC810CBB0C2F1B6D1B660ACEAAD5996A5D184659B6A1F11456BA6A5E94D223959D8171C030499A9DB458702CB35CA7E7CD75D26FF5E94640AB8740ECE82559784BB6D5CB4D041D053629BD3F4178077F3F7E280296C46A3F0FBC37813A1AA221FBA2612F0CFE56450E9B1F2C2AE278EC7A7AAB66D61FA9749FE997EDC31131091620897014D33B2386B490CFD80656B7D2EB08C9DA9928798986996D60F74D766EB8988E2FF676E38C587E7A6651AA28BEB8BB56EBBD6E641E92309AEAA671A5F2EC72629442D2C3A4C2B8E4304DC71B342CD116527832078E6B53C1E0A72909615B408E17625F7259ACA98E46359448FC141F57B51A069B8A402AE3A87E10AE7E910F3916BAC6CE716C539E825A06626673DE7EBD899A3982FCC599791E7CA964C0D37BB076708C03DC7C022980974025C0EA9B72CC3D0A03E4626E030E9C857ECF6B3807AC9E8E0F72098C7E80DAA05BFF60394A8374096878F015597DD5B22E65646A7DDC87B5F6AE68594DF39B0BDB2675A32369AD81FD62033146B8DA6A801E918572CBC70DEBA9F70D088D69425733ACE0084E60E7FCB459A5B71F74F711184B1AEA240834D28D049474BB2E7ED1B17AA2B5EB7D274341456834320BE8FB245B1C2B84A096E7E40573FEB7C2997ED16C8C2C62409B8064398ED220FA82C59E53AD7E864C24473FCC7F017B897D5855F092A9428957467EFD93F67D3FA302C578328A9484CD0496CC83BEAC96504F9601DA2048D25BF43B5A69E46234A164D854B89DF1DEDC36F0304BA5FC035B27E782087C3EC0A81840A3EC042204C63F9698CC74A818428039B23664C409529C4EDD822DF77819805023795EE625D524F12824C1F1FE99546DF75107AFFF7D424C4C3FB3D0BDA2E9BC0D93603457FFE44FABEAB1E6B62223B201D42784731BEE11E0FF0BF29C930DAF913F974739800522E2B9C4094475A5F35AA92E2939E5719EB4EE19446ADC9ECC7EE6BAB5D264C9E74AB6DE856D541146048341EB51734A34E33EF8D929F645E23FD902CB5676DA9C84C9F46490710DC8CF2AA922252C3885CBD8D0CB1D176CAFEB46A625C56BE949F487C6E35E2CE481F024C889DF38680B 36920171220012557 2 6 100 8191 5 EE490FB8716A6562BB33AA7C81BBFDCF2BC4C7257F68FC888B014D4D06FF9501EDEC5B4B462DBA35A9C6E541F218CB4A44F6F9FC88F4B4CC522803FA78E320467D89DC594A89B9718278C390023E9A367EDC39614216835EC52511F0ABAD50A37B742603D8ECA51491AC9A0F61B8A0AE8C09831869F2BF140277A0DA761C57856191FB3D6BCA46D51AC32A52FA6012B8AF5531F1E361751EC530B502B9001CAD88C0E921D4F809CA97C06278C0503B17BAE6B082168C34AB558BAC649EC3A69D2D136804E89B4FC952AF03C5056A6CA50D130934CBA7FA852BB950328E6BA2BFCF86C7319C96E5AC7172B03A000D678E4734BF756645816DCFA5710D65F77B994C1D12000502CC31478258694CFEE378707F7111E7337A0EBBD8EA3E91459AEB73B310DEE37464DF317FB6BBBD6A4DB32B505F7F6D0D5A6C8BE439514BAA032CB41864647F64F18B414BA2A2BF7AEF787D1F84B2EFDF5935857C9A6167CA426109FEBA69EE58FEF126F3F98FBC46570EF50DD3F502044DBD580E5DCFD214DA8788B7104D4A77C4006AC153E704B395F061118D5898155A7BC758C13D6D9B381F40B1998FFBB520D78110956D7E01EB07F2AA4CE132C3CDE594E3FEF45F2FD2C6B8B2C75B8C232DEC3C82BDF494E846D8AD466F8F234FE2698C90B203C989F9EBE77DF2126CE4C765E19BCBC628F6B70FFEE9214B88E27CF989939EF396D513BDD2CA737EDB8C6845E5883D283445F3FB8F662F0CFC29F405A592C8C0D68575361B09BA4D1398D61B552D239F897D84B8D46A6E1B113D76AE9BABA8D5617B3ACC1A8F4AFBA8597BA96CF872A5AE48BE79A44771937D01D0EF76C99C1C99C7EE94DBDFE3FBA41B69DEC9F4B1858E3D4F488CAEA52692C9334ADB39A8FEDC815A1E4D7057AE7CF4BD2A67B02141F98306D4A67C759414F03AE3A9D2C0F1090B29C8833E3500ED05FF6175D29408D8DB6D0651AFC77142FA7F44114274C0575B4F2EAF27714B56F450DE6F02423B4BEDC090E91ECD92F5DF5B9D053E095149B069FB60D51BB700A188EABD493773B7BEBA99CA21E981BF14188926E5F2DB6348B8E85AE4E2D498F116C9A240567F71B9D86B8173A42BA29100F02322DE24241DF8333F7A7A2A8C71513B734BC7E35D25F469B27F9B0883E1B62E1C4FC60FC6EB4A1E9B1AD1DD26A8D64D27944577E8ABE51EA225B0FFE27B5592D6EA5FBAA81BE6E3657FBBE67D359D0D18622545E8C1093D542F31FEBD00E0C687BB66D6F4E8F3FA0AD435F303F1108CE3604FF199E5DBF7E7309EBECA4ADB0F2AED26B87E7B50C23F0AA8370EEABFEEF273B64EFAD3167D78689907C500FAB9AC160968BA738AC40B23F50BEAD01C6343D7B7190034C79FFDD250938A84E499D5583F5213287F495DF9008DB8A9A51DFEA454A8215683A53A6A5CE5BFDA0D827704203AC87B0257
37020170716095854 2 6 100 8191 5 DDFBC1CD4FB7E30639422038F1FFBA2CD3EC3915F3C923282C6588F6EB218FF7B24870C0FE4B48213AB0948E101686FB7B0093ED467B6CA413EDD4B0BFE2155AEBC4DA3D2DD0C78DA9AD989A0E989010D6D5E86A123C169E126F97826EE5F602FF641FDF642A107E7538CB61740CBAF69F6C7DC5DD4DF28998AB61B8672F0B74A3A8DD7D165828D69DCC1BAE4D45F707C3894E040BCC0AF7AA810A6D5CB89276217EB7AFAFE4966D68C10318E8C8CB23CA593E8057F29FF9154908B11D6530E6352F9406C81D9DAC5C298979320B4E0DD89203A1F680C8084154D0439DB6C53EDAF6FCC0E8682EC99D345180120AEC810CBB0C2F1B6D1B660ACEAAD5996A5D184659B6A1F11456BA6A5E94D223959D8171C030499A9DB458702CB35CA7E7CD75D26FF5E94640AB8740ECE82559784BB6D5CB4D041D053629BD3F4178077F3F7E280296C46A3F0FBC37813A1AA221FBA2612F0CFE56450E9B1F2C2AE278EC7A7AAB66D61FA9749FE997EDC31131091620897014D33B2386B490CFD80656B7D2EB08C9DA9928798986996D60F74D766EB8988E2FF676E38C587E7A6651AA28BEB8BB56EBBD6E641E92309AEAA671A5F2EC72629442D2C3A4C2B8E4304DC71B342CD116527832078E6B53C1E0A72909615B408E17625F7259ACA98E46359448FC141F57B51A069B8A402AE3A87E10AE7E910F3916BAC6CE716C539E825A06626673DE7EBD899A3982FCC599791E7CA964C0D37BB076708C03DC7C022980974025C0EA9B72CC3D0A03E4626E030E9C857ECF6B3807AC9E8E0F72098C7E80DAA05BFF60394A8374096878F015597DD5B22E65646A7DDC87B5F6AE68594DF39B0BDB2675A32369AD81FD62033146B8DA6A801E918572CBC70DEBA9F70D088D69425733ACE0084E60E7FCB459A5B71F74F711184B1AEA240834D28D049474BB2E7ED1B17AA2B5EB7D274341456834320BE8FB245B1C2B84A096E7E40573FEB7C2997ED16C8C2C62409B8064398ED220FA82C59E53AD7E864C24473FCC7F017B897D5855F092A9428957467EFD93F67D3FA302C578328A9484CD0496CC83BEAC96504F9601DA2048D25BF43B5A69E46234A164D854B89DF1DEDC36F0304BA5FC035B27E782087C3EC0A81840A3EC042204C63F9698CC74A818428039B23664C409529C4EDD822DF77819805023795EE625D524F12824C1F1FE99546DF75107AFFF7D424C4C3FB3D0BDA2E9BC0D93603457FFE44FABEAB1E6B62223B201D42784731BEE11E0FF0BF29C930DAF913F974739800522E2B9C4094475A5F35AA92E2939E5719EB4EE19446ADC9ECC7EE6BAB5D264C9E74AB6DE856D541146048341EB51734A34E33EF8D929F645E23FD902CB5676DA9C84C9F46490710DC8CF2AA922252C3885CBD8D0CB1D176CAFEB46A625C56BE949F487C6E35E2CE481F024C889E75F9737 37020171220113159 2 6 100 8191 5 EE490FB8716A6562BB33AA7C81BBFDCF2BC4C7257F68FC888B014D4D06FF9501EDEC5B4B462DBA35A9C6E541F218CB4A44F6F9FC88F4B4CC522803FA78E320467D89DC594A89B9718278C390023E9A367EDC39614216835EC52511F0ABAD50A37B742603D8ECA51491AC9A0F61B8A0AE8C09831869F2BF140277A0DA761C57856191FB3D6BCA46D51AC32A52FA6012B8AF5531F1E361751EC530B502B9001CAD88C0E921D4F809CA97C06278C0503B17BAE6B082168C34AB558BAC649EC3A69D2D136804E89B4FC952AF03C5056A6CA50D130934CBA7FA852BB950328E6BA2BFCF86C7319C96E5AC7172B03A000D678E4734BF756645816DCFA5710D65F77B994C1D12000502CC31478258694CFEE378707F7111E7337A0EBBD8EA3E91459AEB73B310DEE37464DF317FB6BBBD6A4DB32B505F7F6D0D5A6C8BE439514BAA032CB41864647F64F18B414BA2A2BF7AEF787D1F84B2EFDF5935857C9A6167CA426109FEBA69EE58FEF126F3F98FBC46570EF50DD3F502044DBD580E5DCFD214DA8788B7104D4A77C4006AC153E704B395F061118D5898155A7BC758C13D6D9B381F40B1998FFBB520D78110956D7E01EB07F2AA4CE132C3CDE594E3FEF45F2FD2C6B8B2C75B8C232DEC3C82BDF494E846D8AD466F8F234FE2698C90B203C989F9EBE77DF2126CE4C765E19BCBC628F6B70FFEE9214B88E27CF989939EF396D513BDD2CA737EDB8C6845E5883D283445F3FB8F662F0CFC29F405A592C8C0D68575361B09BA4D1398D61B552D239F897D84B8D46A6E1B113D76AE9BABA8D5617B3ACC1A8F4AFBA8597BA96CF872A5AE48BE79A44771937D01D0EF76C99C1C99C7EE94DBDFE3FBA41B69DEC9F4B1858E3D4F488CAEA52692C9334ADB39A8FEDC815A1E4D7057AE7CF4BD2A67B02141F98306D4A67C759414F03AE3A9D2C0F1090B29C8833E3500ED05FF6175D29408D8DB6D0651AFC77142FA7F44114274C0575B4F2EAF27714B56F450DE6F02423B4BEDC090E91ECD92F5DF5B9D053E095149B069FB60D51BB700A188EABD493773B7BEBA99CA21E981BF14188926E5F2DB6348B8E85AE4E2D498F116C9A240567F71B9D86B8173A42BA29100F02322DE24241DF8333F7A7A2A8C71513B734BC7E35D25F469B27F9B0883E1B62E1C4FC60FC6EB4A1E9B1AD1DD26A8D64D27944577E8ABE51EA225B0FFE27B5592D6EA5FBAA81BE6E3657FBBE67D359D0D18622545E8C1093D542F31FEBD00E0C687BB66D6F4E8F3FA0AD435F303F1108CE3604FF199E5DBF7E7309EBECA4ADB0F2AED26B87E7B50C23F0AA8370EEABFEEF273B64EFAD3167D78689907C500FAB9AC160968BA738AC40B23F50BEAD01C6343D7B7190034C79FFDD250938A84E499D5583F5213287F495DF9008DB8A9A51DFEA454A8215683A53A6A5CE5BFDA0D827704203ACF6BF797
37120170716115603 2 6 100 8191 5 DDFBC1CD4FB7E30639422038F1FFBA2CD3EC3915F3C923282C6588F6EB218FF7B24870C0FE4B48213AB0948E101686FB7B0093ED467B6CA413EDD4B0BFE2155AEBC4DA3D2DD0C78DA9AD989A0E989010D6D5E86A123C169E126F97826EE5F602FF641FDF642A107E7538CB61740CBAF69F6C7DC5DD4DF28998AB61B8672F0B74A3A8DD7D165828D69DCC1BAE4D45F707C3894E040BCC0AF7AA810A6D5CB89276217EB7AFAFE4966D68C10318E8C8CB23CA593E8057F29FF9154908B11D6530E6352F9406C81D9DAC5C298979320B4E0DD89203A1F680C8084154D0439DB6C53EDAF6FCC0E8682EC99D345180120AEC810CBB0C2F1B6D1B660ACEAAD5996A5D184659B6A1F11456BA6A5E94D223959D8171C030499A9DB458702CB35CA7E7CD75D26FF5E94640AB8740ECE82559784BB6D5CB4D041D053629BD3F4178077F3F7E280296C46A3F0FBC37813A1AA221FBA2612F0CFE56450E9B1F2C2AE278EC7A7AAB66D61FA9749FE997EDC31131091620897014D33B2386B490CFD80656B7D2EB08C9DA9928798986996D60F74D766EB8988E2FF676E38C587E7A6651AA28BEB8BB56EBBD6E641E92309AEAA671A5F2EC72629442D2C3A4C2B8E4304DC71B342CD116527832078E6B53C1E0A72909615B408E17625F7259ACA98E46359448FC141F57B51A069B8A402AE3A87E10AE7E910F3916BAC6CE716C539E825A06626673DE7EBD899A3982FCC599791E7CA964C0D37BB076708C03DC7C022980974025C0EA9B72CC3D0A03E4626E030E9C857ECF6B3807AC9E8E0F72098C7E80DAA05BFF60394A8374096878F015597DD5B22E65646A7DDC87B5F6AE68594DF39B0BDB2675A32369AD81FD62033146B8DA6A801E918572CBC70DEBA9F70D088D69425733ACE0084E60E7FCB459A5B71F74F711184B1AEA240834D28D049474BB2E7ED1B17AA2B5EB7D274341456834320BE8FB245B1C2B84A096E7E40573FEB7C2997ED16C8C2C62409B8064398ED220FA82C59E53AD7E864C24473FCC7F017B897D5855F092A9428957467EFD93F67D3FA302C578328A9484CD0496CC83BEAC96504F9601DA2048D25BF43B5A69E46234A164D854B89DF1DEDC36F0304BA5FC035B27E782087C3EC0A81840A3EC042204C63F9698CC74A818428039B23664C409529C4EDD822DF77819805023795EE625D524F12824C1F1FE99546DF75107AFFF7D424C4C3FB3D0BDA2E9BC0D93603457FFE44FABEAB1E6B62223B201D42784731BEE11E0FF0BF29C930DAF913F974739800522E2B9C4094475A5F35AA92E2939E5719EB4EE19446ADC9ECC7EE6BAB5D264C9E74AB6DE856D541146048341EB51734A34E33EF8D929F645E23FD902CB5676DA9C84C9F46490710DC8CF2AA922252C3885CBD8D0CB1D176CAFEB46A625C56BE949F487C6E35E2CE481F024C889E896321F 37120171220172848 2 6 100 8191 2 EE490FB8716A6562BB33AA7C81BBFDCF2BC4C7257F68FC888B014D4D06FF9501EDEC5B4B462DBA35A9C6E541F218CB4A44F6F9FC88F4B4CC522803FA78E320467D89DC594A89B9718278C390023E9A367EDC39614216835EC52511F0ABAD50A37B742603D8ECA51491AC9A0F61B8A0AE8C09831869F2BF140277A0DA761C57856191FB3D6BCA46D51AC32A52FA6012B8AF5531F1E361751EC530B502B9001CAD88C0E921D4F809CA97C06278C0503B17BAE6B082168C34AB558BAC649EC3A69D2D136804E89B4FC952AF03C5056A6CA50D130934CBA7FA852BB950328E6BA2BFCF86C7319C96E5AC7172B03A000D678E4734BF756645816DCFA5710D65F77B994C1D12000502CC31478258694CFEE378707F7111E7337A0EBBD8EA3E91459AEB73B310DEE37464DF317FB6BBBD6A4DB32B505F7F6D0D5A6C8BE439514BAA032CB41864647F64F18B414BA2A2BF7AEF787D1F84B2EFDF5935857C9A6167CA426109FEBA69EE58FEF126F3F98FBC46570EF50DD3F502044DBD580E5DCFD214DA8788B7104D4A77C4006AC153E704B395F061118D5898155A7BC758C13D6D9B381F40B1998FFBB520D78110956D7E01EB07F2AA4CE132C3CDE594E3FEF45F2FD2C6B8B2C75B8C232DEC3C82BDF494E846D8AD466F8F234FE2698C90B203C989F9EBE77DF2126CE4C765E19BCBC628F6B70FFEE9214B88E27CF989939EF396D513BDD2CA737EDB8C6845E5883D283445F3FB8F662F0CFC29F405A592C8C0D68575361B09BA4D1398D61B552D239F897D84B8D46A6E1B113D76AE9BABA8D5617B3ACC1A8F4AFBA8597BA96CF872A5AE48BE79A44771937D01D0EF76C99C1C99C7EE94DBDFE3FBA41B69DEC9F4B1858E3D4F488CAEA52692C9334ADB39A8FEDC815A1E4D7057AE7CF4BD2A67B02141F98306D4A67C759414F03AE3A9D2C0F1090B29C8833E3500ED05FF6175D29408D8DB6D0651AFC77142FA7F44114274C0575B4F2EAF27714B56F450DE6F02423B4BEDC090E91ECD92F5DF5B9D053E095149B069FB60D51BB700A188EABD493773B7BEBA99CA21E981BF14188926E5F2DB6348B8E85AE4E2D498F116C9A240567F71B9D86B8173A42BA29100F02322DE24241DF8333F7A7A2A8C71513B734BC7E35D25F469B27F9B0883E1B62E1C4FC60FC6EB4A1E9B1AD1DD26A8D64D27944577E8ABE51EA225B0FFE27B5592D6EA5FBAA81BE6E3657FBBE67D359D0D18622545E8C1093D542F31FEBD00E0C687BB66D6F4E8F3FA0AD435F303F1108CE3604FF199E5DBF7E7309EBECA4ADB0F2AED26B87E7B50C23F0AA8370EEABFEEF273B64EFAD3167D78689907C500FAB9AC160968BA738AC40B23F50BEAD01C6343D7B7190034C79FFDD250938A84E499D5583F5213287F495DF9008DB8A9A51DFEA454A8215683A53A6A5CE5BFDA0D827704203AD382D913
37220170717072754 2 6 100 8191 5 DDFBC1CD4FB7E30639422038F1FFBA2CD3EC3915F3C923282C6588F6EB218FF7B24870C0FE4B48213AB0948E101686FB7B0093ED467B6CA413EDD4B0BFE2155AEBC4DA3D2DD0C78DA9AD989A0E989010D6D5E86A123C169E126F97826EE5F602FF641FDF642A107E7538CB61740CBAF69F6C7DC5DD4DF28998AB61B8672F0B74A3A8DD7D165828D69DCC1BAE4D45F707C3894E040BCC0AF7AA810A6D5CB89276217EB7AFAFE4966D68C10318E8C8CB23CA593E8057F29FF9154908B11D6530E6352F9406C81D9DAC5C298979320B4E0DD89203A1F680C8084154D0439DB6C53EDAF6FCC0E8682EC99D345180120AEC810CBB0C2F1B6D1B660ACEAAD5996A5D184659B6A1F11456BA6A5E94D223959D8171C030499A9DB458702CB35CA7E7CD75D26FF5E94640AB8740ECE82559784BB6D5CB4D041D053629BD3F4178077F3F7E280296C46A3F0FBC37813A1AA221FBA2612F0CFE56450E9B1F2C2AE278EC7A7AAB66D61FA9749FE997EDC31131091620897014D33B2386B490CFD80656B7D2EB08C9DA9928798986996D60F74D766EB8988E2FF676E38C587E7A6651AA28BEB8BB56EBBD6E641E92309AEAA671A5F2EC72629442D2C3A4C2B8E4304DC71B342CD116527832078E6B53C1E0A72909615B408E17625F7259ACA98E46359448FC141F57B51A069B8A402AE3A87E10AE7E910F3916BAC6CE716C539E825A06626673DE7EBD899A3982FCC599791E7CA964C0D37BB076708C03DC7C022980974025C0EA9B72CC3D0A03E4626E030E9C857ECF6B3807AC9E8E0F72098C7E80DAA05BFF60394A8374096878F015597DD5B22E65646A7DDC87B5F6AE68594DF39B0BDB2675A32369AD81FD62033146B8DA6A801E918572CBC70DEBA9F70D088D69425733ACE0084E60E7FCB459A5B71F74F711184B1AEA240834D28D049474BB2E7ED1B17AA2B5EB7D274341456834320BE8FB245B1C2B84A096E7E40573FEB7C2997ED16C8C2C62409B8064398ED220FA82C59E53AD7E864C24473FCC7F017B897D5855F092A9428957467EFD93F67D3FA302C578328A9484CD0496CC83BEAC96504F9601DA2048D25BF43B5A69E46234A164D854B89DF1DEDC36F0304BA5FC035B27E782087C3EC0A81840A3EC042204C63F9698CC74A818428039B23664C409529C4EDD822DF77819805023795EE625D524F12824C1F1FE99546DF75107AFFF7D424C4C3FB3D0BDA2E9BC0D93603457FFE44FABEAB1E6B62223B201D42784731BEE11E0FF0BF29C930DAF913F974739800522E2B9C4094475A5F35AA92E2939E5719EB4EE19446ADC9ECC7EE6BAB5D264C9E74AB6DE856D541146048341EB51734A34E33EF8D929F645E23FD902CB5676DA9C84C9F46490710DC8CF2AA922252C3885CBD8D0CB1D176CAFEB46A625C56BE949F487C6E35E2CE481F024C889F528B29F 37220171220184955 2 6 100 8191 5 EE490FB8716A6562BB33AA7C81BBFDCF2BC4C7257F68FC888B014D4D06FF9501EDEC5B4B462DBA35A9C6E541F218CB4A44F6F9FC88F4B4CC522803FA78E320467D89DC594A89B9718278C390023E9A367EDC39614216835EC52511F0ABAD50A37B742603D8ECA51491AC9A0F61B8A0AE8C09831869F2BF140277A0DA761C57856191FB3D6BCA46D51AC32A52FA6012B8AF5531F1E361751EC530B502B9001CAD88C0E921D4F809CA97C06278C0503B17BAE6B082168C34AB558BAC649EC3A69D2D136804E89B4FC952AF03C5056A6CA50D130934CBA7FA852BB950328E6BA2BFCF86C7319C96E5AC7172B03A000D678E4734BF756645816DCFA5710D65F77B994C1D12000502CC31478258694CFEE378707F7111E7337A0EBBD8EA3E91459AEB73B310DEE37464DF317FB6BBBD6A4DB32B505F7F6D0D5A6C8BE439514BAA032CB41864647F64F18B414BA2A2BF7AEF787D1F84B2EFDF5935857C9A6167CA426109FEBA69EE58FEF126F3F98FBC46570EF50DD3F502044DBD580E5DCFD214DA8788B7104D4A77C4006AC153E704B395F061118D5898155A7BC758C13D6D9B381F40B1998FFBB520D78110956D7E01EB07F2AA4CE132C3CDE594E3FEF45F2FD2C6B8B2C75B8C232DEC3C82BDF494E846D8AD466F8F234FE2698C90B203C989F9EBE77DF2126CE4C765E19BCBC628F6B70FFEE9214B88E27CF989939EF396D513BDD2CA737EDB8C6845E5883D283445F3FB8F662F0CFC29F405A592C8C0D68575361B09BA4D1398D61B552D239F897D84B8D46A6E1B113D76AE9BABA8D5617B3ACC1A8F4AFBA8597BA96CF872A5AE48BE79A44771937D01D0EF76C99C1C99C7EE94DBDFE3FBA41B69DEC9F4B1858E3D4F488CAEA52692C9334ADB39A8FEDC815A1E4D7057AE7CF4BD2A67B02141F98306D4A67C759414F03AE3A9D2C0F1090B29C8833E3500ED05FF6175D29408D8DB6D0651AFC77142FA7F44114274C0575B4F2EAF27714B56F450DE6F02423B4BEDC090E91ECD92F5DF5B9D053E095149B069FB60D51BB700A188EABD493773B7BEBA99CA21E981BF14188926E5F2DB6348B8E85AE4E2D498F116C9A240567F71B9D86B8173A42BA29100F02322DE24241DF8333F7A7A2A8C71513B734BC7E35D25F469B27F9B0883E1B62E1C4FC60FC6EB4A1E9B1AD1DD26A8D64D27944577E8ABE51EA225B0FFE27B5592D6EA5FBAA81BE6E3657FBBE67D359D0D18622545E8C1093D542F31FEBD00E0C687BB66D6F4E8F3FA0AD435F303F1108CE3604FF199E5DBF7E7309EBECA4ADB0F2AED26B87E7B50C23F0AA8370EEABFEEF273B64EFAD3167D78689907C500FAB9AC160968BA738AC40B23F50BEAD01C6343D7B7190034C79FFDD250938A84E499D5583F5213287F495DF9008DB8A9A51DFEA454A8215683A53A6A5CE5BFDA0D827704203AD4620FCF
37320170718103850 2 6 100 8191 5 DDFBC1CD4FB7E30639422038F1FFBA2CD3EC3915F3C923282C6588F6EB218FF7B24870C0FE4B48213AB0948E101686FB7B0093ED467B6CA413EDD4B0BFE2155AEBC4DA3D2DD0C78DA9AD989A0E989010D6D5E86A123C169E126F97826EE5F602FF641FDF642A107E7538CB61740CBAF69F6C7DC5DD4DF28998AB61B8672F0B74A3A8DD7D165828D69DCC1BAE4D45F707C3894E040BCC0AF7AA810A6D5CB89276217EB7AFAFE4966D68C10318E8C8CB23CA593E8057F29FF9154908B11D6530E6352F9406C81D9DAC5C298979320B4E0DD89203A1F680C8084154D0439DB6C53EDAF6FCC0E8682EC99D345180120AEC810CBB0C2F1B6D1B660ACEAAD5996A5D184659B6A1F11456BA6A5E94D223959D8171C030499A9DB458702CB35CA7E7CD75D26FF5E94640AB8740ECE82559784BB6D5CB4D041D053629BD3F4178077F3F7E280296C46A3F0FBC37813A1AA221FBA2612F0CFE56450E9B1F2C2AE278EC7A7AAB66D61FA9749FE997EDC31131091620897014D33B2386B490CFD80656B7D2EB08C9DA9928798986996D60F74D766EB8988E2FF676E38C587E7A6651AA28BEB8BB56EBBD6E641E92309AEAA671A5F2EC72629442D2C3A4C2B8E4304DC71B342CD116527832078E6B53C1E0A72909615B408E17625F7259ACA98E46359448FC141F57B51A069B8A402AE3A87E10AE7E910F3916BAC6CE716C539E825A06626673DE7EBD899A3982FCC599791E7CA964C0D37BB076708C03DC7C022980974025C0EA9B72CC3D0A03E4626E030E9C857ECF6B3807AC9E8E0F72098C7E80DAA05BFF60394A8374096878F015597DD5B22E65646A7DDC87B5F6AE68594DF39B0BDB2675A32369AD81FD62033146B8DA6A801E918572CBC70DEBA9F70D088D69425733ACE0084E60E7FCB459A5B71F74F711184B1AEA240834D28D049474BB2E7ED1B17AA2B5EB7D274341456834320BE8FB245B1C2B84A096E7E40573FEB7C2997ED16C8C2C62409B8064398ED220FA82C59E53AD7E864C24473FCC7F017B897D5855F092A9428957467EFD93F67D3FA302C578328A9484CD0496CC83BEAC96504F9601DA2048D25BF43B5A69E46234A164D854B89DF1DEDC36F0304BA5FC035B27E782087C3EC0A81840A3EC042204C63F9698CC74A818428039B23664C409529C4EDD822DF77819805023795EE625D524F12824C1F1FE99546DF75107AFFF7D424C4C3FB3D0BDA2E9BC0D93603457FFE44FABEAB1E6B62223B201D42784731BEE11E0FF0BF29C930DAF913F974739800522E2B9C4094475A5F35AA92E2939E5719EB4EE19446ADC9ECC7EE6BAB5D264C9E74AB6DE856D541146048341EB51734A34E33EF8D929F645E23FD902CB5676DA9C84C9F46490710DC8CF2AA922252C3885CBD8D0CB1D176CAFEB46A625C56BE949F487C6E35E2CE481F024C889FB304F4F 37320171220232754 2 6 100 8191 5 EE490FB8716A6562BB33AA7C81BBFDCF2BC4C7257F68FC888B014D4D06FF9501EDEC5B4B462DBA35A9C6E541F218CB4A44F6F9FC88F4B4CC522803FA78E320467D89DC594A89B9718278C390023E9A367EDC39614216835EC52511F0ABAD50A37B742603D8ECA51491AC9A0F61B8A0AE8C09831869F2BF140277A0DA761C57856191FB3D6BCA46D51AC32A52FA6012B8AF5531F1E361751EC530B502B9001CAD88C0E921D4F809CA97C06278C0503B17BAE6B082168C34AB558BAC649EC3A69D2D136804E89B4FC952AF03C5056A6CA50D130934CBA7FA852BB950328E6BA2BFCF86C7319C96E5AC7172B03A000D678E4734BF756645816DCFA5710D65F77B994C1D12000502CC31478258694CFEE378707F7111E7337A0EBBD8EA3E91459AEB73B310DEE37464DF317FB6BBBD6A4DB32B505F7F6D0D5A6C8BE439514BAA032CB41864647F64F18B414BA2A2BF7AEF787D1F84B2EFDF5935857C9A6167CA426109FEBA69EE58FEF126F3F98FBC46570EF50DD3F502044DBD580E5DCFD214DA8788B7104D4A77C4006AC153E704B395F061118D5898155A7BC758C13D6D9B381F40B1998FFBB520D78110956D7E01EB07F2AA4CE132C3CDE594E3FEF45F2FD2C6B8B2C75B8C232DEC3C82BDF494E846D8AD466F8F234FE2698C90B203C989F9EBE77DF2126CE4C765E19BCBC628F6B70FFEE9214B88E27CF989939EF396D513BDD2CA737EDB8C6845E5883D283445F3FB8F662F0CFC29F405A592C8C0D68575361B09BA4D1398D61B552D239F897D84B8D46A6E1B113D76AE9BABA8D5617B3ACC1A8F4AFBA8597BA96CF872A5AE48BE79A44771937D01D0EF76C99C1C99C7EE94DBDFE3FBA41B69DEC9F4B1858E3D4F488CAEA52692C9334ADB39A8FEDC815A1E4D7057AE7CF4BD2A67B02141F98306D4A67C759414F03AE3A9D2C0F1090B29C8833E3500ED05FF6175D29408D8DB6D0651AFC77142FA7F44114274C0575B4F2EAF27714B56F450DE6F02423B4BEDC090E91ECD92F5DF5B9D053E095149B069FB60D51BB700A188EABD493773B7BEBA99CA21E981BF14188926E5F2DB6348B8E85AE4E2D498F116C9A240567F71B9D86B8173A42BA29100F02322DE24241DF8333F7A7A2A8C71513B734BC7E35D25F469B27F9B0883E1B62E1C4FC60FC6EB4A1E9B1AD1DD26A8D64D27944577E8ABE51EA225B0FFE27B5592D6EA5FBAA81BE6E3657FBBE67D359D0D18622545E8C1093D542F31FEBD00E0C687BB66D6F4E8F3FA0AD435F303F1108CE3604FF199E5DBF7E7309EBECA4ADB0F2AED26B87E7B50C23F0AA8370EEABFEEF273B64EFAD3167D78689907C500FAB9AC160968BA738AC40B23F50BEAD01C6343D7B7190034C79FFDD250938A84E499D5583F5213287F495DF9008DB8A9A51DFEA454A8215683A53A6A5CE5BFDA0D827704203AD788C3AF
37420170718123146 2 6 100 8191 5 DDFBC1CD4FB7E30639422038F1FFBA2CD3EC3915F3C923282C6588F6EB218FF7B24870C0FE4B48213AB0948E101686FB7B0093ED467B6CA413EDD4B0BFE2155AEBC4DA3D2DD0C78DA9AD989A0E989010D6D5E86A123C169E126F97826EE5F602FF641FDF642A107E7538CB61740CBAF69F6C7DC5DD4DF28998AB61B8672F0B74A3A8DD7D165828D69DCC1BAE4D45F707C3894E040BCC0AF7AA810A6D5CB89276217EB7AFAFE4966D68C10318E8C8CB23CA593E8057F29FF9154908B11D6530E6352F9406C81D9DAC5C298979320B4E0DD89203A1F680C8084154D0439DB6C53EDAF6FCC0E8682EC99D345180120AEC810CBB0C2F1B6D1B660ACEAAD5996A5D184659B6A1F11456BA6A5E94D223959D8171C030499A9DB458702CB35CA7E7CD75D26FF5E94640AB8740ECE82559784BB6D5CB4D041D053629BD3F4178077F3F7E280296C46A3F0FBC37813A1AA221FBA2612F0CFE56450E9B1F2C2AE278EC7A7AAB66D61FA9749FE997EDC31131091620897014D33B2386B490CFD80656B7D2EB08C9DA9928798986996D60F74D766EB8988E2FF676E38C587E7A6651AA28BEB8BB56EBBD6E641E92309AEAA671A5F2EC72629442D2C3A4C2B8E4304DC71B342CD116527832078E6B53C1E0A72909615B408E17625F7259ACA98E46359448FC141F57B51A069B8A402AE3A87E10AE7E910F3916BAC6CE716C539E825A06626673DE7EBD899A3982FCC599791E7CA964C0D37BB076708C03DC7C022980974025C0EA9B72CC3D0A03E4626E030E9C857ECF6B3807AC9E8E0F72098C7E80DAA05BFF60394A8374096878F015597DD5B22E65646A7DDC87B5F6AE68594DF39B0BDB2675A32369AD81FD62033146B8DA6A801E918572CBC70DEBA9F70D088D69425733ACE0084E60E7FCB459A5B71F74F711184B1AEA240834D28D049474BB2E7ED1B17AA2B5EB7D274341456834320BE8FB245B1C2B84A096E7E40573FEB7C2997ED16C8C2C62409B8064398ED220FA82C59E53AD7E864C24473FCC7F017B897D5855F092A9428957467EFD93F67D3FA302C578328A9484CD0496CC83BEAC96504F9601DA2048D25BF43B5A69E46234A164D854B89DF1DEDC36F0304BA5FC035B27E782087C3EC0A81840A3EC042204C63F9698CC74A818428039B23664C409529C4EDD822DF77819805023795EE625D524F12824C1F1FE99546DF75107AFFF7D424C4C3FB3D0BDA2E9BC0D93603457FFE44FABEAB1E6B62223B201D42784731BEE11E0FF0BF29C930DAF913F974739800522E2B9C4094475A5F35AA92E2939E5719EB4EE19446ADC9ECC7EE6BAB5D264C9E74AB6DE856D541146048341EB51734A34E33EF8D929F645E23FD902CB5676DA9C84C9F46490710DC8CF2AA922252C3885CBD8D0CB1D176CAFEB46A625C56BE949F487C6E35E2CE481F024C889FC58729F 37420171221050933 2 6 100 8191 5 EE490FB8716A6562BB33AA7C81BBFDCF2BC4C7257F68FC888B014D4D06FF9501EDEC5B4B462DBA35A9C6E541F218CB4A44F6F9FC88F4B4CC522803FA78E320467D89DC594A89B9718278C390023E9A367EDC39614216835EC52511F0ABAD50A37B742603D8ECA51491AC9A0F61B8A0AE8C09831869F2BF140277A0DA761C57856191FB3D6BCA46D51AC32A52FA6012B8AF5531F1E361751EC530B502B9001CAD88C0E921D4F809CA97C06278C0503B17BAE6B082168C34AB558BAC649EC3A69D2D136804E89B4FC952AF03C5056A6CA50D130934CBA7FA852BB950328E6BA2BFCF86C7319C96E5AC7172B03A000D678E4734BF756645816DCFA5710D65F77B994C1D12000502CC31478258694CFEE378707F7111E7337A0EBBD8EA3E91459AEB73B310DEE37464DF317FB6BBBD6A4DB32B505F7F6D0D5A6C8BE439514BAA032CB41864647F64F18B414BA2A2BF7AEF787D1F84B2EFDF5935857C9A6167CA426109FEBA69EE58FEF126F3F98FBC46570EF50DD3F502044DBD580E5DCFD214DA8788B7104D4A77C4006AC153E704B395F061118D5898155A7BC758C13D6D9B381F40B1998FFBB520D78110956D7E01EB07F2AA4CE132C3CDE594E3FEF45F2FD2C6B8B2C75B8C232DEC3C82BDF494E846D8AD466F8F234FE2698C90B203C989F9EBE77DF2126CE4C765E19BCBC628F6B70FFEE9214B88E27CF989939EF396D513BDD2CA737EDB8C6845E5883D283445F3FB8F662F0CFC29F405A592C8C0D68575361B09BA4D1398D61B552D239F897D84B8D46A6E1B113D76AE9BABA8D5617B3ACC1A8F4AFBA8597BA96CF872A5AE48BE79A44771937D01D0EF76C99C1C99C7EE94DBDFE3FBA41B69DEC9F4B1858E3D4F488CAEA52692C9334ADB39A8FEDC815A1E4D7057AE7CF4BD2A67B02141F98306D4A67C759414F03AE3A9D2C0F1090B29C8833E3500ED05FF6175D29408D8DB6D0651AFC77142FA7F44114274C0575B4F2EAF27714B56F450DE6F02423B4BEDC090E91ECD92F5DF5B9D053E095149B069FB60D51BB700A188EABD493773B7BEBA99CA21E981BF14188926E5F2DB6348B8E85AE4E2D498F116C9A240567F71B9D86B8173A42BA29100F02322DE24241DF8333F7A7A2A8C71513B734BC7E35D25F469B27F9B0883E1B62E1C4FC60FC6EB4A1E9B1AD1DD26A8D64D27944577E8ABE51EA225B0FFE27B5592D6EA5FBAA81BE6E3657FBBE67D359D0D18622545E8C1093D542F31FEBD00E0C687BB66D6F4E8F3FA0AD435F303F1108CE3604FF199E5DBF7E7309EBECA4ADB0F2AED26B87E7B50C23F0AA8370EEABFEEF273B64EFAD3167D78689907C500FAB9AC160968BA738AC40B23F50BEAD01C6343D7B7190034C79FFDD250938A84E499D5583F5213287F495DF9008DB8A9A51DFEA454A8215683A53A6A5CE5BFDA0D827704203ADADA05AF
37520170718203220 2 6 100 8191 2 DDFBC1CD4FB7E30639422038F1FFBA2CD3EC3915F3C923282C6588F6EB218FF7B24870C0FE4B48213AB0948E101686FB7B0093ED467B6CA413EDD4B0BFE2155AEBC4DA3D2DD0C78DA9AD989A0E989010D6D5E86A123C169E126F97826EE5F602FF641FDF642A107E7538CB61740CBAF69F6C7DC5DD4DF28998AB61B8672F0B74A3A8DD7D165828D69DCC1BAE4D45F707C3894E040BCC0AF7AA810A6D5CB89276217EB7AFAFE4966D68C10318E8C8CB23CA593E8057F29FF9154908B11D6530E6352F9406C81D9DAC5C298979320B4E0DD89203A1F680C8084154D0439DB6C53EDAF6FCC0E8682EC99D345180120AEC810CBB0C2F1B6D1B660ACEAAD5996A5D184659B6A1F11456BA6A5E94D223959D8171C030499A9DB458702CB35CA7E7CD75D26FF5E94640AB8740ECE82559784BB6D5CB4D041D053629BD3F4178077F3F7E280296C46A3F0FBC37813A1AA221FBA2612F0CFE56450E9B1F2C2AE278EC7A7AAB66D61FA9749FE997EDC31131091620897014D33B2386B490CFD80656B7D2EB08C9DA9928798986996D60F74D766EB8988E2FF676E38C587E7A6651AA28BEB8BB56EBBD6E641E92309AEAA671A5F2EC72629442D2C3A4C2B8E4304DC71B342CD116527832078E6B53C1E0A72909615B408E17625F7259ACA98E46359448FC141F57B51A069B8A402AE3A87E10AE7E910F3916BAC6CE716C539E825A06626673DE7EBD899A3982FCC599791E7CA964C0D37BB076708C03DC7C022980974025C0EA9B72CC3D0A03E4626E030E9C857ECF6B3807AC9E8E0F72098C7E80DAA05BFF60394A8374096878F015597DD5B22E65646A7DDC87B5F6AE68594DF39B0BDB2675A32369AD81FD62033146B8DA6A801E918572CBC70DEBA9F70D088D69425733ACE0084E60E7FCB459A5B71F74F711184B1AEA240834D28D049474BB2E7ED1B17AA2B5EB7D274341456834320BE8FB245B1C2B84A096E7E40573FEB7C2997ED16C8C2C62409B8064398ED220FA82C59E53AD7E864C24473FCC7F017B897D5855F092A9428957467EFD93F67D3FA302C578328A9484CD0496CC83BEAC96504F9601DA2048D25BF43B5A69E46234A164D854B89DF1DEDC36F0304BA5FC035B27E782087C3EC0A81840A3EC042204C63F9698CC74A818428039B23664C409529C4EDD822DF77819805023795EE625D524F12824C1F1FE99546DF75107AFFF7D424C4C3FB3D0BDA2E9BC0D93603457FFE44FABEAB1E6B62223B201D42784731BEE11E0FF0BF29C930DAF913F974739800522E2B9C4094475A5F35AA92E2939E5719EB4EE19446ADC9ECC7EE6BAB5D264C9E74AB6DE856D541146048341EB51734A34E33EF8D929F645E23FD902CB5676DA9C84C9F46490710DC8CF2AA922252C3885CBD8D0CB1D176CAFEB46A625C56BE949F487C6E35E2CE481F024C88A012AA89B 37520171221135413 2 6 100 8191 5 EE490FB8716A6562BB33AA7C81BBFDCF2BC4C7257F68FC888B014D4D06FF9501EDEC5B4B462DBA35A9C6E541F218CB4A44F6F9FC88F4B4CC522803FA78E320467D89DC594A89B9718278C390023E9A367EDC39614216835EC52511F0ABAD50A37B742603D8ECA51491AC9A0F61B8A0AE8C09831869F2BF140277A0DA761C57856191FB3D6BCA46D51AC32A52FA6012B8AF5531F1E361751EC530B502B9001CAD88C0E921D4F809CA97C06278C0503B17BAE6B082168C34AB558BAC649EC3A69D2D136804E89B4FC952AF03C5056A6CA50D130934CBA7FA852BB950328E6BA2BFCF86C7319C96E5AC7172B03A000D678E4734BF756645816DCFA5710D65F77B994C1D12000502CC31478258694CFEE378707F7111E7337A0EBBD8EA3E91459AEB73B310DEE37464DF317FB6BBBD6A4DB32B505F7F6D0D5A6C8BE439514BAA032CB41864647F64F18B414BA2A2BF7AEF787D1F84B2EFDF5935857C9A6167CA426109FEBA69EE58FEF126F3F98FBC46570EF50DD3F502044DBD580E5DCFD214DA8788B7104D4A77C4006AC153E704B395F061118D5898155A7BC758C13D6D9B381F40B1998FFBB520D78110956D7E01EB07F2AA4CE132C3CDE594E3FEF45F2FD2C6B8B2C75B8C232DEC3C82BDF494E846D8AD466F8F234FE2698C90B203C989F9EBE77DF2126CE4C765E19BCBC628F6B70FFEE9214B88E27CF989939EF396D513BDD2CA737EDB8C6845E5883D283445F3FB8F662F0CFC29F405A592C8C0D68575361B09BA4D1398D61B552D239F897D84B8D46A6E1B113D76AE9BABA8D5617B3ACC1A8F4AFBA8597BA96CF872A5AE48BE79A44771937D01D0EF76C99C1C99C7EE94DBDFE3FBA41B69DEC9F4B1858E3D4F488CAEA52692C9334ADB39A8FEDC815A1E4D7057AE7CF4BD2A67B02141F98306D4A67C759414F03AE3A9D2C0F1090B29C8833E3500ED05FF6175D29408D8DB6D0651AFC77142FA7F44114274C0575B4F2EAF27714B56F450DE6F02423B4BEDC090E91ECD92F5DF5B9D053E095149B069FB60D51BB700A188EABD493773B7BEBA99CA21E981BF14188926E5F2DB6348B8E85AE4E2D498F116C9A240567F71B9D86B8173A42BA29100F02322DE24241DF8333F7A7A2A8C71513B734BC7E35D25F469B27F9B0883E1B62E1C4FC60FC6EB4A1E9B1AD1DD26A8D64D27944577E8ABE51EA225B0FFE27B5592D6EA5FBAA81BE6E3657FBBE67D359D0D18622545E8C1093D542F31FEBD00E0C687BB66D6F4E8F3FA0AD435F303F1108CE3604FF199E5DBF7E7309EBECA4ADB0F2AED26B87E7B50C23F0AA8370EEABFEEF273B64EFAD3167D78689907C500FAB9AC160968BA738AC40B23F50BEAD01C6343D7B7190034C79FFDD250938A84E499D5583F5213287F495DF9008DB8A9A51DFEA454A8215683A53A6A5CE5BFDA0D827704203AE091EA4F
37620170718211015 2 6 100 8191 2 DDFBC1CD4FB7E30639422038F1FFBA2CD3EC3915F3C923282C6588F6EB218FF7B24870C0FE4B48213AB0948E101686FB7B0093ED467B6CA413EDD4B0BFE2155AEBC4DA3D2DD0C78DA9AD989A0E989010D6D5E86A123C169E126F97826EE5F602FF641FDF642A107E7538CB61740CBAF69F6C7DC5DD4DF28998AB61B8672F0B74A3A8DD7D165828D69DCC1BAE4D45F707C3894E040BCC0AF7AA810A6D5CB89276217EB7AFAFE4966D68C10318E8C8CB23CA593E8057F29FF9154908B11D6530E6352F9406C81D9DAC5C298979320B4E0DD89203A1F680C8084154D0439DB6C53EDAF6FCC0E8682EC99D345180120AEC810CBB0C2F1B6D1B660ACEAAD5996A5D184659B6A1F11456BA6A5E94D223959D8171C030499A9DB458702CB35CA7E7CD75D26FF5E94640AB8740ECE82559784BB6D5CB4D041D053629BD3F4178077F3F7E280296C46A3F0FBC37813A1AA221FBA2612F0CFE56450E9B1F2C2AE278EC7A7AAB66D61FA9749FE997EDC31131091620897014D33B2386B490CFD80656B7D2EB08C9DA9928798986996D60F74D766EB8988E2FF676E38C587E7A6651AA28BEB8BB56EBBD6E641E92309AEAA671A5F2EC72629442D2C3A4C2B8E4304DC71B342CD116527832078E6B53C1E0A72909615B408E17625F7259ACA98E46359448FC141F57B51A069B8A402AE3A87E10AE7E910F3916BAC6CE716C539E825A06626673DE7EBD899A3982FCC599791E7CA964C0D37BB076708C03DC7C022980974025C0EA9B72CC3D0A03E4626E030E9C857ECF6B3807AC9E8E0F72098C7E80DAA05BFF60394A8374096878F015597DD5B22E65646A7DDC87B5F6AE68594DF39B0BDB2675A32369AD81FD62033146B8DA6A801E918572CBC70DEBA9F70D088D69425733ACE0084E60E7FCB459A5B71F74F711184B1AEA240834D28D049474BB2E7ED1B17AA2B5EB7D274341456834320BE8FB245B1C2B84A096E7E40573FEB7C2997ED16C8C2C62409B8064398ED220FA82C59E53AD7E864C24473FCC7F017B897D5855F092A9428957467EFD93F67D3FA302C578328A9484CD0496CC83BEAC96504F9601DA2048D25BF43B5A69E46234A164D854B89DF1DEDC36F0304BA5FC035B27E782087C3EC0A81840A3EC042204C63F9698CC74A818428039B23664C409529C4EDD822DF77819805023795EE625D524F12824C1F1FE99546DF75107AFFF7D424C4C3FB3D0BDA2E9BC0D93603457FFE44FABEAB1E6B62223B201D42784731BEE11E0FF0BF29C930DAF913F974739800522E2B9C4094475A5F35AA92E2939E5719EB4EE19446ADC9ECC7EE6BAB5D264C9E74AB6DE856D541146048341EB51734A34E33EF8D929F645E23FD902CB5676DA9C84C9F46490710DC8CF2AA922252C3885CBD8D0CB1D176CAFEB46A625C56BE949F487C6E35E2CE481F024C88A0186FF33 37620171221220649 2 6 100 8191 5 EE490FB8716A6562BB33AA7C81BBFDCF2BC4C7257F68FC888B014D4D06FF9501EDEC5B4B462DBA35A9C6E541F218CB4A44F6F9FC88F4B4CC522803FA78E320467D89DC594A89B9718278C390023E9A367EDC39614216835EC52511F0ABAD50A37B742603D8ECA51491AC9A0F61B8A0AE8C09831869F2BF140277A0DA761C57856191FB3D6BCA46D51AC32A52FA6012B8AF5531F1E361751EC530B502B9001CAD88C0E921D4F809CA97C06278C0503B17BAE6B082168C34AB558BAC649EC3A69D2D136804E89B4FC952AF03C5056A6CA50D130934CBA7FA852BB950328E6BA2BFCF86C7319C96E5AC7172B03A000D678E4734BF756645816DCFA5710D65F77B994C1D12000502CC31478258694CFEE378707F7111E7337A0EBBD8EA3E91459AEB73B310DEE37464DF317FB6BBBD6A4DB32B505F7F6D0D5A6C8BE439514BAA032CB41864647F64F18B414BA2A2BF7AEF787D1F84B2EFDF5935857C9A6167CA426109FEBA69EE58FEF126F3F98FBC46570EF50DD3F502044DBD580E5DCFD214DA8788B7104D4A77C4006AC153E704B395F061118D5898155A7BC758C13D6D9B381F40B1998FFBB520D78110956D7E01EB07F2AA4CE132C3CDE594E3FEF45F2FD2C6B8B2C75B8C232DEC3C82BDF494E846D8AD466F8F234FE2698C90B203C989F9EBE77DF2126CE4C765E19BCBC628F6B70FFEE9214B88E27CF989939EF396D513BDD2CA737EDB8C6845E5883D283445F3FB8F662F0CFC29F405A592C8C0D68575361B09BA4D1398D61B552D239F897D84B8D46A6E1B113D76AE9BABA8D5617B3ACC1A8F4AFBA8597BA96CF872A5AE48BE79A44771937D01D0EF76C99C1C99C7EE94DBDFE3FBA41B69DEC9F4B1858E3D4F488CAEA52692C9334ADB39A8FEDC815A1E4D7057AE7CF4BD2A67B02141F98306D4A67C759414F03AE3A9D2C0F1090B29C8833E3500ED05FF6175D29408D8DB6D0651AFC77142FA7F44114274C0575B4F2EAF27714B56F450DE6F02423B4BEDC090E91ECD92F5DF5B9D053E095149B069FB60D51BB700A188EABD493773B7BEBA99CA21E981BF14188926E5F2DB6348B8E85AE4E2D498F116C9A240567F71B9D86B8173A42BA29100F02322DE24241DF8333F7A7A2A8C71513B734BC7E35D25F469B27F9B0883E1B62E1C4FC60FC6EB4A1E9B1AD1DD26A8D64D27944577E8ABE51EA225B0FFE27B5592D6EA5FBAA81BE6E3657FBBE67D359D0D18622545E8C1093D542F31FEBD00E0C687BB66D6F4E8F3FA0AD435F303F1108CE3604FF199E5DBF7E7309EBECA4ADB0F2AED26B87E7B50C23F0AA8370EEABFEEF273B64EFAD3167D78689907C500FAB9AC160968BA738AC40B23F50BEAD01C6343D7B7190034C79FFDD250938A84E499D5583F5213287F495DF9008DB8A9A51DFEA454A8215683A53A6A5CE5BFDA0D827704203AE5EFB017
37720170719070720 2 6 100 8191 5 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA225378FA20B88F 37720171223020323 2 6 100 8191 2 EE490FB8716A6562BB33AA7C81BBFDCF2BC4C7257F68FC888B014D4D06FF9501EDEC5B4B462DBA35A9C6E541F218CB4A44F6F9FC88F4B4CC522803FA78E320467D89DC594A89B9718278C390023E9A367EDC39614216835EC52511F0ABAD50A37B742603D8ECA51491AC9A0F61B8A0AE8C09831869F2BF140277A0DA761C57856191FB3D6BCA46D51AC32A52FA6012B8AF5531F1E361751EC530B502B9001CAD88C0E921D4F809CA97C06278C0503B17BAE6B082168C34AB558BAC649EC3A69D2D136804E89B4FC952AF03C5056A6CA50D130934CBA7FA852BB950328E6BA2BFCF86C7319C96E5AC7172B03A000D678E4734BF756645816DCFA5710D65F77B994C1D12000502CC31478258694CFEE378707F7111E7337A0EBBD8EA3E91459AEB73B310DEE37464DF317FB6BBBD6A4DB32B505F7F6D0D5A6C8BE439514BAA032CB41864647F64F18B414BA2A2BF7AEF787D1F84B2EFDF5935857C9A6167CA426109FEBA69EE58FEF126F3F98FBC46570EF50DD3F502044DBD580E5DCFD214DA8788B7104D4A77C4006AC153E704B395F061118D5898155A7BC758C13D6D9B381F40B1998FFBB520D78110956D7E01EB07F2AA4CE132C3CDE594E3FEF45F2FD2C6B8B2C75B8C232DEC3C82BDF494E846D8AD466F8F234FE2698C90B203C989F9EBE77DF2126CE4C765E19BCBC628F6B70FFEE9214B88E27CF989939EF396D513BDD2CA737EDB8C6845E5883D283445F3FB8F662F0CFC29F405A592C8C0D68575361B09BA4D1398D61B552D239F897D84B8D46A6E1B113D76AE9BABA8D5617B3ACC1A8F4AFBA8597BA96CF872A5AE48BE79A44771937D01D0EF76C99C1C99C7EE94DBDFE3FBA41B69DEC9F4B1858E3D4F488CAEA52692C9334ADB39A8FEDC815A1E4D7057AE7CF4BD2A67B02141F98306D4A67C759414F03AE3A9D2C0F1090B29C8833E3500ED05FF6175D29408D8DB6D0651AFC77142FA7F44114274C0575B4F2EAF27714B56F450DE6F02423B4BEDC090E91ECD92F5DF5B9D053E095149B069FB60D51BB700A188EABD493773B7BEBA99CA21E981BF14188926E5F2DB6348B8E85AE4E2D498F116C9A240567F71B9D86B8173A42BA29100F02322DE24241DF8333F7A7A2A8C71513B734BC7E35D25F469B27F9B0883E1B62E1C4FC60FC6EB4A1E9B1AD1DD26A8D64D27944577E8ABE51EA225B0FFE27B5592D6EA5FBAA81BE6E3657FBBE67D359D0D18622545E8C1093D542F31FEBD00E0C687BB66D6F4E8F3FA0AD435F303F1108CE3604FF199E5DBF7E7309EBECA4ADB0F2AED26B87E7B50C23F0AA8370EEABFEEF273B64EFAD3167D78689907C500FAB9AC160968BA738AC40B23F50BEAD01C6343D7B7190034C79FFDD250938A84E499D5583F5213287F495DF9008DB8A9A51DFEA454A8215683A53A6A5CE5BFDA0D827704203AF8256AAB
37820170719080355 2 6 100 8191 2 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA225378FABF2F5B 37820171223193520 2 6 100 8191 2 EE490FB8716A6562BB33AA7C81BBFDCF2BC4C7257F68FC888B014D4D06FF9501EDEC5B4B462DBA35A9C6E541F218CB4A44F6F9FC88F4B4CC522803FA78E320467D89DC594A89B9718278C390023E9A367EDC39614216835EC52511F0ABAD50A37B742603D8ECA51491AC9A0F61B8A0AE8C09831869F2BF140277A0DA761C57856191FB3D6BCA46D51AC32A52FA6012B8AF5531F1E361751EC530B502B9001CAD88C0E921D4F809CA97C06278C0503B17BAE6B082168C34AB558BAC649EC3A69D2D136804E89B4FC952AF03C5056A6CA50D130934CBA7FA852BB950328E6BA2BFCF86C7319C96E5AC7172B03A000D678E4734BF756645816DCFA5710D65F77B994C1D12000502CC31478258694CFEE378707F7111E7337A0EBBD8EA3E91459AEB73B310DEE37464DF317FB6BBBD6A4DB32B505F7F6D0D5A6C8BE439514BAA032CB41864647F64F18B414BA2A2BF7AEF787D1F84B2EFDF5935857C9A6167CA426109FEBA69EE58FEF126F3F98FBC46570EF50DD3F502044DBD580E5DCFD214DA8788B7104D4A77C4006AC153E704B395F061118D5898155A7BC758C13D6D9B381F40B1998FFBB520D78110956D7E01EB07F2AA4CE132C3CDE594E3FEF45F2FD2C6B8B2C75B8C232DEC3C82BDF494E846D8AD466F8F234FE2698C90B203C989F9EBE77DF2126CE4C765E19BCBC628F6B70FFEE9214B88E27CF989939EF396D513BDD2CA737EDB8C6845E5883D283445F3FB8F662F0CFC29F405A592C8C0D68575361B09BA4D1398D61B552D239F897D84B8D46A6E1B113D76AE9BABA8D5617B3ACC1A8F4AFBA8597BA96CF872A5AE48BE79A44771937D01D0EF76C99C1C99C7EE94DBDFE3FBA41B69DEC9F4B1858E3D4F488CAEA52692C9334ADB39A8FEDC815A1E4D7057AE7CF4BD2A67B02141F98306D4A67C759414F03AE3A9D2C0F1090B29C8833E3500ED05FF6175D29408D8DB6D0651AFC77142FA7F44114274C0575B4F2EAF27714B56F450DE6F02423B4BEDC090E91ECD92F5DF5B9D053E095149B069FB60D51BB700A188EABD493773B7BEBA99CA21E981BF14188926E5F2DB6348B8E85AE4E2D498F116C9A240567F71B9D86B8173A42BA29100F02322DE24241DF8333F7A7A2A8C71513B734BC7E35D25F469B27F9B0883E1B62E1C4FC60FC6EB4A1E9B1AD1DD26A8D64D27944577E8ABE51EA225B0FFE27B5592D6EA5FBAA81BE6E3657FBBE67D359D0D18622545E8C1093D542F31FEBD00E0C687BB66D6F4E8F3FA0AD435F303F1108CE3604FF199E5DBF7E7309EBECA4ADB0F2AED26B87E7B50C23F0AA8370EEABFEEF273B64EFAD3167D78689907C500FAB9AC160968BA738AC40B23F50BEAD01C6343D7B7190034C79FFDD250938A84E499D5583F5213287F495DF9008DB8A9A51DFEA454A8215683A53A6A5CE5BFDA0D827704203B035D92A3
37920170719081323 2 6 100 8191 5 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA225378FAD37237 37920171223214753 2 6 100 8191 2 EE490FB8716A6562BB33AA7C81BBFDCF2BC4C7257F68FC888B014D4D06FF9501EDEC5B4B462DBA35A9C6E541F218CB4A44F6F9FC88F4B4CC522803FA78E320467D89DC594A89B9718278C390023E9A367EDC39614216835EC52511F0ABAD50A37B742603D8ECA51491AC9A0F61B8A0AE8C09831869F2BF140277A0DA761C57856191FB3D6BCA46D51AC32A52FA6012B8AF5531F1E361751EC530B502B9001CAD88C0E921D4F809CA97C06278C0503B17BAE6B082168C34AB558BAC649EC3A69D2D136804E89B4FC952AF03C5056A6CA50D130934CBA7FA852BB950328E6BA2BFCF86C7319C96E5AC7172B03A000D678E4734BF756645816DCFA5710D65F77B994C1D12000502CC31478258694CFEE378707F7111E7337A0EBBD8EA3E91459AEB73B310DEE37464DF317FB6BBBD6A4DB32B505F7F6D0D5A6C8BE439514BAA032CB41864647F64F18B414BA2A2BF7AEF787D1F84B2EFDF5935857C9A6167CA426109FEBA69EE58FEF126F3F98FBC46570EF50DD3F502044DBD580E5DCFD214DA8788B7104D4A77C4006AC153E704B395F061118D5898155A7BC758C13D6D9B381F40B1998FFBB520D78110956D7E01EB07F2AA4CE132C3CDE594E3FEF45F2FD2C6B8B2C75B8C232DEC3C82BDF494E846D8AD466F8F234FE2698C90B203C989F9EBE77DF2126CE4C765E19BCBC628F6B70FFEE9214B88E27CF989939EF396D513BDD2CA737EDB8C6845E5883D283445F3FB8F662F0CFC29F405A592C8C0D68575361B09BA4D1398D61B552D239F897D84B8D46A6E1B113D76AE9BABA8D5617B3ACC1A8F4AFBA8597BA96CF872A5AE48BE79A44771937D01D0EF76C99C1C99C7EE94DBDFE3FBA41B69DEC9F4B1858E3D4F488CAEA52692C9334ADB39A8FEDC815A1E4D7057AE7CF4BD2A67B02141F98306D4A67C759414F03AE3A9D2C0F1090B29C8833E3500ED05FF6175D29408D8DB6D0651AFC77142FA7F44114274C0575B4F2EAF27714B56F450DE6F02423B4BEDC090E91ECD92F5DF5B9D053E095149B069FB60D51BB700A188EABD493773B7BEBA99CA21E981BF14188926E5F2DB6348B8E85AE4E2D498F116C9A240567F71B9D86B8173A42BA29100F02322DE24241DF8333F7A7A2A8C71513B734BC7E35D25F469B27F9B0883E1B62E1C4FC60FC6EB4A1E9B1AD1DD26A8D64D27944577E8ABE51EA225B0FFE27B5592D6EA5FBAA81BE6E3657FBBE67D359D0D18622545E8C1093D542F31FEBD00E0C687BB66D6F4E8F3FA0AD435F303F1108CE3604FF199E5DBF7E7309EBECA4ADB0F2AED26B87E7B50C23F0AA8370EEABFEEF273B64EFAD3167D78689907C500FAB9AC160968BA738AC40B23F50BEAD01C6343D7B7190034C79FFDD250938A84E499D5583F5213287F495DF9008DB8A9A51DFEA454A8215683A53A6A5CE5BFDA0D827704203B04C1A663
38020170719083433 2 6 100 8191 2 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA225378FB0C1BEB 38020171224021554 2 6 100 8191 2 EE490FB8716A6562BB33AA7C81BBFDCF2BC4C7257F68FC888B014D4D06FF9501EDEC5B4B462DBA35A9C6E541F218CB4A44F6F9FC88F4B4CC522803FA78E320467D89DC594A89B9718278C390023E9A367EDC39614216835EC52511F0ABAD50A37B742603D8ECA51491AC9A0F61B8A0AE8C09831869F2BF140277A0DA761C57856191FB3D6BCA46D51AC32A52FA6012B8AF5531F1E361751EC530B502B9001CAD88C0E921D4F809CA97C06278C0503B17BAE6B082168C34AB558BAC649EC3A69D2D136804E89B4FC952AF03C5056A6CA50D130934CBA7FA852BB950328E6BA2BFCF86C7319C96E5AC7172B03A000D678E4734BF756645816DCFA5710D65F77B994C1D12000502CC31478258694CFEE378707F7111E7337A0EBBD8EA3E91459AEB73B310DEE37464DF317FB6BBBD6A4DB32B505F7F6D0D5A6C8BE439514BAA032CB41864647F64F18B414BA2A2BF7AEF787D1F84B2EFDF5935857C9A6167CA426109FEBA69EE58FEF126F3F98FBC46570EF50DD3F502044DBD580E5DCFD214DA8788B7104D4A77C4006AC153E704B395F061118D5898155A7BC758C13D6D9B381F40B1998FFBB520D78110956D7E01EB07F2AA4CE132C3CDE594E3FEF45F2FD2C6B8B2C75B8C232DEC3C82BDF494E846D8AD466F8F234FE2698C90B203C989F9EBE77DF2126CE4C765E19BCBC628F6B70FFEE9214B88E27CF989939EF396D513BDD2CA737EDB8C6845E5883D283445F3FB8F662F0CFC29F405A592C8C0D68575361B09BA4D1398D61B552D239F897D84B8D46A6E1B113D76AE9BABA8D5617B3ACC1A8F4AFBA8597BA96CF872A5AE48BE79A44771937D01D0EF76C99C1C99C7EE94DBDFE3FBA41B69DEC9F4B1858E3D4F488CAEA52692C9334ADB39A8FEDC815A1E4D7057AE7CF4BD2A67B02141F98306D4A67C759414F03AE3A9D2C0F1090B29C8833E3500ED05FF6175D29408D8DB6D0651AFC77142FA7F44114274C0575B4F2EAF27714B56F450DE6F02423B4BEDC090E91ECD92F5DF5B9D053E095149B069FB60D51BB700A188EABD493773B7BEBA99CA21E981BF14188926E5F2DB6348B8E85AE4E2D498F116C9A240567F71B9D86B8173A42BA29100F02322DE24241DF8333F7A7A2A8C71513B734BC7E35D25F469B27F9B0883E1B62E1C4FC60FC6EB4A1E9B1AD1DD26A8D64D27944577E8ABE51EA225B0FFE27B5592D6EA5FBAA81BE6E3657FBBE67D359D0D18622545E8C1093D542F31FEBD00E0C687BB66D6F4E8F3FA0AD435F303F1108CE3604FF199E5DBF7E7309EBECA4ADB0F2AED26B87E7B50C23F0AA8370EEABFEEF273B64EFAD3167D78689907C500FAB9AC160968BA738AC40B23F50BEAD01C6343D7B7190034C79FFDD250938A84E499D5583F5213287F495DF9008DB8A9A51DFEA454A8215683A53A6A5CE5BFDA0D827704203B078E9D33
38120170719124018 2 6 100 8191 5 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA225378FDE8D93F 38120171224034823 2 6 100 8191 2 EE490FB8716A6562BB33AA7C81BBFDCF2BC4C7257F68FC888B014D4D06FF9501EDEC5B4B462DBA35A9C6E541F218CB4A44F6F9FC88F4B4CC522803FA78E320467D89DC594A89B9718278C390023E9A367EDC39614216835EC52511F0ABAD50A37B742603D8ECA51491AC9A0F61B8A0AE8C09831869F2BF140277A0DA761C57856191FB3D6BCA46D51AC32A52FA6012B8AF5531F1E361751EC530B502B9001CAD88C0E921D4F809CA97C06278C0503B17BAE6B082168C34AB558BAC649EC3A69D2D136804E89B4FC952AF03C5056A6CA50D130934CBA7FA852BB950328E6BA2BFCF86C7319C96E5AC7172B03A000D678E4734BF756645816DCFA5710D65F77B994C1D12000502CC31478258694CFEE378707F7111E7337A0EBBD8EA3E91459AEB73B310DEE37464DF317FB6BBBD6A4DB32B505F7F6D0D5A6C8BE439514BAA032CB41864647F64F18B414BA2A2BF7AEF787D1F84B2EFDF5935857C9A6167CA426109FEBA69EE58FEF126F3F98FBC46570EF50DD3F502044DBD580E5DCFD214DA8788B7104D4A77C4006AC153E704B395F061118D5898155A7BC758C13D6D9B381F40B1998FFBB520D78110956D7E01EB07F2AA4CE132C3CDE594E3FEF45F2FD2C6B8B2C75B8C232DEC3C82BDF494E846D8AD466F8F234FE2698C90B203C989F9EBE77DF2126CE4C765E19BCBC628F6B70FFEE9214B88E27CF989939EF396D513BDD2CA737EDB8C6845E5883D283445F3FB8F662F0CFC29F405A592C8C0D68575361B09BA4D1398D61B552D239F897D84B8D46A6E1B113D76AE9BABA8D5617B3ACC1A8F4AFBA8597BA96CF872A5AE48BE79A44771937D01D0EF76C99C1C99C7EE94DBDFE3FBA41B69DEC9F4B1858E3D4F488CAEA52692C9334ADB39A8FEDC815A1E4D7057AE7CF4BD2A67B02141F98306D4A67C759414F03AE3A9D2C0F1090B29C8833E3500ED05FF6175D29408D8DB6D0651AFC77142FA7F44114274C0575B4F2EAF27714B56F450DE6F02423B4BEDC090E91ECD92F5DF5B9D053E095149B069FB60D51BB700A188EABD493773B7BEBA99CA21E981BF14188926E5F2DB6348B8E85AE4E2D498F116C9A240567F71B9D86B8173A42BA29100F02322DE24241DF8333F7A7A2A8C71513B734BC7E35D25F469B27F9B0883E1B62E1C4FC60FC6EB4A1E9B1AD1DD26A8D64D27944577E8ABE51EA225B0FFE27B5592D6EA5FBAA81BE6E3657FBBE67D359D0D18622545E8C1093D542F31FEBD00E0C687BB66D6F4E8F3FA0AD435F303F1108CE3604FF199E5DBF7E7309EBECA4ADB0F2AED26B87E7B50C23F0AA8370EEABFEEF273B64EFAD3167D78689907C500FAB9AC160968BA738AC40B23F50BEAD01C6343D7B7190034C79FFDD250938A84E499D5583F5213287F495DF9008DB8A9A51DFEA454A8215683A53A6A5CE5BFDA0D827704203B087DB16B
38220170720083815 2 6 100 8191 5 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA2253790C2785C7 38220171224121415 2 6 100 8191 5 EE490FB8716A6562BB33AA7C81BBFDCF2BC4C7257F68FC888B014D4D06FF9501EDEC5B4B462DBA35A9C6E541F218CB4A44F6F9FC88F4B4CC522803FA78E320467D89DC594A89B9718278C390023E9A367EDC39614216835EC52511F0ABAD50A37B742603D8ECA51491AC9A0F61B8A0AE8C09831869F2BF140277A0DA761C57856191FB3D6BCA46D51AC32A52FA6012B8AF5531F1E361751EC530B502B9001CAD88C0E921D4F809CA97C06278C0503B17BAE6B082168C34AB558BAC649EC3A69D2D136804E89B4FC952AF03C5056A6CA50D130934CBA7FA852BB950328E6BA2BFCF86C7319C96E5AC7172B03A000D678E4734BF756645816DCFA5710D65F77B994C1D12000502CC31478258694CFEE378707F7111E7337A0EBBD8EA3E91459AEB73B310DEE37464DF317FB6BBBD6A4DB32B505F7F6D0D5A6C8BE439514BAA032CB41864647F64F18B414BA2A2BF7AEF787D1F84B2EFDF5935857C9A6167CA426109FEBA69EE58FEF126F3F98FBC46570EF50DD3F502044DBD580E5DCFD214DA8788B7104D4A77C4006AC153E704B395F061118D5898155A7BC758C13D6D9B381F40B1998FFBB520D78110956D7E01EB07F2AA4CE132C3CDE594E3FEF45F2FD2C6B8B2C75B8C232DEC3C82BDF494E846D8AD466F8F234FE2698C90B203C989F9EBE77DF2126CE4C765E19BCBC628F6B70FFEE9214B88E27CF989939EF396D513BDD2CA737EDB8C6845E5883D283445F3FB8F662F0CFC29F405A592C8C0D68575361B09BA4D1398D61B552D239F897D84B8D46A6E1B113D76AE9BABA8D5617B3ACC1A8F4AFBA8597BA96CF872A5AE48BE79A44771937D01D0EF76C99C1C99C7EE94DBDFE3FBA41B69DEC9F4B1858E3D4F488CAEA52692C9334ADB39A8FEDC815A1E4D7057AE7CF4BD2A67B02141F98306D4A67C759414F03AE3A9D2C0F1090B29C8833E3500ED05FF6175D29408D8DB6D0651AFC77142FA7F44114274C0575B4F2EAF27714B56F450DE6F02423B4BEDC090E91ECD92F5DF5B9D053E095149B069FB60D51BB700A188EABD493773B7BEBA99CA21E981BF14188926E5F2DB6348B8E85AE4E2D498F116C9A240567F71B9D86B8173A42BA29100F02322DE24241DF8333F7A7A2A8C71513B734BC7E35D25F469B27F9B0883E1B62E1C4FC60FC6EB4A1E9B1AD1DD26A8D64D27944577E8ABE51EA225B0FFE27B5592D6EA5FBAA81BE6E3657FBBE67D359D0D18622545E8C1093D542F31FEBD00E0C687BB66D6F4E8F3FA0AD435F303F1108CE3604FF199E5DBF7E7309EBECA4ADB0F2AED26B87E7B50C23F0AA8370EEABFEEF273B64EFAD3167D78689907C500FAB9AC160968BA738AC40B23F50BEAD01C6343D7B7190034C79FFDD250938A84E499D5583F5213287F495DF9008DB8A9A51DFEA454A8215683A53A6A5CE5BFDA0D827704203B0DB70677
38320170720203303 2 6 100 8191 2 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA225379147CF99B 38320171224130232 2 6 100 8191 5 EE490FB8716A6562BB33AA7C81BBFDCF2BC4C7257F68FC888B014D4D06FF9501EDEC5B4B462DBA35A9C6E541F218CB4A44F6F9FC88F4B4CC522803FA78E320467D89DC594A89B9718278C390023E9A367EDC39614216835EC52511F0ABAD50A37B742603D8ECA51491AC9A0F61B8A0AE8C09831869F2BF140277A0DA761C57856191FB3D6BCA46D51AC32A52FA6012B8AF5531F1E361751EC530B502B9001CAD88C0E921D4F809CA97C06278C0503B17BAE6B082168C34AB558BAC649EC3A69D2D136804E89B4FC952AF03C5056A6CA50D130934CBA7FA852BB950328E6BA2BFCF86C7319C96E5AC7172B03A000D678E4734BF756645816DCFA5710D65F77B994C1D12000502CC31478258694CFEE378707F7111E7337A0EBBD8EA3E91459AEB73B310DEE37464DF317FB6BBBD6A4DB32B505F7F6D0D5A6C8BE439514BAA032CB41864647F64F18B414BA2A2BF7AEF787D1F84B2EFDF5935857C9A6167CA426109FEBA69EE58FEF126F3F98FBC46570EF50DD3F502044DBD580E5DCFD214DA8788B7104D4A77C4006AC153E704B395F061118D5898155A7BC758C13D6D9B381F40B1998FFBB520D78110956D7E01EB07F2AA4CE132C3CDE594E3FEF45F2FD2C6B8B2C75B8C232DEC3C82BDF494E846D8AD466F8F234FE2698C90B203C989F9EBE77DF2126CE4C765E19BCBC628F6B70FFEE9214B88E27CF989939EF396D513BDD2CA737EDB8C6845E5883D283445F3FB8F662F0CFC29F405A592C8C0D68575361B09BA4D1398D61B552D239F897D84B8D46A6E1B113D76AE9BABA8D5617B3ACC1A8F4AFBA8597BA96CF872A5AE48BE79A44771937D01D0EF76C99C1C99C7EE94DBDFE3FBA41B69DEC9F4B1858E3D4F488CAEA52692C9334ADB39A8FEDC815A1E4D7057AE7CF4BD2A67B02141F98306D4A67C759414F03AE3A9D2C0F1090B29C8833E3500ED05FF6175D29408D8DB6D0651AFC77142FA7F44114274C0575B4F2EAF27714B56F450DE6F02423B4BEDC090E91ECD92F5DF5B9D053E095149B069FB60D51BB700A188EABD493773B7BEBA99CA21E981BF14188926E5F2DB6348B8E85AE4E2D498F116C9A240567F71B9D86B8173A42BA29100F02322DE24241DF8333F7A7A2A8C71513B734BC7E35D25F469B27F9B0883E1B62E1C4FC60FC6EB4A1E9B1AD1DD26A8D64D27944577E8ABE51EA225B0FFE27B5592D6EA5FBAA81BE6E3657FBBE67D359D0D18622545E8C1093D542F31FEBD00E0C687BB66D6F4E8F3FA0AD435F303F1108CE3604FF199E5DBF7E7309EBECA4ADB0F2AED26B87E7B50C23F0AA8370EEABFEEF273B64EFAD3167D78689907C500FAB9AC160968BA738AC40B23F50BEAD01C6343D7B7190034C79FFDD250938A84E499D5583F5213287F495DF9008DB8A9A51DFEA454A8215683A53A6A5CE5BFDA0D827704203B0E3090C7
38420170721064950 2 6 100 8191 2 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA2253791BAF7AFB 38420171224135245 2 6 100 8191 2 EE490FB8716A6562BB33AA7C81BBFDCF2BC4C7257F68FC888B014D4D06FF9501EDEC5B4B462DBA35A9C6E541F218CB4A44F6F9FC88F4B4CC522803FA78E320467D89DC594A89B9718278C390023E9A367EDC39614216835EC52511F0ABAD50A37B742603D8ECA51491AC9A0F61B8A0AE8C09831869F2BF140277A0DA761C57856191FB3D6BCA46D51AC32A52FA6012B8AF5531F1E361751EC530B502B9001CAD88C0E921D4F809CA97C06278C0503B17BAE6B082168C34AB558BAC649EC3A69D2D136804E89B4FC952AF03C5056A6CA50D130934CBA7FA852BB950328E6BA2BFCF86C7319C96E5AC7172B03A000D678E4734BF756645816DCFA5710D65F77B994C1D12000502CC31478258694CFEE378707F7111E7337A0EBBD8EA3E91459AEB73B310DEE37464DF317FB6BBBD6A4DB32B505F7F6D0D5A6C8BE439514BAA032CB41864647F64F18B414BA2A2BF7AEF787D1F84B2EFDF5935857C9A6167CA426109FEBA69EE58FEF126F3F98FBC46570EF50DD3F502044DBD580E5DCFD214DA8788B7104D4A77C4006AC153E704B395F061118D5898155A7BC758C13D6D9B381F40B1998FFBB520D78110956D7E01EB07F2AA4CE132C3CDE594E3FEF45F2FD2C6B8B2C75B8C232DEC3C82BDF494E846D8AD466F8F234FE2698C90B203C989F9EBE77DF2126CE4C765E19BCBC628F6B70FFEE9214B88E27CF989939EF396D513BDD2CA737EDB8C6845E5883D283445F3FB8F662F0CFC29F405A592C8C0D68575361B09BA4D1398D61B552D239F897D84B8D46A6E1B113D76AE9BABA8D5617B3ACC1A8F4AFBA8597BA96CF872A5AE48BE79A44771937D01D0EF76C99C1C99C7EE94DBDFE3FBA41B69DEC9F4B1858E3D4F488CAEA52692C9334ADB39A8FEDC815A1E4D7057AE7CF4BD2A67B02141F98306D4A67C759414F03AE3A9D2C0F1090B29C8833E3500ED05FF6175D29408D8DB6D0651AFC77142FA7F44114274C0575B4F2EAF27714B56F450DE6F02423B4BEDC090E91ECD92F5DF5B9D053E095149B069FB60D51BB700A188EABD493773B7BEBA99CA21E981BF14188926E5F2DB6348B8E85AE4E2D498F116C9A240567F71B9D86B8173A42BA29100F02322DE24241DF8333F7A7A2A8C71513B734BC7E35D25F469B27F9B0883E1B62E1C4FC60FC6EB4A1E9B1AD1DD26A8D64D27944577E8ABE51EA225B0FFE27B5592D6EA5FBAA81BE6E3657FBBE67D359D0D18622545E8C1093D542F31FEBD00E0C687BB66D6F4E8F3FA0AD435F303F1108CE3604FF199E5DBF7E7309EBECA4ADB0F2AED26B87E7B50C23F0AA8370EEABFEEF273B64EFAD3167D78689907C500FAB9AC160968BA738AC40B23F50BEAD01C6343D7B7190034C79FFDD250938A84E499D5583F5213287F495DF9008DB8A9A51DFEA454A8215683A53A6A5CE5BFDA0D827704203B0EAF8073
38520170721151849 2 6 100 8191 5 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA225379217C124F 38520171224212046 2 6 100 8191 5 EE490FB8716A6562BB33AA7C81BBFDCF2BC4C7257F68FC888B014D4D06FF9501EDEC5B4B462DBA35A9C6E541F218CB4A44F6F9FC88F4B4CC522803FA78E320467D89DC594A89B9718278C390023E9A367EDC39614216835EC52511F0ABAD50A37B742603D8ECA51491AC9A0F61B8A0AE8C09831869F2BF140277A0DA761C57856191FB3D6BCA46D51AC32A52FA6012B8AF5531F1E361751EC530B502B9001CAD88C0E921D4F809CA97C06278C0503B17BAE6B082168C34AB558BAC649EC3A69D2D136804E89B4FC952AF03C5056A6CA50D130934CBA7FA852BB950328E6BA2BFCF86C7319C96E5AC7172B03A000D678E4734BF756645816DCFA5710D65F77B994C1D12000502CC31478258694CFEE378707F7111E7337A0EBBD8EA3E91459AEB73B310DEE37464DF317FB6BBBD6A4DB32B505F7F6D0D5A6C8BE439514BAA032CB41864647F64F18B414BA2A2BF7AEF787D1F84B2EFDF5935857C9A6167CA426109FEBA69EE58FEF126F3F98FBC46570EF50DD3F502044DBD580E5DCFD214DA8788B7104D4A77C4006AC153E704B395F061118D5898155A7BC758C13D6D9B381F40B1998FFBB520D78110956D7E01EB07F2AA4CE132C3CDE594E3FEF45F2FD2C6B8B2C75B8C232DEC3C82BDF494E846D8AD466F8F234FE2698C90B203C989F9EBE77DF2126CE4C765E19BCBC628F6B70FFEE9214B88E27CF989939EF396D513BDD2CA737EDB8C6845E5883D283445F3FB8F662F0CFC29F405A592C8C0D68575361B09BA4D1398D61B552D239F897D84B8D46A6E1B113D76AE9BABA8D5617B3ACC1A8F4AFBA8597BA96CF872A5AE48BE79A44771937D01D0EF76C99C1C99C7EE94DBDFE3FBA41B69DEC9F4B1858E3D4F488CAEA52692C9334ADB39A8FEDC815A1E4D7057AE7CF4BD2A67B02141F98306D4A67C759414F03AE3A9D2C0F1090B29C8833E3500ED05FF6175D29408D8DB6D0651AFC77142FA7F44114274C0575B4F2EAF27714B56F450DE6F02423B4BEDC090E91ECD92F5DF5B9D053E095149B069FB60D51BB700A188EABD493773B7BEBA99CA21E981BF14188926E5F2DB6348B8E85AE4E2D498F116C9A240567F71B9D86B8173A42BA29100F02322DE24241DF8333F7A7A2A8C71513B734BC7E35D25F469B27F9B0883E1B62E1C4FC60FC6EB4A1E9B1AD1DD26A8D64D27944577E8ABE51EA225B0FFE27B5592D6EA5FBAA81BE6E3657FBBE67D359D0D18622545E8C1093D542F31FEBD00E0C687BB66D6F4E8F3FA0AD435F303F1108CE3604FF199E5DBF7E7309EBECA4ADB0F2AED26B87E7B50C23F0AA8370EEABFEEF273B64EFAD3167D78689907C500FAB9AC160968BA738AC40B23F50BEAD01C6343D7B7190034C79FFDD250938A84E499D5583F5213287F495DF9008DB8A9A51DFEA454A8215683A53A6A5CE5BFDA0D827704203B133C2B4F
38620170721220636 2 6 100 8191 2 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA225379260D3263 38620171224212702 2 6 100 8191 2 EE490FB8716A6562BB33AA7C81BBFDCF2BC4C7257F68FC888B014D4D06FF9501EDEC5B4B462DBA35A9C6E541F218CB4A44F6F9FC88F4B4CC522803FA78E320467D89DC594A89B9718278C390023E9A367EDC39614216835EC52511F0ABAD50A37B742603D8ECA51491AC9A0F61B8A0AE8C09831869F2BF140277A0DA761C57856191FB3D6BCA46D51AC32A52FA6012B8AF5531F1E361751EC530B502B9001CAD88C0E921D4F809CA97C06278C0503B17BAE6B082168C34AB558BAC649EC3A69D2D136804E89B4FC952AF03C5056A6CA50D130934CBA7FA852BB950328E6BA2BFCF86C7319C96E5AC7172B03A000D678E4734BF756645816DCFA5710D65F77B994C1D12000502CC31478258694CFEE378707F7111E7337A0EBBD8EA3E91459AEB73B310DEE37464DF317FB6BBBD6A4DB32B505F7F6D0D5A6C8BE439514BAA032CB41864647F64F18B414BA2A2BF7AEF787D1F84B2EFDF5935857C9A6167CA426109FEBA69EE58FEF126F3F98FBC46570EF50DD3F502044DBD580E5DCFD214DA8788B7104D4A77C4006AC153E704B395F061118D5898155A7BC758C13D6D9B381F40B1998FFBB520D78110956D7E01EB07F2AA4CE132C3CDE594E3FEF45F2FD2C6B8B2C75B8C232DEC3C82BDF494E846D8AD466F8F234FE2698C90B203C989F9EBE77DF2126CE4C765E19BCBC628F6B70FFEE9214B88E27CF989939EF396D513BDD2CA737EDB8C6845E5883D283445F3FB8F662F0CFC29F405A592C8C0D68575361B09BA4D1398D61B552D239F897D84B8D46A6E1B113D76AE9BABA8D5617B3ACC1A8F4AFBA8597BA96CF872A5AE48BE79A44771937D01D0EF76C99C1C99C7EE94DBDFE3FBA41B69DEC9F4B1858E3D4F488CAEA52692C9334ADB39A8FEDC815A1E4D7057AE7CF4BD2A67B02141F98306D4A67C759414F03AE3A9D2C0F1090B29C8833E3500ED05FF6175D29408D8DB6D0651AFC77142FA7F44114274C0575B4F2EAF27714B56F450DE6F02423B4BEDC090E91ECD92F5DF5B9D053E095149B069FB60D51BB700A188EABD493773B7BEBA99CA21E981BF14188926E5F2DB6348B8E85AE4E2D498F116C9A240567F71B9D86B8173A42BA29100F02322DE24241DF8333F7A7A2A8C71513B734BC7E35D25F469B27F9B0883E1B62E1C4FC60FC6EB4A1E9B1AD1DD26A8D64D27944577E8ABE51EA225B0FFE27B5592D6EA5FBAA81BE6E3657FBBE67D359D0D18622545E8C1093D542F31FEBD00E0C687BB66D6F4E8F3FA0AD435F303F1108CE3604FF199E5DBF7E7309EBECA4ADB0F2AED26B87E7B50C23F0AA8370EEABFEEF273B64EFAD3167D78689907C500FAB9AC160968BA738AC40B23F50BEAD01C6343D7B7190034C79FFDD250938A84E499D5583F5213287F495DF9008DB8A9A51DFEA454A8215683A53A6A5CE5BFDA0D827704203B13441743
38720170722033935 2 6 100 8191 2 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA22537929DAE9CB 38720171225003349 2 6 100 8191 2 EE490FB8716A6562BB33AA7C81BBFDCF2BC4C7257F68FC888B014D4D06FF9501EDEC5B4B462DBA35A9C6E541F218CB4A44F6F9FC88F4B4CC522803FA78E320467D89DC594A89B9718278C390023E9A367EDC39614216835EC52511F0ABAD50A37B742603D8ECA51491AC9A0F61B8A0AE8C09831869F2BF140277A0DA761C57856191FB3D6BCA46D51AC32A52FA6012B8AF5531F1E361751EC530B502B9001CAD88C0E921D4F809CA97C06278C0503B17BAE6B082168C34AB558BAC649EC3A69D2D136804E89B4FC952AF03C5056A6CA50D130934CBA7FA852BB950328E6BA2BFCF86C7319C96E5AC7172B03A000D678E4734BF756645816DCFA5710D65F77B994C1D12000502CC31478258694CFEE378707F7111E7337A0EBBD8EA3E91459AEB73B310DEE37464DF317FB6BBBD6A4DB32B505F7F6D0D5A6C8BE439514BAA032CB41864647F64F18B414BA2A2BF7AEF787D1F84B2EFDF5935857C9A6167CA426109FEBA69EE58FEF126F3F98FBC46570EF50DD3F502044DBD580E5DCFD214DA8788B7104D4A77C4006AC153E704B395F061118D5898155A7BC758C13D6D9B381F40B1998FFBB520D78110956D7E01EB07F2AA4CE132C3CDE594E3FEF45F2FD2C6B8B2C75B8C232DEC3C82BDF494E846D8AD466F8F234FE2698C90B203C989F9EBE77DF2126CE4C765E19BCBC628F6B70FFEE9214B88E27CF989939EF396D513BDD2CA737EDB8C6845E5883D283445F3FB8F662F0CFC29F405A592C8C0D68575361B09BA4D1398D61B552D239F897D84B8D46A6E1B113D76AE9BABA8D5617B3ACC1A8F4AFBA8597BA96CF872A5AE48BE79A44771937D01D0EF76C99C1C99C7EE94DBDFE3FBA41B69DEC9F4B1858E3D4F488CAEA52692C9334ADB39A8FEDC815A1E4D7057AE7CF4BD2A67B02141F98306D4A67C759414F03AE3A9D2C0F1090B29C8833E3500ED05FF6175D29408D8DB6D0651AFC77142FA7F44114274C0575B4F2EAF27714B56F450DE6F02423B4BEDC090E91ECD92F5DF5B9D053E095149B069FB60D51BB700A188EABD493773B7BEBA99CA21E981BF14188926E5F2DB6348B8E85AE4E2D498F116C9A240567F71B9D86B8173A42BA29100F02322DE24241DF8333F7A7A2A8C71513B734BC7E35D25F469B27F9B0883E1B62E1C4FC60FC6EB4A1E9B1AD1DD26A8D64D27944577E8ABE51EA225B0FFE27B5592D6EA5FBAA81BE6E3657FBBE67D359D0D18622545E8C1093D542F31FEBD00E0C687BB66D6F4E8F3FA0AD435F303F1108CE3604FF199E5DBF7E7309EBECA4ADB0F2AED26B87E7B50C23F0AA8370EEABFEEF273B64EFAD3167D78689907C500FAB9AC160968BA738AC40B23F50BEAD01C6343D7B7190034C79FFDD250938A84E499D5583F5213287F495DF9008DB8A9A51DFEA454A8215683A53A6A5CE5BFDA0D827704203B152CE5AB
38820170722155118 2 6 100 8191 5 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA225379320A3B27 38820171225004348 2 6 100 8191 5 EE490FB8716A6562BB33AA7C81BBFDCF2BC4C7257F68FC888B014D4D06FF9501EDEC5B4B462DBA35A9C6E541F218CB4A44F6F9FC88F4B4CC522803FA78E320467D89DC594A89B9718278C390023E9A367EDC39614216835EC52511F0ABAD50A37B742603D8ECA51491AC9A0F61B8A0AE8C09831869F2BF140277A0DA761C57856191FB3D6BCA46D51AC32A52FA6012B8AF5531F1E361751EC530B502B9001CAD88C0E921D4F809CA97C06278C0503B17BAE6B082168C34AB558BAC649EC3A69D2D136804E89B4FC952AF03C5056A6CA50D130934CBA7FA852BB950328E6BA2BFCF86C7319C96E5AC7172B03A000D678E4734BF756645816DCFA5710D65F77B994C1D12000502CC31478258694CFEE378707F7111E7337A0EBBD8EA3E91459AEB73B310DEE37464DF317FB6BBBD6A4DB32B505F7F6D0D5A6C8BE439514BAA032CB41864647F64F18B414BA2A2BF7AEF787D1F84B2EFDF5935857C9A6167CA426109FEBA69EE58FEF126F3F98FBC46570EF50DD3F502044DBD580E5DCFD214DA8788B7104D4A77C4006AC153E704B395F061118D5898155A7BC758C13D6D9B381F40B1998FFBB520D78110956D7E01EB07F2AA4CE132C3CDE594E3FEF45F2FD2C6B8B2C75B8C232DEC3C82BDF494E846D8AD466F8F234FE2698C90B203C989F9EBE77DF2126CE4C765E19BCBC628F6B70FFEE9214B88E27CF989939EF396D513BDD2CA737EDB8C6845E5883D283445F3FB8F662F0CFC29F405A592C8C0D68575361B09BA4D1398D61B552D239F897D84B8D46A6E1B113D76AE9BABA8D5617B3ACC1A8F4AFBA8597BA96CF872A5AE48BE79A44771937D01D0EF76C99C1C99C7EE94DBDFE3FBA41B69DEC9F4B1858E3D4F488CAEA52692C9334ADB39A8FEDC815A1E4D7057AE7CF4BD2A67B02141F98306D4A67C759414F03AE3A9D2C0F1090B29C8833E3500ED05FF6175D29408D8DB6D0651AFC77142FA7F44114274C0575B4F2EAF27714B56F450DE6F02423B4BEDC090E91ECD92F5DF5B9D053E095149B069FB60D51BB700A188EABD493773B7BEBA99CA21E981BF14188926E5F2DB6348B8E85AE4E2D498F116C9A240567F71B9D86B8173A42BA29100F02322DE24241DF8333F7A7A2A8C71513B734BC7E35D25F469B27F9B0883E1B62E1C4FC60FC6EB4A1E9B1AD1DD26A8D64D27944577E8ABE51EA225B0FFE27B5592D6EA5FBAA81BE6E3657FBBE67D359D0D18622545E8C1093D542F31FEBD00E0C687BB66D6F4E8F3FA0AD435F303F1108CE3604FF199E5DBF7E7309EBECA4ADB0F2AED26B87E7B50C23F0AA8370EEABFEEF273B64EFAD3167D78689907C500FAB9AC160968BA738AC40B23F50BEAD01C6343D7B7190034C79FFDD250938A84E499D5583F5213287F495DF9008DB8A9A51DFEA454A8215683A53A6A5CE5BFDA0D827704203B153F6807
38920170722181755 2 6 100 8191 2 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA22537933A7A623 38920171225041057 2 6 100 8191 5 EE490FB8716A6562BB33AA7C81BBFDCF2BC4C7257F68FC888B014D4D06FF9501EDEC5B4B462DBA35A9C6E541F218CB4A44F6F9FC88F4B4CC522803FA78E320467D89DC594A89B9718278C390023E9A367EDC39614216835EC52511F0ABAD50A37B742603D8ECA51491AC9A0F61B8A0AE8C09831869F2BF140277A0DA761C57856191FB3D6BCA46D51AC32A52FA6012B8AF5531F1E361751EC530B502B9001CAD88C0E921D4F809CA97C06278C0503B17BAE6B082168C34AB558BAC649EC3A69D2D136804E89B4FC952AF03C5056A6CA50D130934CBA7FA852BB950328E6BA2BFCF86C7319C96E5AC7172B03A000D678E4734BF756645816DCFA5710D65F77B994C1D12000502CC31478258694CFEE378707F7111E7337A0EBBD8EA3E91459AEB73B310DEE37464DF317FB6BBBD6A4DB32B505F7F6D0D5A6C8BE439514BAA032CB41864647F64F18B414BA2A2BF7AEF787D1F84B2EFDF5935857C9A6167CA426109FEBA69EE58FEF126F3F98FBC46570EF50DD3F502044DBD580E5DCFD214DA8788B7104D4A77C4006AC153E704B395F061118D5898155A7BC758C13D6D9B381F40B1998FFBB520D78110956D7E01EB07F2AA4CE132C3CDE594E3FEF45F2FD2C6B8B2C75B8C232DEC3C82BDF494E846D8AD466F8F234FE2698C90B203C989F9EBE77DF2126CE4C765E19BCBC628F6B70FFEE9214B88E27CF989939EF396D513BDD2CA737EDB8C6845E5883D283445F3FB8F662F0CFC29F405A592C8C0D68575361B09BA4D1398D61B552D239F897D84B8D46A6E1B113D76AE9BABA8D5617B3ACC1A8F4AFBA8597BA96CF872A5AE48BE79A44771937D01D0EF76C99C1C99C7EE94DBDFE3FBA41B69DEC9F4B1858E3D4F488CAEA52692C9334ADB39A8FEDC815A1E4D7057AE7CF4BD2A67B02141F98306D4A67C759414F03AE3A9D2C0F1090B29C8833E3500ED05FF6175D29408D8DB6D0651AFC77142FA7F44114274C0575B4F2EAF27714B56F450DE6F02423B4BEDC090E91ECD92F5DF5B9D053E095149B069FB60D51BB700A188EABD493773B7BEBA99CA21E981BF14188926E5F2DB6348B8E85AE4E2D498F116C9A240567F71B9D86B8173A42BA29100F02322DE24241DF8333F7A7A2A8C71513B734BC7E35D25F469B27F9B0883E1B62E1C4FC60FC6EB4A1E9B1AD1DD26A8D64D27944577E8ABE51EA225B0FFE27B5592D6EA5FBAA81BE6E3657FBBE67D359D0D18622545E8C1093D542F31FEBD00E0C687BB66D6F4E8F3FA0AD435F303F1108CE3604FF199E5DBF7E7309EBECA4ADB0F2AED26B87E7B50C23F0AA8370EEABFEEF273B64EFAD3167D78689907C500FAB9AC160968BA738AC40B23F50BEAD01C6343D7B7190034C79FFDD250938A84E499D5583F5213287F495DF9008DB8A9A51DFEA454A8215683A53A6A5CE5BFDA0D827704203B176011EF
39020170722212038 2 6 100 8191 2 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA225379359D2C63 39020171225091911 2 6 100 8191 2 EE490FB8716A6562BB33AA7C81BBFDCF2BC4C7257F68FC888B014D4D06FF9501EDEC5B4B462DBA35A9C6E541F218CB4A44F6F9FC88F4B4CC522803FA78E320467D89DC594A89B9718278C390023E9A367EDC39614216835EC52511F0ABAD50A37B742603D8ECA51491AC9A0F61B8A0AE8C09831869F2BF140277A0DA761C57856191FB3D6BCA46D51AC32A52FA6012B8AF5531F1E361751EC530B502B9001CAD88C0E921D4F809CA97C06278C0503B17BAE6B082168C34AB558BAC649EC3A69D2D136804E89B4FC952AF03C5056A6CA50D130934CBA7FA852BB950328E6BA2BFCF86C7319C96E5AC7172B03A000D678E4734BF756645816DCFA5710D65F77B994C1D12000502CC31478258694CFEE378707F7111E7337A0EBBD8EA3E91459AEB73B310DEE37464DF317FB6BBBD6A4DB32B505F7F6D0D5A6C8BE439514BAA032CB41864647F64F18B414BA2A2BF7AEF787D1F84B2EFDF5935857C9A6167CA426109FEBA69EE58FEF126F3F98FBC46570EF50DD3F502044DBD580E5DCFD214DA8788B7104D4A77C4006AC153E704B395F061118D5898155A7BC758C13D6D9B381F40B1998FFBB520D78110956D7E01EB07F2AA4CE132C3CDE594E3FEF45F2FD2C6B8B2C75B8C232DEC3C82BDF494E846D8AD466F8F234FE2698C90B203C989F9EBE77DF2126CE4C765E19BCBC628F6B70FFEE9214B88E27CF989939EF396D513BDD2CA737EDB8C6845E5883D283445F3FB8F662F0CFC29F405A592C8C0D68575361B09BA4D1398D61B552D239F897D84B8D46A6E1B113D76AE9BABA8D5617B3ACC1A8F4AFBA8597BA96CF872A5AE48BE79A44771937D01D0EF76C99C1C99C7EE94DBDFE3FBA41B69DEC9F4B1858E3D4F488CAEA52692C9334ADB39A8FEDC815A1E4D7057AE7CF4BD2A67B02141F98306D4A67C759414F03AE3A9D2C0F1090B29C8833E3500ED05FF6175D29408D8DB6D0651AFC77142FA7F44114274C0575B4F2EAF27714B56F450DE6F02423B4BEDC090E91ECD92F5DF5B9D053E095149B069FB60D51BB700A188EABD493773B7BEBA99CA21E981BF14188926E5F2DB6348B8E85AE4E2D498F116C9A240567F71B9D86B8173A42BA29100F02322DE24241DF8333F7A7A2A8C71513B734BC7E35D25F469B27F9B0883E1B62E1C4FC60FC6EB4A1E9B1AD1DD26A8D64D27944577E8ABE51EA225B0FFE27B5592D6EA5FBAA81BE6E3657FBBE67D359D0D18622545E8C1093D542F31FEBD00E0C687BB66D6F4E8F3FA0AD435F303F1108CE3604FF199E5DBF7E7309EBECA4ADB0F2AED26B87E7B50C23F0AA8370EEABFEEF273B64EFAD3167D78689907C500FAB9AC160968BA738AC40B23F50BEAD01C6343D7B7190034C79FFDD250938A84E499D5583F5213287F495DF9008DB8A9A51DFEA454A8215683A53A6A5CE5BFDA0D827704203B1A71C743
39120170722230812 2 6 100 8191 5 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA22537936C5DA37 39120171225162026 2 6 100 8191 2 EE490FB8716A6562BB33AA7C81BBFDCF2BC4C7257F68FC888B014D4D06FF9501EDEC5B4B462DBA35A9C6E541F218CB4A44F6F9FC88F4B4CC522803FA78E320467D89DC594A89B9718278C390023E9A367EDC39614216835EC52511F0ABAD50A37B742603D8ECA51491AC9A0F61B8A0AE8C09831869F2BF140277A0DA761C57856191FB3D6BCA46D51AC32A52FA6012B8AF5531F1E361751EC530B502B9001CAD88C0E921D4F809CA97C06278C0503B17BAE6B082168C34AB558BAC649EC3A69D2D136804E89B4FC952AF03C5056A6CA50D130934CBA7FA852BB950328E6BA2BFCF86C7319C96E5AC7172B03A000D678E4734BF756645816DCFA5710D65F77B994C1D12000502CC31478258694CFEE378707F7111E7337A0EBBD8EA3E91459AEB73B310DEE37464DF317FB6BBBD6A4DB32B505F7F6D0D5A6C8BE439514BAA032CB41864647F64F18B414BA2A2BF7AEF787D1F84B2EFDF5935857C9A6167CA426109FEBA69EE58FEF126F3F98FBC46570EF50DD3F502044DBD580E5DCFD214DA8788B7104D4A77C4006AC153E704B395F061118D5898155A7BC758C13D6D9B381F40B1998FFBB520D78110956D7E01EB07F2AA4CE132C3CDE594E3FEF45F2FD2C6B8B2C75B8C232DEC3C82BDF494E846D8AD466F8F234FE2698C90B203C989F9EBE77DF2126CE4C765E19BCBC628F6B70FFEE9214B88E27CF989939EF396D513BDD2CA737EDB8C6845E5883D283445F3FB8F662F0CFC29F405A592C8C0D68575361B09BA4D1398D61B552D239F897D84B8D46A6E1B113D76AE9BABA8D5617B3ACC1A8F4AFBA8597BA96CF872A5AE48BE79A44771937D01D0EF76C99C1C99C7EE94DBDFE3FBA41B69DEC9F4B1858E3D4F488CAEA52692C9334ADB39A8FEDC815A1E4D7057AE7CF4BD2A67B02141F98306D4A67C759414F03AE3A9D2C0F1090B29C8833E3500ED05FF6175D29408D8DB6D0651AFC77142FA7F44114274C0575B4F2EAF27714B56F450DE6F02423B4BEDC090E91ECD92F5DF5B9D053E095149B069FB60D51BB700A188EABD493773B7BEBA99CA21E981BF14188926E5F2DB6348B8E85AE4E2D498F116C9A240567F71B9D86B8173A42BA29100F02322DE24241DF8333F7A7A2A8C71513B734BC7E35D25F469B27F9B0883E1B62E1C4FC60FC6EB4A1E9B1AD1DD26A8D64D27944577E8ABE51EA225B0FFE27B5592D6EA5FBAA81BE6E3657FBBE67D359D0D18622545E8C1093D542F31FEBD00E0C687BB66D6F4E8F3FA0AD435F303F1108CE3604FF199E5DBF7E7309EBECA4ADB0F2AED26B87E7B50C23F0AA8370EEABFEEF273B64EFAD3167D78689907C500FAB9AC160968BA738AC40B23F50BEAD01C6343D7B7190034C79FFDD250938A84E499D5583F5213287F495DF9008DB8A9A51DFEA454A8215683A53A6A5CE5BFDA0D827704203B1EB91123
39220170723005838 2 6 100 8191 5 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA22537937F9469F 39220171225192243 2 6 100 8191 2 EE490FB8716A6562BB33AA7C81BBFDCF2BC4C7257F68FC888B014D4D06FF9501EDEC5B4B462DBA35A9C6E541F218CB4A44F6F9FC88F4B4CC522803FA78E320467D89DC594A89B9718278C390023E9A367EDC39614216835EC52511F0ABAD50A37B742603D8ECA51491AC9A0F61B8A0AE8C09831869F2BF140277A0DA761C57856191FB3D6BCA46D51AC32A52FA6012B8AF5531F1E361751EC530B502B9001CAD88C0E921D4F809CA97C06278C0503B17BAE6B082168C34AB558BAC649EC3A69D2D136804E89B4FC952AF03C5056A6CA50D130934CBA7FA852BB950328E6BA2BFCF86C7319C96E5AC7172B03A000D678E4734BF756645816DCFA5710D65F77B994C1D12000502CC31478258694CFEE378707F7111E7337A0EBBD8EA3E91459AEB73B310DEE37464DF317FB6BBBD6A4DB32B505F7F6D0D5A6C8BE439514BAA032CB41864647F64F18B414BA2A2BF7AEF787D1F84B2EFDF5935857C9A6167CA426109FEBA69EE58FEF126F3F98FBC46570EF50DD3F502044DBD580E5DCFD214DA8788B7104D4A77C4006AC153E704B395F061118D5898155A7BC758C13D6D9B381F40B1998FFBB520D78110956D7E01EB07F2AA4CE132C3CDE594E3FEF45F2FD2C6B8B2C75B8C232DEC3C82BDF494E846D8AD466F8F234FE2698C90B203C989F9EBE77DF2126CE4C765E19BCBC628F6B70FFEE9214B88E27CF989939EF396D513BDD2CA737EDB8C6845E5883D283445F3FB8F662F0CFC29F405A592C8C0D68575361B09BA4D1398D61B552D239F897D84B8D46A6E1B113D76AE9BABA8D5617B3ACC1A8F4AFBA8597BA96CF872A5AE48BE79A44771937D01D0EF76C99C1C99C7EE94DBDFE3FBA41B69DEC9F4B1858E3D4F488CAEA52692C9334ADB39A8FEDC815A1E4D7057AE7CF4BD2A67B02141F98306D4A67C759414F03AE3A9D2C0F1090B29C8833E3500ED05FF6175D29408D8DB6D0651AFC77142FA7F44114274C0575B4F2EAF27714B56F450DE6F02423B4BEDC090E91ECD92F5DF5B9D053E095149B069FB60D51BB700A188EABD493773B7BEBA99CA21E981BF14188926E5F2DB6348B8E85AE4E2D498F116C9A240567F71B9D86B8173A42BA29100F02322DE24241DF8333F7A7A2A8C71513B734BC7E35D25F469B27F9B0883E1B62E1C4FC60FC6EB4A1E9B1AD1DD26A8D64D27944577E8ABE51EA225B0FFE27B5592D6EA5FBAA81BE6E3657FBBE67D359D0D18622545E8C1093D542F31FEBD00E0C687BB66D6F4E8F3FA0AD435F303F1108CE3604FF199E5DBF7E7309EBECA4ADB0F2AED26B87E7B50C23F0AA8370EEABFEEF273B64EFAD3167D78689907C500FAB9AC160968BA738AC40B23F50BEAD01C6343D7B7190034C79FFDD250938A84E499D5583F5213287F495DF9008DB8A9A51DFEA454A8215683A53A6A5CE5BFDA0D827704203B20715EBB
39320170723041453 2 6 100 8191 2 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA2253793A1DBF1B 39320171225215524 2 6 100 8191 2 EE490FB8716A6562BB33AA7C81BBFDCF2BC4C7257F68FC888B014D4D06FF9501EDEC5B4B462DBA35A9C6E541F218CB4A44F6F9FC88F4B4CC522803FA78E320467D89DC594A89B9718278C390023E9A367EDC39614216835EC52511F0ABAD50A37B742603D8ECA51491AC9A0F61B8A0AE8C09831869F2BF140277A0DA761C57856191FB3D6BCA46D51AC32A52FA6012B8AF5531F1E361751EC530B502B9001CAD88C0E921D4F809CA97C06278C0503B17BAE6B082168C34AB558BAC649EC3A69D2D136804E89B4FC952AF03C5056A6CA50D130934CBA7FA852BB950328E6BA2BFCF86C7319C96E5AC7172B03A000D678E4734BF756645816DCFA5710D65F77B994C1D12000502CC31478258694CFEE378707F7111E7337A0EBBD8EA3E91459AEB73B310DEE37464DF317FB6BBBD6A4DB32B505F7F6D0D5A6C8BE439514BAA032CB41864647F64F18B414BA2A2BF7AEF787D1F84B2EFDF5935857C9A6167CA426109FEBA69EE58FEF126F3F98FBC46570EF50DD3F502044DBD580E5DCFD214DA8788B7104D4A77C4006AC153E704B395F061118D5898155A7BC758C13D6D9B381F40B1998FFBB520D78110956D7E01EB07F2AA4CE132C3CDE594E3FEF45F2FD2C6B8B2C75B8C232DEC3C82BDF494E846D8AD466F8F234FE2698C90B203C989F9EBE77DF2126CE4C765E19BCBC628F6B70FFEE9214B88E27CF989939EF396D513BDD2CA737EDB8C6845E5883D283445F3FB8F662F0CFC29F405A592C8C0D68575361B09BA4D1398D61B552D239F897D84B8D46A6E1B113D76AE9BABA8D5617B3ACC1A8F4AFBA8597BA96CF872A5AE48BE79A44771937D01D0EF76C99C1C99C7EE94DBDFE3FBA41B69DEC9F4B1858E3D4F488CAEA52692C9334ADB39A8FEDC815A1E4D7057AE7CF4BD2A67B02141F98306D4A67C759414F03AE3A9D2C0F1090B29C8833E3500ED05FF6175D29408D8DB6D0651AFC77142FA7F44114274C0575B4F2EAF27714B56F450DE6F02423B4BEDC090E91ECD92F5DF5B9D053E095149B069FB60D51BB700A188EABD493773B7BEBA99CA21E981BF14188926E5F2DB6348B8E85AE4E2D498F116C9A240567F71B9D86B8173A42BA29100F02322DE24241DF8333F7A7A2A8C71513B734BC7E35D25F469B27F9B0883E1B62E1C4FC60FC6EB4A1E9B1AD1DD26A8D64D27944577E8ABE51EA225B0FFE27B5592D6EA5FBAA81BE6E3657FBBE67D359D0D18622545E8C1093D542F31FEBD00E0C687BB66D6F4E8F3FA0AD435F303F1108CE3604FF199E5DBF7E7309EBECA4ADB0F2AED26B87E7B50C23F0AA8370EEABFEEF273B64EFAD3167D78689907C500FAB9AC160968BA738AC40B23F50BEAD01C6343D7B7190034C79FFDD250938A84E499D5583F5213287F495DF9008DB8A9A51DFEA454A8215683A53A6A5CE5BFDA0D827704203B21F31B1B
39420170723051250 2 6 100 8191 2 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA2253793AB9FC9B 39420171226063458 2 6 100 8191 5 EE490FB8716A6562BB33AA7C81BBFDCF2BC4C7257F68FC888B014D4D06FF9501EDEC5B4B462DBA35A9C6E541F218CB4A44F6F9FC88F4B4CC522803FA78E320467D89DC594A89B9718278C390023E9A367EDC39614216835EC52511F0ABAD50A37B742603D8ECA51491AC9A0F61B8A0AE8C09831869F2BF140277A0DA761C57856191FB3D6BCA46D51AC32A52FA6012B8AF5531F1E361751EC530B502B9001CAD88C0E921D4F809CA97C06278C0503B17BAE6B082168C34AB558BAC649EC3A69D2D136804E89B4FC952AF03C5056A6CA50D130934CBA7FA852BB950328E6BA2BFCF86C7319C96E5AC7172B03A000D678E4734BF756645816DCFA5710D65F77B994C1D12000502CC31478258694CFEE378707F7111E7337A0EBBD8EA3E91459AEB73B310DEE37464DF317FB6BBBD6A4DB32B505F7F6D0D5A6C8BE439514BAA032CB41864647F64F18B414BA2A2BF7AEF787D1F84B2EFDF5935857C9A6167CA426109FEBA69EE58FEF126F3F98FBC46570EF50DD3F502044DBD580E5DCFD214DA8788B7104D4A77C4006AC153E704B395F061118D5898155A7BC758C13D6D9B381F40B1998FFBB520D78110956D7E01EB07F2AA4CE132C3CDE594E3FEF45F2FD2C6B8B2C75B8C232DEC3C82BDF494E846D8AD466F8F234FE2698C90B203C989F9EBE77DF2126CE4C765E19BCBC628F6B70FFEE9214B88E27CF989939EF396D513BDD2CA737EDB8C6845E5883D283445F3FB8F662F0CFC29F405A592C8C0D68575361B09BA4D1398D61B552D239F897D84B8D46A6E1B113D76AE9BABA8D5617B3ACC1A8F4AFBA8597BA96CF872A5AE48BE79A44771937D01D0EF76C99C1C99C7EE94DBDFE3FBA41B69DEC9F4B1858E3D4F488CAEA52692C9334ADB39A8FEDC815A1E4D7057AE7CF4BD2A67B02141F98306D4A67C759414F03AE3A9D2C0F1090B29C8833E3500ED05FF6175D29408D8DB6D0651AFC77142FA7F44114274C0575B4F2EAF27714B56F450DE6F02423B4BEDC090E91ECD92F5DF5B9D053E095149B069FB60D51BB700A188EABD493773B7BEBA99CA21E981BF14188926E5F2DB6348B8E85AE4E2D498F116C9A240567F71B9D86B8173A42BA29100F02322DE24241DF8333F7A7A2A8C71513B734BC7E35D25F469B27F9B0883E1B62E1C4FC60FC6EB4A1E9B1AD1DD26A8D64D27944577E8ABE51EA225B0FFE27B5592D6EA5FBAA81BE6E3657FBBE67D359D0D18622545E8C1093D542F31FEBD00E0C687BB66D6F4E8F3FA0AD435F303F1108CE3604FF199E5DBF7E7309EBECA4ADB0F2AED26B87E7B50C23F0AA8370EEABFEEF273B64EFAD3167D78689907C500FAB9AC160968BA738AC40B23F50BEAD01C6343D7B7190034C79FFDD250938A84E499D5583F5213287F495DF9008DB8A9A51DFEA454A8215683A53A6A5CE5BFDA0D827704203B272E398F
39520170723112206 2 6 100 8191 5 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA2253793EBF09F7 39520171226064036 2 6 100 8191 5 EE490FB8716A6562BB33AA7C81BBFDCF2BC4C7257F68FC888B014D4D06FF9501EDEC5B4B462DBA35A9C6E541F218CB4A44F6F9FC88F4B4CC522803FA78E320467D89DC594A89B9718278C390023E9A367EDC39614216835EC52511F0ABAD50A37B742603D8ECA51491AC9A0F61B8A0AE8C09831869F2BF140277A0DA761C57856191FB3D6BCA46D51AC32A52FA6012B8AF5531F1E361751EC530B502B9001CAD88C0E921D4F809CA97C06278C0503B17BAE6B082168C34AB558BAC649EC3A69D2D136804E89B4FC952AF03C5056A6CA50D130934CBA7FA852BB950328E6BA2BFCF86C7319C96E5AC7172B03A000D678E4734BF756645816DCFA5710D65F77B994C1D12000502CC31478258694CFEE378707F7111E7337A0EBBD8EA3E91459AEB73B310DEE37464DF317FB6BBBD6A4DB32B505F7F6D0D5A6C8BE439514BAA032CB41864647F64F18B414BA2A2BF7AEF787D1F84B2EFDF5935857C9A6167CA426109FEBA69EE58FEF126F3F98FBC46570EF50DD3F502044DBD580E5DCFD214DA8788B7104D4A77C4006AC153E704B395F061118D5898155A7BC758C13D6D9B381F40B1998FFBB520D78110956D7E01EB07F2AA4CE132C3CDE594E3FEF45F2FD2C6B8B2C75B8C232DEC3C82BDF494E846D8AD466F8F234FE2698C90B203C989F9EBE77DF2126CE4C765E19BCBC628F6B70FFEE9214B88E27CF989939EF396D513BDD2CA737EDB8C6845E5883D283445F3FB8F662F0CFC29F405A592C8C0D68575361B09BA4D1398D61B552D239F897D84B8D46A6E1B113D76AE9BABA8D5617B3ACC1A8F4AFBA8597BA96CF872A5AE48BE79A44771937D01D0EF76C99C1C99C7EE94DBDFE3FBA41B69DEC9F4B1858E3D4F488CAEA52692C9334ADB39A8FEDC815A1E4D7057AE7CF4BD2A67B02141F98306D4A67C759414F03AE3A9D2C0F1090B29C8833E3500ED05FF6175D29408D8DB6D0651AFC77142FA7F44114274C0575B4F2EAF27714B56F450DE6F02423B4BEDC090E91ECD92F5DF5B9D053E095149B069FB60D51BB700A188EABD493773B7BEBA99CA21E981BF14188926E5F2DB6348B8E85AE4E2D498F116C9A240567F71B9D86B8173A42BA29100F02322DE24241DF8333F7A7A2A8C71513B734BC7E35D25F469B27F9B0883E1B62E1C4FC60FC6EB4A1E9B1AD1DD26A8D64D27944577E8ABE51EA225B0FFE27B5592D6EA5FBAA81BE6E3657FBBE67D359D0D18622545E8C1093D542F31FEBD00E0C687BB66D6F4E8F3FA0AD435F303F1108CE3604FF199E5DBF7E7309EBECA4ADB0F2AED26B87E7B50C23F0AA8370EEABFEEF273B64EFAD3167D78689907C500FAB9AC160968BA738AC40B23F50BEAD01C6343D7B7190034C79FFDD250938A84E499D5583F5213287F495DF9008DB8A9A51DFEA454A8215683A53A6A5CE5BFDA0D827704203B27337437
39620170723140224 2 6 100 8191 2 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA2253794072005B 39620171226213456 2 6 100 8191 5 EE490FB8716A6562BB33AA7C81BBFDCF2BC4C7257F68FC888B014D4D06FF9501EDEC5B4B462DBA35A9C6E541F218CB4A44F6F9FC88F4B4CC522803FA78E320467D89DC594A89B9718278C390023E9A367EDC39614216835EC52511F0ABAD50A37B742603D8ECA51491AC9A0F61B8A0AE8C09831869F2BF140277A0DA761C57856191FB3D6BCA46D51AC32A52FA6012B8AF5531F1E361751EC530B502B9001CAD88C0E921D4F809CA97C06278C0503B17BAE6B082168C34AB558BAC649EC3A69D2D136804E89B4FC952AF03C5056A6CA50D130934CBA7FA852BB950328E6BA2BFCF86C7319C96E5AC7172B03A000D678E4734BF756645816DCFA5710D65F77B994C1D12000502CC31478258694CFEE378707F7111E7337A0EBBD8EA3E91459AEB73B310DEE37464DF317FB6BBBD6A4DB32B505F7F6D0D5A6C8BE439514BAA032CB41864647F64F18B414BA2A2BF7AEF787D1F84B2EFDF5935857C9A6167CA426109FEBA69EE58FEF126F3F98FBC46570EF50DD3F502044DBD580E5DCFD214DA8788B7104D4A77C4006AC153E704B395F061118D5898155A7BC758C13D6D9B381F40B1998FFBB520D78110956D7E01EB07F2AA4CE132C3CDE594E3FEF45F2FD2C6B8B2C75B8C232DEC3C82BDF494E846D8AD466F8F234FE2698C90B203C989F9EBE77DF2126CE4C765E19BCBC628F6B70FFEE9214B88E27CF989939EF396D513BDD2CA737EDB8C6845E5883D283445F3FB8F662F0CFC29F405A592C8C0D68575361B09BA4D1398D61B552D239F897D84B8D46A6E1B113D76AE9BABA8D5617B3ACC1A8F4AFBA8597BA96CF872A5AE48BE79A44771937D01D0EF76C99C1C99C7EE94DBDFE3FBA41B69DEC9F4B1858E3D4F488CAEA52692C9334ADB39A8FEDC815A1E4D7057AE7CF4BD2A67B02141F98306D4A67C759414F03AE3A9D2C0F1090B29C8833E3500ED05FF6175D29408D8DB6D0651AFC77142FA7F44114274C0575B4F2EAF27714B56F450DE6F02423B4BEDC090E91ECD92F5DF5B9D053E095149B069FB60D51BB700A188EABD493773B7BEBA99CA21E981BF14188926E5F2DB6348B8E85AE4E2D498F116C9A240567F71B9D86B8173A42BA29100F02322DE24241DF8333F7A7A2A8C71513B734BC7E35D25F469B27F9B0883E1B62E1C4FC60FC6EB4A1E9B1AD1DD26A8D64D27944577E8ABE51EA225B0FFE27B5592D6EA5FBAA81BE6E3657FBBE67D359D0D18622545E8C1093D542F31FEBD00E0C687BB66D6F4E8F3FA0AD435F303F1108CE3604FF199E5DBF7E7309EBECA4ADB0F2AED26B87E7B50C23F0AA8370EEABFEEF273B64EFAD3167D78689907C500FAB9AC160968BA738AC40B23F50BEAD01C6343D7B7190034C79FFDD250938A84E499D5583F5213287F495DF9008DB8A9A51DFEA454A8215683A53A6A5CE5BFDA0D827704203B302C487F
39720170723170945 2 6 100 8191 5 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA225379427689A7 39720171227055343 2 6 100 8191 5 EE490FB8716A6562BB33AA7C81BBFDCF2BC4C7257F68FC888B014D4D06FF9501EDEC5B4B462DBA35A9C6E541F218CB4A44F6F9FC88F4B4CC522803FA78E320467D89DC594A89B9718278C390023E9A367EDC39614216835EC52511F0ABAD50A37B742603D8ECA51491AC9A0F61B8A0AE8C09831869F2BF140277A0DA761C57856191FB3D6BCA46D51AC32A52FA6012B8AF5531F1E361751EC530B502B9001CAD88C0E921D4F809CA97C06278C0503B17BAE6B082168C34AB558BAC649EC3A69D2D136804E89B4FC952AF03C5056A6CA50D130934CBA7FA852BB950328E6BA2BFCF86C7319C96E5AC7172B03A000D678E4734BF756645816DCFA5710D65F77B994C1D12000502CC31478258694CFEE378707F7111E7337A0EBBD8EA3E91459AEB73B310DEE37464DF317FB6BBBD6A4DB32B505F7F6D0D5A6C8BE439514BAA032CB41864647F64F18B414BA2A2BF7AEF787D1F84B2EFDF5935857C9A6167CA426109FEBA69EE58FEF126F3F98FBC46570EF50DD3F502044DBD580E5DCFD214DA8788B7104D4A77C4006AC153E704B395F061118D5898155A7BC758C13D6D9B381F40B1998FFBB520D78110956D7E01EB07F2AA4CE132C3CDE594E3FEF45F2FD2C6B8B2C75B8C232DEC3C82BDF494E846D8AD466F8F234FE2698C90B203C989F9EBE77DF2126CE4C765E19BCBC628F6B70FFEE9214B88E27CF989939EF396D513BDD2CA737EDB8C6845E5883D283445F3FB8F662F0CFC29F405A592C8C0D68575361B09BA4D1398D61B552D239F897D84B8D46A6E1B113D76AE9BABA8D5617B3ACC1A8F4AFBA8597BA96CF872A5AE48BE79A44771937D01D0EF76C99C1C99C7EE94DBDFE3FBA41B69DEC9F4B1858E3D4F488CAEA52692C9334ADB39A8FEDC815A1E4D7057AE7CF4BD2A67B02141F98306D4A67C759414F03AE3A9D2C0F1090B29C8833E3500ED05FF6175D29408D8DB6D0651AFC77142FA7F44114274C0575B4F2EAF27714B56F450DE6F02423B4BEDC090E91ECD92F5DF5B9D053E095149B069FB60D51BB700A188EABD493773B7BEBA99CA21E981BF14188926E5F2DB6348B8E85AE4E2D498F116C9A240567F71B9D86B8173A42BA29100F02322DE24241DF8333F7A7A2A8C71513B734BC7E35D25F469B27F9B0883E1B62E1C4FC60FC6EB4A1E9B1AD1DD26A8D64D27944577E8ABE51EA225B0FFE27B5592D6EA5FBAA81BE6E3657FBBE67D359D0D18622545E8C1093D542F31FEBD00E0C687BB66D6F4E8F3FA0AD435F303F1108CE3604FF199E5DBF7E7309EBECA4ADB0F2AED26B87E7B50C23F0AA8370EEABFEEF273B64EFAD3167D78689907C500FAB9AC160968BA738AC40B23F50BEAD01C6343D7B7190034C79FFDD250938A84E499D5583F5213287F495DF9008DB8A9A51DFEA454A8215683A53A6A5CE5BFDA0D827704203B35235327
39820170724050156 2 6 100 8191 5 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA2253794A23E407 39820171227125423 2 6 100 8191 2 EE490FB8716A6562BB33AA7C81BBFDCF2BC4C7257F68FC888B014D4D06FF9501EDEC5B4B462DBA35A9C6E541F218CB4A44F6F9FC88F4B4CC522803FA78E320467D89DC594A89B9718278C390023E9A367EDC39614216835EC52511F0ABAD50A37B742603D8ECA51491AC9A0F61B8A0AE8C09831869F2BF140277A0DA761C57856191FB3D6BCA46D51AC32A52FA6012B8AF5531F1E361751EC530B502B9001CAD88C0E921D4F809CA97C06278C0503B17BAE6B082168C34AB558BAC649EC3A69D2D136804E89B4FC952AF03C5056A6CA50D130934CBA7FA852BB950328E6BA2BFCF86C7319C96E5AC7172B03A000D678E4734BF756645816DCFA5710D65F77B994C1D12000502CC31478258694CFEE378707F7111E7337A0EBBD8EA3E91459AEB73B310DEE37464DF317FB6BBBD6A4DB32B505F7F6D0D5A6C8BE439514BAA032CB41864647F64F18B414BA2A2BF7AEF787D1F84B2EFDF5935857C9A6167CA426109FEBA69EE58FEF126F3F98FBC46570EF50DD3F502044DBD580E5DCFD214DA8788B7104D4A77C4006AC153E704B395F061118D5898155A7BC758C13D6D9B381F40B1998FFBB520D78110956D7E01EB07F2AA4CE132C3CDE594E3FEF45F2FD2C6B8B2C75B8C232DEC3C82BDF494E846D8AD466F8F234FE2698C90B203C989F9EBE77DF2126CE4C765E19BCBC628F6B70FFEE9214B88E27CF989939EF396D513BDD2CA737EDB8C6845E5883D283445F3FB8F662F0CFC29F405A592C8C0D68575361B09BA4D1398D61B552D239F897D84B8D46A6E1B113D76AE9BABA8D5617B3ACC1A8F4AFBA8597BA96CF872A5AE48BE79A44771937D01D0EF76C99C1C99C7EE94DBDFE3FBA41B69DEC9F4B1858E3D4F488CAEA52692C9334ADB39A8FEDC815A1E4D7057AE7CF4BD2A67B02141F98306D4A67C759414F03AE3A9D2C0F1090B29C8833E3500ED05FF6175D29408D8DB6D0651AFC77142FA7F44114274C0575B4F2EAF27714B56F450DE6F02423B4BEDC090E91ECD92F5DF5B9D053E095149B069FB60D51BB700A188EABD493773B7BEBA99CA21E981BF14188926E5F2DB6348B8E85AE4E2D498F116C9A240567F71B9D86B8173A42BA29100F02322DE24241DF8333F7A7A2A8C71513B734BC7E35D25F469B27F9B0883E1B62E1C4FC60FC6EB4A1E9B1AD1DD26A8D64D27944577E8ABE51EA225B0FFE27B5592D6EA5FBAA81BE6E3657FBBE67D359D0D18622545E8C1093D542F31FEBD00E0C687BB66D6F4E8F3FA0AD435F303F1108CE3604FF199E5DBF7E7309EBECA4ADB0F2AED26B87E7B50C23F0AA8370EEABFEEF273B64EFAD3167D78689907C500FAB9AC160968BA738AC40B23F50BEAD01C6343D7B7190034C79FFDD250938A84E499D5583F5213287F495DF9008DB8A9A51DFEA454A8215683A53A6A5CE5BFDA0D827704203B393B67F3
39920170724065019 2 6 100 8191 2 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA2253794B47E553 39920171227150248 2 6 100 8191 2 EE490FB8716A6562BB33AA7C81BBFDCF2BC4C7257F68FC888B014D4D06FF9501EDEC5B4B462DBA35A9C6E541F218CB4A44F6F9FC88F4B4CC522803FA78E320467D89DC594A89B9718278C390023E9A367EDC39614216835EC52511F0ABAD50A37B742603D8ECA51491AC9A0F61B8A0AE8C09831869F2BF140277A0DA761C57856191FB3D6BCA46D51AC32A52FA6012B8AF5531F1E361751EC530B502B9001CAD88C0E921D4F809CA97C06278C0503B17BAE6B082168C34AB558BAC649EC3A69D2D136804E89B4FC952AF03C5056A6CA50D130934CBA7FA852BB950328E6BA2BFCF86C7319C96E5AC7172B03A000D678E4734BF756645816DCFA5710D65F77B994C1D12000502CC31478258694CFEE378707F7111E7337A0EBBD8EA3E91459AEB73B310DEE37464DF317FB6BBBD6A4DB32B505F7F6D0D5A6C8BE439514BAA032CB41864647F64F18B414BA2A2BF7AEF787D1F84B2EFDF5935857C9A6167CA426109FEBA69EE58FEF126F3F98FBC46570EF50DD3F502044DBD580E5DCFD214DA8788B7104D4A77C4006AC153E704B395F061118D5898155A7BC758C13D6D9B381F40B1998FFBB520D78110956D7E01EB07F2AA4CE132C3CDE594E3FEF45F2FD2C6B8B2C75B8C232DEC3C82BDF494E846D8AD466F8F234FE2698C90B203C989F9EBE77DF2126CE4C765E19BCBC628F6B70FFEE9214B88E27CF989939EF396D513BDD2CA737EDB8C6845E5883D283445F3FB8F662F0CFC29F405A592C8C0D68575361B09BA4D1398D61B552D239F897D84B8D46A6E1B113D76AE9BABA8D5617B3ACC1A8F4AFBA8597BA96CF872A5AE48BE79A44771937D01D0EF76C99C1C99C7EE94DBDFE3FBA41B69DEC9F4B1858E3D4F488CAEA52692C9334ADB39A8FEDC815A1E4D7057AE7CF4BD2A67B02141F98306D4A67C759414F03AE3A9D2C0F1090B29C8833E3500ED05FF6175D29408D8DB6D0651AFC77142FA7F44114274C0575B4F2EAF27714B56F450DE6F02423B4BEDC090E91ECD92F5DF5B9D053E095149B069FB60D51BB700A188EABD493773B7BEBA99CA21E981BF14188926E5F2DB6348B8E85AE4E2D498F116C9A240567F71B9D86B8173A42BA29100F02322DE24241DF8333F7A7A2A8C71513B734BC7E35D25F469B27F9B0883E1B62E1C4FC60FC6EB4A1E9B1AD1DD26A8D64D27944577E8ABE51EA225B0FFE27B5592D6EA5FBAA81BE6E3657FBBE67D359D0D18622545E8C1093D542F31FEBD00E0C687BB66D6F4E8F3FA0AD435F303F1108CE3604FF199E5DBF7E7309EBECA4ADB0F2AED26B87E7B50C23F0AA8370EEABFEEF273B64EFAD3167D78689907C500FAB9AC160968BA738AC40B23F50BEAD01C6343D7B7190034C79FFDD250938A84E499D5583F5213287F495DF9008DB8A9A51DFEA454A8215683A53A6A5CE5BFDA0D827704203B3A81A89B
40020170725032628 2 6 100 8191 2 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA225379588A6BE3 40020171227165129 2 6 100 8191 2 F461D7B72CCE12BB489DFEBB0D3252492FB894ADE7EEFCA4FCEAE71B2078652882837E3DDE311BA08D03316DDE3C3C844C34F37E7536601A57C95E1D191CC3B603E15D0E27D99ECC6B7781424F1D40E39FFF25D3F99C207359AD00CB7A68DC0937FDC38F24EF6C095DA60D92F977FBE8674D9885C4F147D6B6114F1CAF9F56327EF2A9CF30C5A26F46E19FAFACF357EC4E9119FB4AC34FF97FE5CDA2D578E00DF294AC88305AA8C9CFA074F35A211DD176486BBFDF04269B47C1EECAA0FAD95F6A5D829770F73DE8AF9D45928E4BF4C71412821419E2AFB2DA29FAA42557CB595B75433FDF015E42853C784AC8A15857D494900319D36B3A6672B885B686D6498D50A7843D381D240A77C053853FBFC670687678EA7AA909F9D82D2363ABD4851E3D20CE16632E0B1522AAB5DB8BB53AA1EE8CDFE86A494D1C2405C5AAE058D1990C91607D8043A74453AFB650110CA784BA307E531B153537B2C0A888D75229CC1D3CD27B0D7A6BEE20E82B7EB912D9F36BC8630990003DE2494DE017CB9D0EDBA7F0785927E79A76DA00707ADA18B9EBC57930E36E76737A7BA31F8F36F11D8CEDDCE28A411EEB34CE5D5235E88F66089F59CD921A84789512947DFDC8247A68353D05BEAFA6E450D7211D8BABE3C4C63685E9FA7742BD6309F3D72B9BE5E1B84E534596A81DAF1F5483C001FED71A9C7E432A28E52E43D9A0D4D4607B5E3459C7D424925C34311958344EBB86AF4E02675F8701BD55AACE3DDF48980E1977EE44275BEEE341C090820A63FD317595D7A0CCD00609B49E4AAF8C744F2FEA35A806B9B79C519CCDCE59F225FA243FD1AD0C8DBAFA17291CCA0C0C4DAB68060205F72978A5879093A132BE80C061D33348D94A8C79AE86F637701FC44E795B0F15D4610E0B269DEC7B24F717A7284A521759894AE475E7E35472ABC8C82DADE518628FF0DD37B48D94D48C18BF686F509AE5A5C35CC7BC33861673166B743FE10EB6508D36B29D1C798210E3D1840418A67214F9DB6FAF60BB42329226517C202436F735C1D326B49E1A37FF80BA4599A55898A48A2967647EA5E48B88F8034C7BBE9AFC1CD8DCC986495AB7070346E83479BC23925D418A68C7D72B4BCC106FEE74532F70F3CA019C68D419E944C34A69DAC2CDA1155F4FCDEC53CFB3AED1FE07C58FD20D673CE274AC89AEB3D72C36C2D81B42A5F9A61A83FB748749FDA5598C5A519A3026B1475F61CA5DE7A77BE86C2DC6EBAA6F756D5C15AF0F0844C05F233A0468148956C0BA80ACDCB7850FE0CBE75DB675AB712ADBF0934765919A697F4C4345E2AD63B159664FE0DB201683C8DFBBDB1EFE3B580C11809AC815C1863929E60B7A0819D255C8EE7AA582C33E0153EB685E830627829C141DF8B5C599D9DDD25CB3EFAD7C4369A470D3AE3CF4CD0CDCB185A402F7C3E395C3FF14E17B
40120170725142722 2 6 100 8191 2 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA2253795F8CFE9B 40120171227193939 2 6 100 8191 5 F461D7B72CCE12BB489DFEBB0D3252492FB894ADE7EEFCA4FCEAE71B2078652882837E3DDE311BA08D03316DDE3C3C844C34F37E7536601A57C95E1D191CC3B603E15D0E27D99ECC6B7781424F1D40E39FFF25D3F99C207359AD00CB7A68DC0937FDC38F24EF6C095DA60D92F977FBE8674D9885C4F147D6B6114F1CAF9F56327EF2A9CF30C5A26F46E19FAFACF357EC4E9119FB4AC34FF97FE5CDA2D578E00DF294AC88305AA8C9CFA074F35A211DD176486BBFDF04269B47C1EECAA0FAD95F6A5D829770F73DE8AF9D45928E4BF4C71412821419E2AFB2DA29FAA42557CB595B75433FDF015E42853C784AC8A15857D494900319D36B3A6672B885B686D6498D50A7843D381D240A77C053853FBFC670687678EA7AA909F9D82D2363ABD4851E3D20CE16632E0B1522AAB5DB8BB53AA1EE8CDFE86A494D1C2405C5AAE058D1990C91607D8043A74453AFB650110CA784BA307E531B153537B2C0A888D75229CC1D3CD27B0D7A6BEE20E82B7EB912D9F36BC8630990003DE2494DE017CB9D0EDBA7F0785927E79A76DA00707ADA18B9EBC57930E36E76737A7BA31F8F36F11D8CEDDCE28A411EEB34CE5D5235E88F66089F59CD921A84789512947DFDC8247A68353D05BEAFA6E450D7211D8BABE3C4C63685E9FA7742BD6309F3D72B9BE5E1B84E534596A81DAF1F5483C001FED71A9C7E432A28E52E43D9A0D4D4607B5E3459C7D424925C34311958344EBB86AF4E02675F8701BD55AACE3DDF48980E1977EE44275BEEE341C090820A63FD317595D7A0CCD00609B49E4AAF8C744F2FEA35A806B9B79C519CCDCE59F225FA243FD1AD0C8DBAFA17291CCA0C0C4DAB68060205F72978A5879093A132BE80C061D33348D94A8C79AE86F637701FC44E795B0F15D4610E0B269DEC7B24F717A7284A521759894AE475E7E35472ABC8C82DADE518628FF0DD37B48D94D48C18BF686F509AE5A5C35CC7BC33861673166B743FE10EB6508D36B29D1C798210E3D1840418A67214F9DB6FAF60BB42329226517C202436F735C1D326B49E1A37FF80BA4599A55898A48A2967647EA5E48B88F8034C7BBE9AFC1CD8DCC986495AB7070346E83479BC23925D418A68C7D72B4BCC106FEE74532F70F3CA019C68D419E944C34A69DAC2CDA1155F4FCDEC53CFB3AED1FE07C58FD20D673CE274AC89AEB3D72C36C2D81B42A5F9A61A83FB748749FDA5598C5A519A3026B1475F61CA5DE7A77BE86C2DC6EBAA6F756D5C15AF0F0844C05F233A0468148956C0BA80ACDCB7850FE0CBE75DB675AB712ADBF0934765919A697F4C4345E2AD63B159664FE0DB201683C8DFBBDB1EFE3B580C11809AC815C1863929E60B7A0819D255C8EE7AA582C33E0153EB685E830627829C141DF8B5C599D9DDD25CB3EFAD7C4369A470D3AE3CF4CD0CDCB185A402F7C3E395C400F55F3F
40220170725192821 2 6 100 8191 2 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA22537962B35BAB 40220171228032103 2 6 100 8191 2 F461D7B72CCE12BB489DFEBB0D3252492FB894ADE7EEFCA4FCEAE71B2078652882837E3DDE311BA08D03316DDE3C3C844C34F37E7536601A57C95E1D191CC3B603E15D0E27D99ECC6B7781424F1D40E39FFF25D3F99C207359AD00CB7A68DC0937FDC38F24EF6C095DA60D92F977FBE8674D9885C4F147D6B6114F1CAF9F56327EF2A9CF30C5A26F46E19FAFACF357EC4E9119FB4AC34FF97FE5CDA2D578E00DF294AC88305AA8C9CFA074F35A211DD176486BBFDF04269B47C1EECAA0FAD95F6A5D829770F73DE8AF9D45928E4BF4C71412821419E2AFB2DA29FAA42557CB595B75433FDF015E42853C784AC8A15857D494900319D36B3A6672B885B686D6498D50A7843D381D240A77C053853FBFC670687678EA7AA909F9D82D2363ABD4851E3D20CE16632E0B1522AAB5DB8BB53AA1EE8CDFE86A494D1C2405C5AAE058D1990C91607D8043A74453AFB650110CA784BA307E531B153537B2C0A888D75229CC1D3CD27B0D7A6BEE20E82B7EB912D9F36BC8630990003DE2494DE017CB9D0EDBA7F0785927E79A76DA00707ADA18B9EBC57930E36E76737A7BA31F8F36F11D8CEDDCE28A411EEB34CE5D5235E88F66089F59CD921A84789512947DFDC8247A68353D05BEAFA6E450D7211D8BABE3C4C63685E9FA7742BD6309F3D72B9BE5E1B84E534596A81DAF1F5483C001FED71A9C7E432A28E52E43D9A0D4D4607B5E3459C7D424925C34311958344EBB86AF4E02675F8701BD55AACE3DDF48980E1977EE44275BEEE341C090820A63FD317595D7A0CCD00609B49E4AAF8C744F2FEA35A806B9B79C519CCDCE59F225FA243FD1AD0C8DBAFA17291CCA0C0C4DAB68060205F72978A5879093A132BE80C061D33348D94A8C79AE86F637701FC44E795B0F15D4610E0B269DEC7B24F717A7284A521759894AE475E7E35472ABC8C82DADE518628FF0DD37B48D94D48C18BF686F509AE5A5C35CC7BC33861673166B743FE10EB6508D36B29D1C798210E3D1840418A67214F9DB6FAF60BB42329226517C202436F735C1D326B49E1A37FF80BA4599A55898A48A2967647EA5E48B88F8034C7BBE9AFC1CD8DCC986495AB7070346E83479BC23925D418A68C7D72B4BCC106FEE74532F70F3CA019C68D419E944C34A69DAC2CDA1155F4FCDEC53CFB3AED1FE07C58FD20D673CE274AC89AEB3D72C36C2D81B42A5F9A61A83FB748749FDA5598C5A519A3026B1475F61CA5DE7A77BE86C2DC6EBAA6F756D5C15AF0F0844C05F233A0468148956C0BA80ACDCB7850FE0CBE75DB675AB712ADBF0934765919A697F4C4345E2AD63B159664FE0DB201683C8DFBBDB1EFE3B580C11809AC815C1863929E60B7A0819D255C8EE7AA582C33E0153EB685E830627829C141DF8B5C599D9DDD25CB3EFAD7C4369A470D3AE3CF4CD0CDCB185A402F7C3E395C4065CE64B
40320170726032919 2 6 100 8191 5 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA22537967BE1D7F 40320171228115824 2 6 100 8191 5 F461D7B72CCE12BB489DFEBB0D3252492FB894ADE7EEFCA4FCEAE71B2078652882837E3DDE311BA08D03316DDE3C3C844C34F37E7536601A57C95E1D191CC3B603E15D0E27D99ECC6B7781424F1D40E39FFF25D3F99C207359AD00CB7A68DC0937FDC38F24EF6C095DA60D92F977FBE8674D9885C4F147D6B6114F1CAF9F56327EF2A9CF30C5A26F46E19FAFACF357EC4E9119FB4AC34FF97FE5CDA2D578E00DF294AC88305AA8C9CFA074F35A211DD176486BBFDF04269B47C1EECAA0FAD95F6A5D829770F73DE8AF9D45928E4BF4C71412821419E2AFB2DA29FAA42557CB595B75433FDF015E42853C784AC8A15857D494900319D36B3A6672B885B686D6498D50A7843D381D240A77C053853FBFC670687678EA7AA909F9D82D2363ABD4851E3D20CE16632E0B1522AAB5DB8BB53AA1EE8CDFE86A494D1C2405C5AAE058D1990C91607D8043A74453AFB650110CA784BA307E531B153537B2C0A888D75229CC1D3CD27B0D7A6BEE20E82B7EB912D9F36BC8630990003DE2494DE017CB9D0EDBA7F0785927E79A76DA00707ADA18B9EBC57930E36E76737A7BA31F8F36F11D8CEDDCE28A411EEB34CE5D5235E88F66089F59CD921A84789512947DFDC8247A68353D05BEAFA6E450D7211D8BABE3C4C63685E9FA7742BD6309F3D72B9BE5E1B84E534596A81DAF1F5483C001FED71A9C7E432A28E52E43D9A0D4D4607B5E3459C7D424925C34311958344EBB86AF4E02675F8701BD55AACE3DDF48980E1977EE44275BEEE341C090820A63FD317595D7A0CCD00609B49E4AAF8C744F2FEA35A806B9B79C519CCDCE59F225FA243FD1AD0C8DBAFA17291CCA0C0C4DAB68060205F72978A5879093A132BE80C061D33348D94A8C79AE86F637701FC44E795B0F15D4610E0B269DEC7B24F717A7284A521759894AE475E7E35472ABC8C82DADE518628FF0DD37B48D94D48C18BF686F509AE5A5C35CC7BC33861673166B743FE10EB6508D36B29D1C798210E3D1840418A67214F9DB6FAF60BB42329226517C202436F735C1D326B49E1A37FF80BA4599A55898A48A2967647EA5E48B88F8034C7BBE9AFC1CD8DCC986495AB7070346E83479BC23925D418A68C7D72B4BCC106FEE74532F70F3CA019C68D419E944C34A69DAC2CDA1155F4FCDEC53CFB3AED1FE07C58FD20D673CE274AC89AEB3D72C36C2D81B42A5F9A61A83FB748749FDA5598C5A519A3026B1475F61CA5DE7A77BE86C2DC6EBAA6F756D5C15AF0F0844C05F233A0468148956C0BA80ACDCB7850FE0CBE75DB675AB712ADBF0934765919A697F4C4345E2AD63B159664FE0DB201683C8DFBBDB1EFE3B580C11809AC815C1863929E60B7A0819D255C8EE7AA582C33E0153EB685E830627829C141DF8B5C599D9DDD25CB3EFAD7C4369A470D3AE3CF4CD0CDCB185A402F7C3E395C40C43BAB7
40420170726062511 2 6 100 8191 2 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA22537969930233 40420171228124603 2 6 100 8191 2 F461D7B72CCE12BB489DFEBB0D3252492FB894ADE7EEFCA4FCEAE71B2078652882837E3DDE311BA08D03316DDE3C3C844C34F37E7536601A57C95E1D191CC3B603E15D0E27D99ECC6B7781424F1D40E39FFF25D3F99C207359AD00CB7A68DC0937FDC38F24EF6C095DA60D92F977FBE8674D9885C4F147D6B6114F1CAF9F56327EF2A9CF30C5A26F46E19FAFACF357EC4E9119FB4AC34FF97FE5CDA2D578E00DF294AC88305AA8C9CFA074F35A211DD176486BBFDF04269B47C1EECAA0FAD95F6A5D829770F73DE8AF9D45928E4BF4C71412821419E2AFB2DA29FAA42557CB595B75433FDF015E42853C784AC8A15857D494900319D36B3A6672B885B686D6498D50A7843D381D240A77C053853FBFC670687678EA7AA909F9D82D2363ABD4851E3D20CE16632E0B1522AAB5DB8BB53AA1EE8CDFE86A494D1C2405C5AAE058D1990C91607D8043A74453AFB650110CA784BA307E531B153537B2C0A888D75229CC1D3CD27B0D7A6BEE20E82B7EB912D9F36BC8630990003DE2494DE017CB9D0EDBA7F0785927E79A76DA00707ADA18B9EBC57930E36E76737A7BA31F8F36F11D8CEDDCE28A411EEB34CE5D5235E88F66089F59CD921A84789512947DFDC8247A68353D05BEAFA6E450D7211D8BABE3C4C63685E9FA7742BD6309F3D72B9BE5E1B84E534596A81DAF1F5483C001FED71A9C7E432A28E52E43D9A0D4D4607B5E3459C7D424925C34311958344EBB86AF4E02675F8701BD55AACE3DDF48980E1977EE44275BEEE341C090820A63FD317595D7A0CCD00609B49E4AAF8C744F2FEA35A806B9B79C519CCDCE59F225FA243FD1AD0C8DBAFA17291CCA0C0C4DAB68060205F72978A5879093A132BE80C061D33348D94A8C79AE86F637701FC44E795B0F15D4610E0B269DEC7B24F717A7284A521759894AE475E7E35472ABC8C82DADE518628FF0DD37B48D94D48C18BF686F509AE5A5C35CC7BC33861673166B743FE10EB6508D36B29D1C798210E3D1840418A67214F9DB6FAF60BB42329226517C202436F735C1D326B49E1A37FF80BA4599A55898A48A2967647EA5E48B88F8034C7BBE9AFC1CD8DCC986495AB7070346E83479BC23925D418A68C7D72B4BCC106FEE74532F70F3CA019C68D419E944C34A69DAC2CDA1155F4FCDEC53CFB3AED1FE07C58FD20D673CE274AC89AEB3D72C36C2D81B42A5F9A61A83FB748749FDA5598C5A519A3026B1475F61CA5DE7A77BE86C2DC6EBAA6F756D5C15AF0F0844C05F233A0468148956C0BA80ACDCB7850FE0CBE75DB675AB712ADBF0934765919A697F4C4345E2AD63B159664FE0DB201683C8DFBBDB1EFE3B580C11809AC815C1863929E60B7A0819D255C8EE7AA582C33E0153EB685E830627829C141DF8B5C599D9DDD25CB3EFAD7C4369A470D3AE3CF4CD0CDCB185A402F7C3E395C40CCD6483
40520170726073958 2 6 100 8191 2 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA2253796A4B8B7B 40520171228164850 2 6 100 8191 2 F461D7B72CCE12BB489DFEBB0D3252492FB894ADE7EEFCA4FCEAE71B2078652882837E3DDE311BA08D03316DDE3C3C844C34F37E7536601A57C95E1D191CC3B603E15D0E27D99ECC6B7781424F1D40E39FFF25D3F99C207359AD00CB7A68DC0937FDC38F24EF6C095DA60D92F977FBE8674D9885C4F147D6B6114F1CAF9F56327EF2A9CF30C5A26F46E19FAFACF357EC4E9119FB4AC34FF97FE5CDA2D578E00DF294AC88305AA8C9CFA074F35A211DD176486BBFDF04269B47C1EECAA0FAD95F6A5D829770F73DE8AF9D45928E4BF4C71412821419E2AFB2DA29FAA42557CB595B75433FDF015E42853C784AC8A15857D494900319D36B3A6672B885B686D6498D50A7843D381D240A77C053853FBFC670687678EA7AA909F9D82D2363ABD4851E3D20CE16632E0B1522AAB5DB8BB53AA1EE8CDFE86A494D1C2405C5AAE058D1990C91607D8043A74453AFB650110CA784BA307E531B153537B2C0A888D75229CC1D3CD27B0D7A6BEE20E82B7EB912D9F36BC8630990003DE2494DE017CB9D0EDBA7F0785927E79A76DA00707ADA18B9EBC57930E36E76737A7BA31F8F36F11D8CEDDCE28A411EEB34CE5D5235E88F66089F59CD921A84789512947DFDC8247A68353D05BEAFA6E450D7211D8BABE3C4C63685E9FA7742BD6309F3D72B9BE5E1B84E534596A81DAF1F5483C001FED71A9C7E432A28E52E43D9A0D4D4607B5E3459C7D424925C34311958344EBB86AF4E02675F8701BD55AACE3DDF48980E1977EE44275BEEE341C090820A63FD317595D7A0CCD00609B49E4AAF8C744F2FEA35A806B9B79C519CCDCE59F225FA243FD1AD0C8DBAFA17291CCA0C0C4DAB68060205F72978A5879093A132BE80C061D33348D94A8C79AE86F637701FC44E795B0F15D4610E0B269DEC7B24F717A7284A521759894AE475E7E35472ABC8C82DADE518628FF0DD37B48D94D48C18BF686F509AE5A5C35CC7BC33861673166B743FE10EB6508D36B29D1C798210E3D1840418A67214F9DB6FAF60BB42329226517C202436F735C1D326B49E1A37FF80BA4599A55898A48A2967647EA5E48B88F8034C7BBE9AFC1CD8DCC986495AB7070346E83479BC23925D418A68C7D72B4BCC106FEE74532F70F3CA019C68D419E944C34A69DAC2CDA1155F4FCDEC53CFB3AED1FE07C58FD20D673CE274AC89AEB3D72C36C2D81B42A5F9A61A83FB748749FDA5598C5A519A3026B1475F61CA5DE7A77BE86C2DC6EBAA6F756D5C15AF0F0844C05F233A0468148956C0BA80ACDCB7850FE0CBE75DB675AB712ADBF0934765919A697F4C4345E2AD63B159664FE0DB201683C8DFBBDB1EFE3B580C11809AC815C1863929E60B7A0819D255C8EE7AA582C33E0153EB685E830627829C141DF8B5C599D9DDD25CB3EFAD7C4369A470D3AE3CF4CD0CDCB185A402F7C3E395C40F99437B
40620170726144150 2 6 100 8191 5 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA2253796EA9D3DF 40620171228210323 2 6 100 8191 2 F461D7B72CCE12BB489DFEBB0D3252492FB894ADE7EEFCA4FCEAE71B2078652882837E3DDE311BA08D03316DDE3C3C844C34F37E7536601A57C95E1D191CC3B603E15D0E27D99ECC6B7781424F1D40E39FFF25D3F99C207359AD00CB7A68DC0937FDC38F24EF6C095DA60D92F977FBE8674D9885C4F147D6B6114F1CAF9F56327EF2A9CF30C5A26F46E19FAFACF357EC4E9119FB4AC34FF97FE5CDA2D578E00DF294AC88305AA8C9CFA074F35A211DD176486BBFDF04269B47C1EECAA0FAD95F6A5D829770F73DE8AF9D45928E4BF4C71412821419E2AFB2DA29FAA42557CB595B75433FDF015E42853C784AC8A15857D494900319D36B3A6672B885B686D6498D50A7843D381D240A77C053853FBFC670687678EA7AA909F9D82D2363ABD4851E3D20CE16632E0B1522AAB5DB8BB53AA1EE8CDFE86A494D1C2405C5AAE058D1990C91607D8043A74453AFB650110CA784BA307E531B153537B2C0A888D75229CC1D3CD27B0D7A6BEE20E82B7EB912D9F36BC8630990003DE2494DE017CB9D0EDBA7F0785927E79A76DA00707ADA18B9EBC57930E36E76737A7BA31F8F36F11D8CEDDCE28A411EEB34CE5D5235E88F66089F59CD921A84789512947DFDC8247A68353D05BEAFA6E450D7211D8BABE3C4C63685E9FA7742BD6309F3D72B9BE5E1B84E534596A81DAF1F5483C001FED71A9C7E432A28E52E43D9A0D4D4607B5E3459C7D424925C34311958344EBB86AF4E02675F8701BD55AACE3DDF48980E1977EE44275BEEE341C090820A63FD317595D7A0CCD00609B49E4AAF8C744F2FEA35A806B9B79C519CCDCE59F225FA243FD1AD0C8DBAFA17291CCA0C0C4DAB68060205F72978A5879093A132BE80C061D33348D94A8C79AE86F637701FC44E795B0F15D4610E0B269DEC7B24F717A7284A521759894AE475E7E35472ABC8C82DADE518628FF0DD37B48D94D48C18BF686F509AE5A5C35CC7BC33861673166B743FE10EB6508D36B29D1C798210E3D1840418A67214F9DB6FAF60BB42329226517C202436F735C1D326B49E1A37FF80BA4599A55898A48A2967647EA5E48B88F8034C7BBE9AFC1CD8DCC986495AB7070346E83479BC23925D418A68C7D72B4BCC106FEE74532F70F3CA019C68D419E944C34A69DAC2CDA1155F4FCDEC53CFB3AED1FE07C58FD20D673CE274AC89AEB3D72C36C2D81B42A5F9A61A83FB748749FDA5598C5A519A3026B1475F61CA5DE7A77BE86C2DC6EBAA6F756D5C15AF0F0844C05F233A0468148956C0BA80ACDCB7850FE0CBE75DB675AB712ADBF0934765919A697F4C4345E2AD63B159664FE0DB201683C8DFBBDB1EFE3B580C11809AC815C1863929E60B7A0819D255C8EE7AA582C33E0153EB685E830627829C141DF8B5C599D9DDD25CB3EFAD7C4369A470D3AE3CF4CD0CDCB185A402F7C3E395C4126F1FDB
40720170726150548 2 6 100 8191 2 D84B8E9B7259F34AA46062684AD05873FD407C5FA804FFBC429D0DED5B497259FFF7F3C26D7A4C21592FCD658B607A5BDE7C4EAA7F5A3B6B713EAEDD5D0D47029CF51556BAFBBC91819DDA500332F7CE6777565C34CE56ED26BFE90830291C460891DDFEBF4FFFE5F217602081211E73EEC97612AC2C9FE8988738F0DC0FD2241B3C54357109D82FAAB532DB9C18B53B543D43B533FD67E36547972674968EB83AEE7EFC9F2AAF2C610C452EEA89A4FF5089BA6922F35128A844F6350A70671DD53C205AC7A75A1659CD3E57D385AB0BD78AF14DC129B1172884F1FCF5D795B6031A2BEB2410948A422D21AD3A215C85720F5EE695E235E36832E0A559DACDBD2B7CA3A1317CA005A963B49E3337829C40974C70F47540D89AAE625A1FD110874DC13D6E7B5711021F0CFD94C46D87582EBFF78EB2412B6D91DC0250A0B805F5E3B096ACB247C2A247A39164337FB3CB818AD4A950E6347B801DA742E5B532F4FC48815AA62B894FDB23B6E4D448DB62713AA46CC33C7D83D60A44B2B70FE8D841A56A4150A01C82B19CB93AE0AAA65E765EFF95933AC55742E0240744158B9CEF9DA8E18C3736BC8894306BF86D9B927CD62252ABFD39A3B352168336404C6B5F0DB4AEE518069274266E0C424F45D487B500BC087F49B53B0FA822D306D8B272E66C035569FFF1A191D354728253419E5B49115B88EB94E8452A28A3D699E73709FFD95D30430D45B730AF36D90C4DF464241C059375E8215E02294DFEAF8169BF1B47F7EE6F6479CB772D552D604589CE0A80BF7C38AFB2D8111D02A11D02264E2D1634128E53835E5815A92C19027DD08493C23344883FA5F2802A67E586221E2E22DFB8C67D75903F7211D52D19DC92DAC9C2E55D5D23E4B316F4F36AE24526C0D7CB5D43A5FA64CD621E9BBEB44ADAC0FB50237872CF13E0008D4D8F3B53B7F97FF8FD71E7B6ECCE359F5FBF3F6128DFD062C1E1177C6DDB97CBB9ED8AF082BF55D2DDF76920020A8AFCA08235752DE7542237D273F0324767F297BD98F573642B54D55AAEDCD9A5DB65DDF24F1E52489E22A8CDB204653F03A45261E20C965772CC92D71AD8A9DCA1205CA72C3AE330CA9ABFC93BD4C0591279661736B131AE905D5EB899BED456FE76BE26C4700FDF3238999B250DEF64F155FED724D3E38BDCAAD31CAC112BF39F0BC0CD3A906BEA43676E126616B51546C9E282117163EA7B38F255797A803F663EA16485FE4A8C2510409D3B6EF809EAC2BF897277A17A9C6E58709B57591FDA62321CEC2F545FCDB0AEEAF33ED378707C81711E003F1E77EEEE292F61E37FDC2FC4F97CEA96E1A4FB8643A9F18C9D6780BC5B815E43AF81E3B1D47D68D5A559C194F35A143B9EAE147D975BEF88D55AF1408BC1705C02F112616D08BFE6A44C0EFAC373CBB557E4953C79ACAA2253796EE14A73 40720171229030717 2 6 100 8191 5 F461D7B72CCE12BB489DFEBB0D3252492FB894ADE7EEFCA4FCEAE71B2078652882837E3DDE311BA08D03316DDE3C3C844C34F37E7536601A57C95E1D191CC3B603E15D0E27D99ECC6B7781424F1D40E39FFF25D3F99C207359AD00CB7A68DC0937FDC38F24EF6C095DA60D92F977FBE8674D9885C4F147D6B6114F1CAF9F56327EF2A9CF30C5A26F46E19FAFACF357EC4E9119FB4AC34FF97FE5CDA2D578E00DF294AC88305AA8C9CFA074F35A211DD176486BBFDF04269B47C1EECAA0FAD95F6A5D829770F73DE8AF9D45928E4BF4C71412821419E2AFB2DA29FAA42557CB595B75433FDF015E42853C784AC8A15857D494900319D36B3A6672B885B686D6498D50A7843D381D240A77C053853FBFC670687678EA7AA909F9D82D2363ABD4851E3D20CE16632E0B1522AAB5DB8BB53AA1EE8CDFE86A494D1C2405C5AAE058D1990C91607D8043A74453AFB650110CA784BA307E531B153537B2C0A888D75229CC1D3CD27B0D7A6BEE20E82B7EB912D9F36BC8630990003DE2494DE017CB9D0EDBA7F0785927E79A76DA00707ADA18B9EBC57930E36E76737A7BA31F8F36F11D8CEDDCE28A411EEB34CE5D5235E88F66089F59CD921A84789512947DFDC8247A68353D05BEAFA6E450D7211D8BABE3C4C63685E9FA7742BD6309F3D72B9BE5E1B84E534596A81DAF1F5483C001FED71A9C7E432A28E52E43D9A0D4D4607B5E3459C7D424925C34311958344EBB86AF4E02675F8701BD55AACE3DDF48980E1977EE44275BEEE341C090820A63FD317595D7A0CCD00609B49E4AAF8C744F2FEA35A806B9B79C519CCDCE59F225FA243FD1AD0C8DBAFA17291CCA0C0C4DAB68060205F72978A5879093A132BE80C061D33348D94A8C79AE86F637701FC44E795B0F15D4610E0B269DEC7B24F717A7284A521759894AE475E7E35472ABC8C82DADE518628FF0DD37B48D94D48C18BF686F509AE5A5C35CC7BC33861673166B743FE10EB6508D36B29D1C798210E3D1840418A67214F9DB6FAF60BB42329226517C202436F735C1D326B49E1A37FF80BA4599A55898A48A2967647EA5E48B88F8034C7BBE9AFC1CD8DCC986495AB7070346E83479BC23925D418A68C7D72B4BCC106FEE74532F70F3CA019C68D419E944C34A69DAC2CDA1155F4FCDEC53CFB3AED1FE07C58FD20D673CE274AC89AEB3D72C36C2D81B42A5F9A61A83FB748749FDA5598C5A519A3026B1475F61CA5DE7A77BE86C2DC6EBAA6F756D5C15AF0F0844C05F233A0468148956C0BA80ACDCB7850FE0CBE75DB675AB712ADBF0934765919A697F4C4345E2AD63B159664FE0DB201683C8DFBBDB1EFE3B580C11809AC815C1863929E60B7A0819D255C8EE7AA582C33E0153EB685E830627829C141DF8B5C599D9DDD25CB3EFAD7C4369A470D3AE3CF4CD0CDCB185A402F7C3E395C4169A7847
40820171229061209 2 6 100 8191 2 F461D7B72CCE12BB489DFEBB0D3252492FB894ADE7EEFCA4FCEAE71B2078652882837E3DDE311BA08D03316DDE3C3C844C34F37E7536601A57C95E1D191CC3B603E15D0E27D99ECC6B7781424F1D40E39FFF25D3F99C207359AD00CB7A68DC0937FDC38F24EF6C095DA60D92F977FBE8674D9885C4F147D6B6114F1CAF9F56327EF2A9CF30C5A26F46E19FAFACF357EC4E9119FB4AC34FF97FE5CDA2D578E00DF294AC88305AA8C9CFA074F35A211DD176486BBFDF04269B47C1EECAA0FAD95F6A5D829770F73DE8AF9D45928E4BF4C71412821419E2AFB2DA29FAA42557CB595B75433FDF015E42853C784AC8A15857D494900319D36B3A6672B885B686D6498D50A7843D381D240A77C053853FBFC670687678EA7AA909F9D82D2363ABD4851E3D20CE16632E0B1522AAB5DB8BB53AA1EE8CDFE86A494D1C2405C5AAE058D1990C91607D8043A74453AFB650110CA784BA307E531B153537B2C0A888D75229CC1D3CD27B0D7A6BEE20E82B7EB912D9F36BC8630990003DE2494DE017CB9D0EDBA7F0785927E79A76DA00707ADA18B9EBC57930E36E76737A7BA31F8F36F11D8CEDDCE28A411EEB34CE5D5235E88F66089F59CD921A84789512947DFDC8247A68353D05BEAFA6E450D7211D8BABE3C4C63685E9FA7742BD6309F3D72B9BE5E1B84E534596A81DAF1F5483C001FED71A9C7E432A28E52E43D9A0D4D4607B5E3459C7D424925C34311958344EBB86AF4E02675F8701BD55AACE3DDF48980E1977EE44275BEEE341C090820A63FD317595D7A0CCD00609B49E4AAF8C744F2FEA35A806B9B79C519CCDCE59F225FA243FD1AD0C8DBAFA17291CCA0C0C4DAB68060205F72978A5879093A132BE80C061D33348D94A8C79AE86F637701FC44E795B0F15D4610E0B269DEC7B24F717A7284A521759894AE475E7E35472ABC8C82DADE518628FF0DD37B48D94D48C18BF686F509AE5A5C35CC7BC33861673166B743FE10EB6508D36B29D1C798210E3D1840418A67214F9DB6FAF60BB42329226517C202436F735C1D326B49E1A37FF80BA4599A55898A48A2967647EA5E48B88F8034C7BBE9AFC1CD8DCC986495AB7070346E83479BC23925D418A68C7D72B4BCC106FEE74532F70F3CA019C68D419E944C34A69DAC2CDA1155F4FCDEC53CFB3AED1FE07C58FD20D673CE274AC89AEB3D72C36C2D81B42A5F9A61A83FB748749FDA5598C5A519A3026B1475F61CA5DE7A77BE86C2DC6EBAA6F756D5C15AF0F0844C05F233A0468148956C0BA80ACDCB7850FE0CBE75DB675AB712ADBF0934765919A697F4C4345E2AD63B159664FE0DB201683C8DFBBDB1EFE3B580C11809AC815C1863929E60B7A0819D255C8EE7AA582C33E0153EB685E830627829C141DF8B5C599D9DDD25CB3EFAD7C4369A470D3AE3CF4CD0CDCB185A402F7C3E395C4189CEBF3
40920171229071940 2 6 100 8191 5 F461D7B72CCE12BB489DFEBB0D3252492FB894ADE7EEFCA4FCEAE71B2078652882837E3DDE311BA08D03316DDE3C3C844C34F37E7536601A57C95E1D191CC3B603E15D0E27D99ECC6B7781424F1D40E39FFF25D3F99C207359AD00CB7A68DC0937FDC38F24EF6C095DA60D92F977FBE8674D9885C4F147D6B6114F1CAF9F56327EF2A9CF30C5A26F46E19FAFACF357EC4E9119FB4AC34FF97FE5CDA2D578E00DF294AC88305AA8C9CFA074F35A211DD176486BBFDF04269B47C1EECAA0FAD95F6A5D829770F73DE8AF9D45928E4BF4C71412821419E2AFB2DA29FAA42557CB595B75433FDF015E42853C784AC8A15857D494900319D36B3A6672B885B686D6498D50A7843D381D240A77C053853FBFC670687678EA7AA909F9D82D2363ABD4851E3D20CE16632E0B1522AAB5DB8BB53AA1EE8CDFE86A494D1C2405C5AAE058D1990C91607D8043A74453AFB650110CA784BA307E531B153537B2C0A888D75229CC1D3CD27B0D7A6BEE20E82B7EB912D9F36BC8630990003DE2494DE017CB9D0EDBA7F0785927E79A76DA00707ADA18B9EBC57930E36E76737A7BA31F8F36F11D8CEDDCE28A411EEB34CE5D5235E88F66089F59CD921A84789512947DFDC8247A68353D05BEAFA6E450D7211D8BABE3C4C63685E9FA7742BD6309F3D72B9BE5E1B84E534596A81DAF1F5483C001FED71A9C7E432A28E52E43D9A0D4D4607B5E3459C7D424925C34311958344EBB86AF4E02675F8701BD55AACE3DDF48980E1977EE44275BEEE341C090820A63FD317595D7A0CCD00609B49E4AAF8C744F2FEA35A806B9B79C519CCDCE59F225FA243FD1AD0C8DBAFA17291CCA0C0C4DAB68060205F72978A5879093A132BE80C061D33348D94A8C79AE86F637701FC44E795B0F15D4610E0B269DEC7B24F717A7284A521759894AE475E7E35472ABC8C82DADE518628FF0DD37B48D94D48C18BF686F509AE5A5C35CC7BC33861673166B743FE10EB6508D36B29D1C798210E3D1840418A67214F9DB6FAF60BB42329226517C202436F735C1D326B49E1A37FF80BA4599A55898A48A2967647EA5E48B88F8034C7BBE9AFC1CD8DCC986495AB7070346E83479BC23925D418A68C7D72B4BCC106FEE74532F70F3CA019C68D419E944C34A69DAC2CDA1155F4FCDEC53CFB3AED1FE07C58FD20D673CE274AC89AEB3D72C36C2D81B42A5F9A61A83FB748749FDA5598C5A519A3026B1475F61CA5DE7A77BE86C2DC6EBAA6F756D5C15AF0F0844C05F233A0468148956C0BA80ACDCB7850FE0CBE75DB675AB712ADBF0934765919A697F4C4345E2AD63B159664FE0DB201683C8DFBBDB1EFE3B580C11809AC815C1863929E60B7A0819D255C8EE7AA582C33E0153EB685E830627829C141DF8B5C599D9DDD25CB3EFAD7C4369A470D3AE3CF4CD0CDCB185A402F7C3E395C419560A6F
41020171229082351 2 6 100 8191 2 F461D7B72CCE12BB489DFEBB0D3252492FB894ADE7EEFCA4FCEAE71B2078652882837E3DDE311BA08D03316DDE3C3C844C34F37E7536601A57C95E1D191CC3B603E15D0E27D99ECC6B7781424F1D40E39FFF25D3F99C207359AD00CB7A68DC0937FDC38F24EF6C095DA60D92F977FBE8674D9885C4F147D6B6114F1CAF9F56327EF2A9CF30C5A26F46E19FAFACF357EC4E9119FB4AC34FF97FE5CDA2D578E00DF294AC88305AA8C9CFA074F35A211DD176486BBFDF04269B47C1EECAA0FAD95F6A5D829770F73DE8AF9D45928E4BF4C71412821419E2AFB2DA29FAA42557CB595B75433FDF015E42853C784AC8A15857D494900319D36B3A6672B885B686D6498D50A7843D381D240A77C053853FBFC670687678EA7AA909F9D82D2363ABD4851E3D20CE16632E0B1522AAB5DB8BB53AA1EE8CDFE86A494D1C2405C5AAE058D1990C91607D8043A74453AFB650110CA784BA307E531B153537B2C0A888D75229CC1D3CD27B0D7A6BEE20E82B7EB912D9F36BC8630990003DE2494DE017CB9D0EDBA7F0785927E79A76DA00707ADA18B9EBC57930E36E76737A7BA31F8F36F11D8CEDDCE28A411EEB34CE5D5235E88F66089F59CD921A84789512947DFDC8247A68353D05BEAFA6E450D7211D8BABE3C4C63685E9FA7742BD6309F3D72B9BE5E1B84E534596A81DAF1F5483C001FED71A9C7E432A28E52E43D9A0D4D4607B5E3459C7D424925C34311958344EBB86AF4E02675F8701BD55AACE3DDF48980E1977EE44275BEEE341C090820A63FD317595D7A0CCD00609B49E4AAF8C744F2FEA35A806B9B79C519CCDCE59F225FA243FD1AD0C8DBAFA17291CCA0C0C4DAB68060205F72978A5879093A132BE80C061D33348D94A8C79AE86F637701FC44E795B0F15D4610E0B269DEC7B24F717A7284A521759894AE475E7E35472ABC8C82DADE518628FF0DD37B48D94D48C18BF686F509AE5A5C35CC7BC33861673166B743FE10EB6508D36B29D1C798210E3D1840418A67214F9DB6FAF60BB42329226517C202436F735C1D326B49E1A37FF80BA4599A55898A48A2967647EA5E48B88F8034C7BBE9AFC1CD8DCC986495AB7070346E83479BC23925D418A68C7D72B4BCC106FEE74532F70F3CA019C68D419E944C34A69DAC2CDA1155F4FCDEC53CFB3AED1FE07C58FD20D673CE274AC89AEB3D72C36C2D81B42A5F9A61A83FB748749FDA5598C5A519A3026B1475F61CA5DE7A77BE86C2DC6EBAA6F756D5C15AF0F0844C05F233A0468148956C0BA80ACDCB7850FE0CBE75DB675AB712ADBF0934765919A697F4C4345E2AD63B159664FE0DB201683C8DFBBDB1EFE3B580C11809AC815C1863929E60B7A0819D255C8EE7AA582C33E0153EB685E830627829C141DF8B5C599D9DDD25CB3EFAD7C4369A470D3AE3CF4CD0CDCB185A402F7C3E395C41A003293
41120171229091948 2 6 100 8191 2 F461D7B72CCE12BB489DFEBB0D3252492FB894ADE7EEFCA4FCEAE71B2078652882837E3DDE311BA08D03316DDE3C3C844C34F37E7536601A57C95E1D191CC3B603E15D0E27D99ECC6B7781424F1D40E39FFF25D3F99C207359AD00CB7A68DC0937FDC38F24EF6C095DA60D92F977FBE8674D9885C4F147D6B6114F1CAF9F56327EF2A9CF30C5A26F46E19FAFACF357EC4E9119FB4AC34FF97FE5CDA2D578E00DF294AC88305AA8C9CFA074F35A211DD176486BBFDF04269B47C1EECAA0FAD95F6A5D829770F73DE8AF9D45928E4BF4C71412821419E2AFB2DA29FAA42557CB595B75433FDF015E42853C784AC8A15857D494900319D36B3A6672B885B686D6498D50A7843D381D240A77C053853FBFC670687678EA7AA909F9D82D2363ABD4851E3D20CE16632E0B1522AAB5DB8BB53AA1EE8CDFE86A494D1C2405C5AAE058D1990C91607D8043A74453AFB650110CA784BA307E531B153537B2C0A888D75229CC1D3CD27B0D7A6BEE20E82B7EB912D9F36BC8630990003DE2494DE017CB9D0EDBA7F0785927E79A76DA00707ADA18B9EBC57930E36E76737A7BA31F8F36F11D8CEDDCE28A411EEB34CE5D5235E88F66089F59CD921A84789512947DFDC8247A68353D05BEAFA6E450D7211D8BABE3C4C63685E9FA7742BD6309F3D72B9BE5E1B84E534596A81DAF1F5483C001FED71A9C7E432A28E52E43D9A0D4D4607B5E3459C7D424925C34311958344EBB86AF4E02675F8701BD55AACE3DDF48980E1977EE44275BEEE341C090820A63FD317595D7A0CCD00609B49E4AAF8C744F2FEA35A806B9B79C519CCDCE59F225FA243FD1AD0C8DBAFA17291CCA0C0C4DAB68060205F72978A5879093A132BE80C061D33348D94A8C79AE86F637701FC44E795B0F15D4610E0B269DEC7B24F717A7284A521759894AE475E7E35472ABC8C82DADE518628FF0DD37B48D94D48C18BF686F509AE5A5C35CC7BC33861673166B743FE10EB6508D36B29D1C798210E3D1840418A67214F9DB6FAF60BB42329226517C202436F735C1D326B49E1A37FF80BA4599A55898A48A2967647EA5E48B88F8034C7BBE9AFC1CD8DCC986495AB7070346E83479BC23925D418A68C7D72B4BCC106FEE74532F70F3CA019C68D419E944C34A69DAC2CDA1155F4FCDEC53CFB3AED1FE07C58FD20D673CE274AC89AEB3D72C36C2D81B42A5F9A61A83FB748749FDA5598C5A519A3026B1475F61CA5DE7A77BE86C2DC6EBAA6F756D5C15AF0F0844C05F233A0468148956C0BA80ACDCB7850FE0CBE75DB675AB712ADBF0934765919A697F4C4345E2AD63B159664FE0DB201683C8DFBBDB1EFE3B580C11809AC815C1863929E60B7A0819D255C8EE7AA582C33E0153EB685E830627829C141DF8B5C599D9DDD25CB3EFAD7C4369A470D3AE3CF4CD0CDCB185A402F7C3E395C41A97B0B3
41220171229152509 2 6 100 8191 2 F461D7B72CCE12BB489DFEBB0D3252492FB894ADE7EEFCA4FCEAE71B2078652882837E3DDE311BA08D03316DDE3C3C844C34F37E7536601A57C95E1D191CC3B603E15D0E27D99ECC6B7781424F1D40E39FFF25D3F99C207359AD00CB7A68DC0937FDC38F24EF6C095DA60D92F977FBE8674D9885C4F147D6B6114F1CAF9F56327EF2A9CF30C5A26F46E19FAFACF357EC4E9119FB4AC34FF97FE5CDA2D578E00DF294AC88305AA8C9CFA074F35A211DD176486BBFDF04269B47C1EECAA0FAD95F6A5D829770F73DE8AF9D45928E4BF4C71412821419E2AFB2DA29FAA42557CB595B75433FDF015E42853C784AC8A15857D494900319D36B3A6672B885B686D6498D50A7843D381D240A77C053853FBFC670687678EA7AA909F9D82D2363ABD4851E3D20CE16632E0B1522AAB5DB8BB53AA1EE8CDFE86A494D1C2405C5AAE058D1990C91607D8043A74453AFB650110CA784BA307E531B153537B2C0A888D75229CC1D3CD27B0D7A6BEE20E82B7EB912D9F36BC8630990003DE2494DE017CB9D0EDBA7F0785927E79A76DA00707ADA18B9EBC57930E36E76737A7BA31F8F36F11D8CEDDCE28A411EEB34CE5D5235E88F66089F59CD921A84789512947DFDC8247A68353D05BEAFA6E450D7211D8BABE3C4C63685E9FA7742BD6309F3D72B9BE5E1B84E534596A81DAF1F5483C001FED71A9C7E432A28E52E43D9A0D4D4607B5E3459C7D424925C34311958344EBB86AF4E02675F8701BD55AACE3DDF48980E1977EE44275BEEE341C090820A63FD317595D7A0CCD00609B49E4AAF8C744F2FEA35A806B9B79C519CCDCE59F225FA243FD1AD0C8DBAFA17291CCA0C0C4DAB68060205F72978A5879093A132BE80C061D33348D94A8C79AE86F637701FC44E795B0F15D4610E0B269DEC7B24F717A7284A521759894AE475E7E35472ABC8C82DADE518628FF0DD37B48D94D48C18BF686F509AE5A5C35CC7BC33861673166B743FE10EB6508D36B29D1C798210E3D1840418A67214F9DB6FAF60BB42329226517C202436F735C1D326B49E1A37FF80BA4599A55898A48A2967647EA5E48B88F8034C7BBE9AFC1CD8DCC986495AB7070346E83479BC23925D418A68C7D72B4BCC106FEE74532F70F3CA019C68D419E944C34A69DAC2CDA1155F4FCDEC53CFB3AED1FE07C58FD20D673CE274AC89AEB3D72C36C2D81B42A5F9A61A83FB748749FDA5598C5A519A3026B1475F61CA5DE7A77BE86C2DC6EBAA6F756D5C15AF0F0844C05F233A0468148956C0BA80ACDCB7850FE0CBE75DB675AB712ADBF0934765919A697F4C4345E2AD63B159664FE0DB201683C8DFBBDB1EFE3B580C11809AC815C1863929E60B7A0819D255C8EE7AA582C33E0153EB685E830627829C141DF8B5C599D9DDD25CB3EFAD7C4369A470D3AE3CF4CD0CDCB185A402F7C3E395C41EA78513
41320171229193934 2 6 100 8191 2 F461D7B72CCE12BB489DFEBB0D3252492FB894ADE7EEFCA4FCEAE71B2078652882837E3DDE311BA08D03316DDE3C3C844C34F37E7536601A57C95E1D191CC3B603E15D0E27D99ECC6B7781424F1D40E39FFF25D3F99C207359AD00CB7A68DC0937FDC38F24EF6C095DA60D92F977FBE8674D9885C4F147D6B6114F1CAF9F56327EF2A9CF30C5A26F46E19FAFACF357EC4E9119FB4AC34FF97FE5CDA2D578E00DF294AC88305AA8C9CFA074F35A211DD176486BBFDF04269B47C1EECAA0FAD95F6A5D829770F73DE8AF9D45928E4BF4C71412821419E2AFB2DA29FAA42557CB595B75433FDF015E42853C784AC8A15857D494900319D36B3A6672B885B686D6498D50A7843D381D240A77C053853FBFC670687678EA7AA909F9D82D2363ABD4851E3D20CE16632E0B1522AAB5DB8BB53AA1EE8CDFE86A494D1C2405C5AAE058D1990C91607D8043A74453AFB650110CA784BA307E531B153537B2C0A888D75229CC1D3CD27B0D7A6BEE20E82B7EB912D9F36BC8630990003DE2494DE017CB9D0EDBA7F0785927E79A76DA00707ADA18B9EBC57930E36E76737A7BA31F8F36F11D8CEDDCE28A411EEB34CE5D5235E88F66089F59CD921A84789512947DFDC8247A68353D05BEAFA6E450D7211D8BABE3C4C63685E9FA7742BD6309F3D72B9BE5E1B84E534596A81DAF1F5483C001FED71A9C7E432A28E52E43D9A0D4D4607B5E3459C7D424925C34311958344EBB86AF4E02675F8701BD55AACE3DDF48980E1977EE44275BEEE341C090820A63FD317595D7A0CCD00609B49E4AAF8C744F2FEA35A806B9B79C519CCDCE59F225FA243FD1AD0C8DBAFA17291CCA0C0C4DAB68060205F72978A5879093A132BE80C061D33348D94A8C79AE86F637701FC44E795B0F15D4610E0B269DEC7B24F717A7284A521759894AE475E7E35472ABC8C82DADE518628FF0DD37B48D94D48C18BF686F509AE5A5C35CC7BC33861673166B743FE10EB6508D36B29D1C798210E3D1840418A67214F9DB6FAF60BB42329226517C202436F735C1D326B49E1A37FF80BA4599A55898A48A2967647EA5E48B88F8034C7BBE9AFC1CD8DCC986495AB7070346E83479BC23925D418A68C7D72B4BCC106FEE74532F70F3CA019C68D419E944C34A69DAC2CDA1155F4FCDEC53CFB3AED1FE07C58FD20D673CE274AC89AEB3D72C36C2D81B42A5F9A61A83FB748749FDA5598C5A519A3026B1475F61CA5DE7A77BE86C2DC6EBAA6F756D5C15AF0F0844C05F233A0468148956C0BA80ACDCB7850FE0CBE75DB675AB712ADBF0934765919A697F4C4345E2AD63B159664FE0DB201683C8DFBBDB1EFE3B580C11809AC815C1863929E60B7A0819D255C8EE7AA582C33E0153EB685E830627829C141DF8B5C599D9DDD25CB3EFAD7C4369A470D3AE3CF4CD0CDCB185A402F7C3E395C4216FDF1B
41420171230082815 2 6 100 8191 2 F461D7B72CCE12BB489DFEBB0D3252492FB894ADE7EEFCA4FCEAE71B2078652882837E3DDE311BA08D03316DDE3C3C844C34F37E7536601A57C95E1D191CC3B603E15D0E27D99ECC6B7781424F1D40E39FFF25D3F99C207359AD00CB7A68DC0937FDC38F24EF6C095DA60D92F977FBE8674D9885C4F147D6B6114F1CAF9F56327EF2A9CF30C5A26F46E19FAFACF357EC4E9119FB4AC34FF97FE5CDA2D578E00DF294AC88305AA8C9CFA074F35A211DD176486BBFDF04269B47C1EECAA0FAD95F6A5D829770F73DE8AF9D45928E4BF4C71412821419E2AFB2DA29FAA42557CB595B75433FDF015E42853C784AC8A15857D494900319D36B3A6672B885B686D6498D50A7843D381D240A77C053853FBFC670687678EA7AA909F9D82D2363ABD4851E3D20CE16632E0B1522AAB5DB8BB53AA1EE8CDFE86A494D1C2405C5AAE058D1990C91607D8043A74453AFB650110CA784BA307E531B153537B2C0A888D75229CC1D3CD27B0D7A6BEE20E82B7EB912D9F36BC8630990003DE2494DE017CB9D0EDBA7F0785927E79A76DA00707ADA18B9EBC57930E36E76737A7BA31F8F36F11D8CEDDCE28A411EEB34CE5D5235E88F66089F59CD921A84789512947DFDC8247A68353D05BEAFA6E450D7211D8BABE3C4C63685E9FA7742BD6309F3D72B9BE5E1B84E534596A81DAF1F5483C001FED71A9C7E432A28E52E43D9A0D4D4607B5E3459C7D424925C34311958344EBB86AF4E02675F8701BD55AACE3DDF48980E1977EE44275BEEE341C090820A63FD317595D7A0CCD00609B49E4AAF8C744F2FEA35A806B9B79C519CCDCE59F225FA243FD1AD0C8DBAFA17291CCA0C0C4DAB68060205F72978A5879093A132BE80C061D33348D94A8C79AE86F637701FC44E795B0F15D4610E0B269DEC7B24F717A7284A521759894AE475E7E35472ABC8C82DADE518628FF0DD37B48D94D48C18BF686F509AE5A5C35CC7BC33861673166B743FE10EB6508D36B29D1C798210E3D1840418A67214F9DB6FAF60BB42329226517C202436F735C1D326B49E1A37FF80BA4599A55898A48A2967647EA5E48B88F8034C7BBE9AFC1CD8DCC986495AB7070346E83479BC23925D418A68C7D72B4BCC106FEE74532F70F3CA019C68D419E944C34A69DAC2CDA1155F4FCDEC53CFB3AED1FE07C58FD20D673CE274AC89AEB3D72C36C2D81B42A5F9A61A83FB748749FDA5598C5A519A3026B1475F61CA5DE7A77BE86C2DC6EBAA6F756D5C15AF0F0844C05F233A0468148956C0BA80ACDCB7850FE0CBE75DB675AB712ADBF0934765919A697F4C4345E2AD63B159664FE0DB201683C8DFBBDB1EFE3B580C11809AC815C1863929E60B7A0819D255C8EE7AA582C33E0153EB685E830627829C141DF8B5C599D9DDD25CB3EFAD7C4369A470D3AE3CF4CD0CDCB185A402F7C3E395C429E6D743
41520171230095722 2 6 100 8191 2 F461D7B72CCE12BB489DFEBB0D3252492FB894ADE7EEFCA4FCEAE71B2078652882837E3DDE311BA08D03316DDE3C3C844C34F37E7536601A57C95E1D191CC3B603E15D0E27D99ECC6B7781424F1D40E39FFF25D3F99C207359AD00CB7A68DC0937FDC38F24EF6C095DA60D92F977FBE8674D9885C4F147D6B6114F1CAF9F56327EF2A9CF30C5A26F46E19FAFACF357EC4E9119FB4AC34FF97FE5CDA2D578E00DF294AC88305AA8C9CFA074F35A211DD176486BBFDF04269B47C1EECAA0FAD95F6A5D829770F73DE8AF9D45928E4BF4C71412821419E2AFB2DA29FAA42557CB595B75433FDF015E42853C784AC8A15857D494900319D36B3A6672B885B686D6498D50A7843D381D240A77C053853FBFC670687678EA7AA909F9D82D2363ABD4851E3D20CE16632E0B1522AAB5DB8BB53AA1EE8CDFE86A494D1C2405C5AAE058D1990C91607D8043A74453AFB650110CA784BA307E531B153537B2C0A888D75229CC1D3CD27B0D7A6BEE20E82B7EB912D9F36BC8630990003DE2494DE017CB9D0EDBA7F0785927E79A76DA00707ADA18B9EBC57930E36E76737A7BA31F8F36F11D8CEDDCE28A411EEB34CE5D5235E88F66089F59CD921A84789512947DFDC8247A68353D05BEAFA6E450D7211D8BABE3C4C63685E9FA7742BD6309F3D72B9BE5E1B84E534596A81DAF1F5483C001FED71A9C7E432A28E52E43D9A0D4D4607B5E3459C7D424925C34311958344EBB86AF4E02675F8701BD55AACE3DDF48980E1977EE44275BEEE341C090820A63FD317595D7A0CCD00609B49E4AAF8C744F2FEA35A806B9B79C519CCDCE59F225FA243FD1AD0C8DBAFA17291CCA0C0C4DAB68060205F72978A5879093A132BE80C061D33348D94A8C79AE86F637701FC44E795B0F15D4610E0B269DEC7B24F717A7284A521759894AE475E7E35472ABC8C82DADE518628FF0DD37B48D94D48C18BF686F509AE5A5C35CC7BC33861673166B743FE10EB6508D36B29D1C798210E3D1840418A67214F9DB6FAF60BB42329226517C202436F735C1D326B49E1A37FF80BA4599A55898A48A2967647EA5E48B88F8034C7BBE9AFC1CD8DCC986495AB7070346E83479BC23925D418A68C7D72B4BCC106FEE74532F70F3CA019C68D419E944C34A69DAC2CDA1155F4FCDEC53CFB3AED1FE07C58FD20D673CE274AC89AEB3D72C36C2D81B42A5F9A61A83FB748749FDA5598C5A519A3026B1475F61CA5DE7A77BE86C2DC6EBAA6F756D5C15AF0F0844C05F233A0468148956C0BA80ACDCB7850FE0CBE75DB675AB712ADBF0934765919A697F4C4345E2AD63B159664FE0DB201683C8DFBBDB1EFE3B580C11809AC815C1863929E60B7A0819D255C8EE7AA582C33E0153EB685E830627829C141DF8B5C599D9DDD25CB3EFAD7C4369A470D3AE3CF4CD0CDCB185A402F7C3E395C42ADAFEC3
41620171231000503 2 6 100 8191 2 F461D7B72CCE12BB489DFEBB0D3252492FB894ADE7EEFCA4FCEAE71B2078652882837E3DDE311BA08D03316DDE3C3C844C34F37E7536601A57C95E1D191CC3B603E15D0E27D99ECC6B7781424F1D40E39FFF25D3F99C207359AD00CB7A68DC0937FDC38F24EF6C095DA60D92F977FBE8674D9885C4F147D6B6114F1CAF9F56327EF2A9CF30C5A26F46E19FAFACF357EC4E9119FB4AC34FF97FE5CDA2D578E00DF294AC88305AA8C9CFA074F35A211DD176486BBFDF04269B47C1EECAA0FAD95F6A5D829770F73DE8AF9D45928E4BF4C71412821419E2AFB2DA29FAA42557CB595B75433FDF015E42853C784AC8A15857D494900319D36B3A6672B885B686D6498D50A7843D381D240A77C053853FBFC670687678EA7AA909F9D82D2363ABD4851E3D20CE16632E0B1522AAB5DB8BB53AA1EE8CDFE86A494D1C2405C5AAE058D1990C91607D8043A74453AFB650110CA784BA307E531B153537B2C0A888D75229CC1D3CD27B0D7A6BEE20E82B7EB912D9F36BC8630990003DE2494DE017CB9D0EDBA7F0785927E79A76DA00707ADA18B9EBC57930E36E76737A7BA31F8F36F11D8CEDDCE28A411EEB34CE5D5235E88F66089F59CD921A84789512947DFDC8247A68353D05BEAFA6E450D7211D8BABE3C4C63685E9FA7742BD6309F3D72B9BE5E1B84E534596A81DAF1F5483C001FED71A9C7E432A28E52E43D9A0D4D4607B5E3459C7D424925C34311958344EBB86AF4E02675F8701BD55AACE3DDF48980E1977EE44275BEEE341C090820A63FD317595D7A0CCD00609B49E4AAF8C744F2FEA35A806B9B79C519CCDCE59F225FA243FD1AD0C8DBAFA17291CCA0C0C4DAB68060205F72978A5879093A132BE80C061D33348D94A8C79AE86F637701FC44E795B0F15D4610E0B269DEC7B24F717A7284A521759894AE475E7E35472ABC8C82DADE518628FF0DD37B48D94D48C18BF686F509AE5A5C35CC7BC33861673166B743FE10EB6508D36B29D1C798210E3D1840418A67214F9DB6FAF60BB42329226517C202436F735C1D326B49E1A37FF80BA4599A55898A48A2967647EA5E48B88F8034C7BBE9AFC1CD8DCC986495AB7070346E83479BC23925D418A68C7D72B4BCC106FEE74532F70F3CA019C68D419E944C34A69DAC2CDA1155F4FCDEC53CFB3AED1FE07C58FD20D673CE274AC89AEB3D72C36C2D81B42A5F9A61A83FB748749FDA5598C5A519A3026B1475F61CA5DE7A77BE86C2DC6EBAA6F756D5C15AF0F0844C05F233A0468148956C0BA80ACDCB7850FE0CBE75DB675AB712ADBF0934765919A697F4C4345E2AD63B159664FE0DB201683C8DFBBDB1EFE3B580C11809AC815C1863929E60B7A0819D255C8EE7AA582C33E0153EB685E830627829C141DF8B5C599D9DDD25CB3EFAD7C4369A470D3AE3CF4CD0CDCB185A402F7C3E395C4341E820B
41720171231123324 2 6 100 8191 2 F461D7B72CCE12BB489DFEBB0D3252492FB894ADE7EEFCA4FCEAE71B2078652882837E3DDE311BA08D03316DDE3C3C844C34F37E7536601A57C95E1D191CC3B603E15D0E27D99ECC6B7781424F1D40E39FFF25D3F99C207359AD00CB7A68DC0937FDC38F24EF6C095DA60D92F977FBE8674D9885C4F147D6B6114F1CAF9F56327EF2A9CF30C5A26F46E19FAFACF357EC4E9119FB4AC34FF97FE5CDA2D578E00DF294AC88305AA8C9CFA074F35A211DD176486BBFDF04269B47C1EECAA0FAD95F6A5D829770F73DE8AF9D45928E4BF4C71412821419E2AFB2DA29FAA42557CB595B75433FDF015E42853C784AC8A15857D494900319D36B3A6672B885B686D6498D50A7843D381D240A77C053853FBFC670687678EA7AA909F9D82D2363ABD4851E3D20CE16632E0B1522AAB5DB8BB53AA1EE8CDFE86A494D1C2405C5AAE058D1990C91607D8043A74453AFB650110CA784BA307E531B153537B2C0A888D75229CC1D3CD27B0D7A6BEE20E82B7EB912D9F36BC8630990003DE2494DE017CB9D0EDBA7F0785927E79A76DA00707ADA18B9EBC57930E36E76737A7BA31F8F36F11D8CEDDCE28A411EEB34CE5D5235E88F66089F59CD921A84789512947DFDC8247A68353D05BEAFA6E450D7211D8BABE3C4C63685E9FA7742BD6309F3D72B9BE5E1B84E534596A81DAF1F5483C001FED71A9C7E432A28E52E43D9A0D4D4607B5E3459C7D424925C34311958344EBB86AF4E02675F8701BD55AACE3DDF48980E1977EE44275BEEE341C090820A63FD317595D7A0CCD00609B49E4AAF8C744F2FEA35A806B9B79C519CCDCE59F225FA243FD1AD0C8DBAFA17291CCA0C0C4DAB68060205F72978A5879093A132BE80C061D33348D94A8C79AE86F637701FC44E795B0F15D4610E0B269DEC7B24F717A7284A521759894AE475E7E35472ABC8C82DADE518628FF0DD37B48D94D48C18BF686F509AE5A5C35CC7BC33861673166B743FE10EB6508D36B29D1C798210E3D1840418A67214F9DB6FAF60BB42329226517C202436F735C1D326B49E1A37FF80BA4599A55898A48A2967647EA5E48B88F8034C7BBE9AFC1CD8DCC986495AB7070346E83479BC23925D418A68C7D72B4BCC106FEE74532F70F3CA019C68D419E944C34A69DAC2CDA1155F4FCDEC53CFB3AED1FE07C58FD20D673CE274AC89AEB3D72C36C2D81B42A5F9A61A83FB748749FDA5598C5A519A3026B1475F61CA5DE7A77BE86C2DC6EBAA6F756D5C15AF0F0844C05F233A0468148956C0BA80ACDCB7850FE0CBE75DB675AB712ADBF0934765919A697F4C4345E2AD63B159664FE0DB201683C8DFBBDB1EFE3B580C11809AC815C1863929E60B7A0819D255C8EE7AA582C33E0153EB685E830627829C141DF8B5C599D9DDD25CB3EFAD7C4369A470D3AE3CF4CD0CDCB185A402F7C3E395C43C20726B
41820171231133810 2 6 100 8191 5 F461D7B72CCE12BB489DFEBB0D3252492FB894ADE7EEFCA4FCEAE71B2078652882837E3DDE311BA08D03316DDE3C3C844C34F37E7536601A57C95E1D191CC3B603E15D0E27D99ECC6B7781424F1D40E39FFF25D3F99C207359AD00CB7A68DC0937FDC38F24EF6C095DA60D92F977FBE8674D9885C4F147D6B6114F1CAF9F56327EF2A9CF30C5A26F46E19FAFACF357EC4E9119FB4AC34FF97FE5CDA2D578E00DF294AC88305AA8C9CFA074F35A211DD176486BBFDF04269B47C1EECAA0FAD95F6A5D829770F73DE8AF9D45928E4BF4C71412821419E2AFB2DA29FAA42557CB595B75433FDF015E42853C784AC8A15857D494900319D36B3A6672B885B686D6498D50A7843D381D240A77C053853FBFC670687678EA7AA909F9D82D2363ABD4851E3D20CE16632E0B1522AAB5DB8BB53AA1EE8CDFE86A494D1C2405C5AAE058D1990C91607D8043A74453AFB650110CA784BA307E531B153537B2C0A888D75229CC1D3CD27B0D7A6BEE20E82B7EB912D9F36BC8630990003DE2494DE017CB9D0EDBA7F0785927E79A76DA00707ADA18B9EBC57930E36E76737A7BA31F8F36F11D8CEDDCE28A411EEB34CE5D5235E88F66089F59CD921A84789512947DFDC8247A68353D05BEAFA6E450D7211D8BABE3C4C63685E9FA7742BD6309F3D72B9BE5E1B84E534596A81DAF1F5483C001FED71A9C7E432A28E52E43D9A0D4D4607B5E3459C7D424925C34311958344EBB86AF4E02675F8701BD55AACE3DDF48980E1977EE44275BEEE341C090820A63FD317595D7A0CCD00609B49E4AAF8C744F2FEA35A806B9B79C519CCDCE59F225FA243FD1AD0C8DBAFA17291CCA0C0C4DAB68060205F72978A5879093A132BE80C061D33348D94A8C79AE86F637701FC44E795B0F15D4610E0B269DEC7B24F717A7284A521759894AE475E7E35472ABC8C82DADE518628FF0DD37B48D94D48C18BF686F509AE5A5C35CC7BC33861673166B743FE10EB6508D36B29D1C798210E3D1840418A67214F9DB6FAF60BB42329226517C202436F735C1D326B49E1A37FF80BA4599A55898A48A2967647EA5E48B88F8034C7BBE9AFC1CD8DCC986495AB7070346E83479BC23925D418A68C7D72B4BCC106FEE74532F70F3CA019C68D419E944C34A69DAC2CDA1155F4FCDEC53CFB3AED1FE07C58FD20D673CE274AC89AEB3D72C36C2D81B42A5F9A61A83FB748749FDA5598C5A519A3026B1475F61CA5DE7A77BE86C2DC6EBAA6F756D5C15AF0F0844C05F233A0468148956C0BA80ACDCB7850FE0CBE75DB675AB712ADBF0934765919A697F4C4345E2AD63B159664FE0DB201683C8DFBBDB1EFE3B580C11809AC815C1863929E60B7A0819D255C8EE7AA582C33E0153EB685E830627829C141DF8B5C599D9DDD25CB3EFAD7C4369A470D3AE3CF4CD0CDCB185A402F7C3E395C43CC9B38F
41920180101034650 2 6 100 8191 5 F461D7B72CCE12BB489DFEBB0D3252492FB894ADE7EEFCA4FCEAE71B2078652882837E3DDE311BA08D03316DDE3C3C844C34F37E7536601A57C95E1D191CC3B603E15D0E27D99ECC6B7781424F1D40E39FFF25D3F99C207359AD00CB7A68DC0937FDC38F24EF6C095DA60D92F977FBE8674D9885C4F147D6B6114F1CAF9F56327EF2A9CF30C5A26F46E19FAFACF357EC4E9119FB4AC34FF97FE5CDA2D578E00DF294AC88305AA8C9CFA074F35A211DD176486BBFDF04269B47C1EECAA0FAD95F6A5D829770F73DE8AF9D45928E4BF4C71412821419E2AFB2DA29FAA42557CB595B75433FDF015E42853C784AC8A15857D494900319D36B3A6672B885B686D6498D50A7843D381D240A77C053853FBFC670687678EA7AA909F9D82D2363ABD4851E3D20CE16632E0B1522AAB5DB8BB53AA1EE8CDFE86A494D1C2405C5AAE058D1990C91607D8043A74453AFB650110CA784BA307E531B153537B2C0A888D75229CC1D3CD27B0D7A6BEE20E82B7EB912D9F36BC8630990003DE2494DE017CB9D0EDBA7F0785927E79A76DA00707ADA18B9EBC57930E36E76737A7BA31F8F36F11D8CEDDCE28A411EEB34CE5D5235E88F66089F59CD921A84789512947DFDC8247A68353D05BEAFA6E450D7211D8BABE3C4C63685E9FA7742BD6309F3D72B9BE5E1B84E534596A81DAF1F5483C001FED71A9C7E432A28E52E43D9A0D4D4607B5E3459C7D424925C34311958344EBB86AF4E02675F8701BD55AACE3DDF48980E1977EE44275BEEE341C090820A63FD317595D7A0CCD00609B49E4AAF8C744F2FEA35A806B9B79C519CCDCE59F225FA243FD1AD0C8DBAFA17291CCA0C0C4DAB68060205F72978A5879093A132BE80C061D33348D94A8C79AE86F637701FC44E795B0F15D4610E0B269DEC7B24F717A7284A521759894AE475E7E35472ABC8C82DADE518628FF0DD37B48D94D48C18BF686F509AE5A5C35CC7BC33861673166B743FE10EB6508D36B29D1C798210E3D1840418A67214F9DB6FAF60BB42329226517C202436F735C1D326B49E1A37FF80BA4599A55898A48A2967647EA5E48B88F8034C7BBE9AFC1CD8DCC986495AB7070346E83479BC23925D418A68C7D72B4BCC106FEE74532F70F3CA019C68D419E944C34A69DAC2CDA1155F4FCDEC53CFB3AED1FE07C58FD20D673CE274AC89AEB3D72C36C2D81B42A5F9A61A83FB748749FDA5598C5A519A3026B1475F61CA5DE7A77BE86C2DC6EBAA6F756D5C15AF0F0844C05F233A0468148956C0BA80ACDCB7850FE0CBE75DB675AB712ADBF0934765919A697F4C4345E2AD63B159664FE0DB201683C8DFBBDB1EFE3B580C11809AC815C1863929E60B7A0819D255C8EE7AA582C33E0153EB685E830627829C141DF8B5C599D9DDD25CB3EFAD7C4369A470D3AE3CF4CD0CDCB185A402F7C3E395C445D1D6AF
42020180102021859 2 6 100 8191 2 F461D7B72CCE12BB489DFEBB0D3252492FB894ADE7EEFCA4FCEAE71B2078652882837E3DDE311BA08D03316DDE3C3C844C34F37E7536601A57C95E1D191CC3B603E15D0E27D99ECC6B7781424F1D40E39FFF25D3F99C207359AD00CB7A68DC0937FDC38F24EF6C095DA60D92F977FBE8674D9885C4F147D6B6114F1CAF9F56327EF2A9CF30C5A26F46E19FAFACF357EC4E9119FB4AC34FF97FE5CDA2D578E00DF294AC88305AA8C9CFA074F35A211DD176486BBFDF04269B47C1EECAA0FAD95F6A5D829770F73DE8AF9D45928E4BF4C71412821419E2AFB2DA29FAA42557CB595B75433FDF015E42853C784AC8A15857D494900319D36B3A6672B885B686D6498D50A7843D381D240A77C053853FBFC670687678EA7AA909F9D82D2363ABD4851E3D20CE16632E0B1522AAB5DB8BB53AA1EE8CDFE86A494D1C2405C5AAE058D1990C91607D8043A74453AFB650110CA784BA307E531B153537B2C0A888D75229CC1D3CD27B0D7A6BEE20E82B7EB912D9F36BC8630990003DE2494DE017CB9D0EDBA7F0785927E79A76DA00707ADA18B9EBC57930E36E76737A7BA31F8F36F11D8CEDDCE28A411EEB34CE5D5235E88F66089F59CD921A84789512947DFDC8247A68353D05BEAFA6E450D7211D8BABE3C4C63685E9FA7742BD6309F3D72B9BE5E1B84E534596A81DAF1F5483C001FED71A9C7E432A28E52E43D9A0D4D4607B5E3459C7D424925C34311958344EBB86AF4E02675F8701BD55AACE3DDF48980E1977EE44275BEEE341C090820A63FD317595D7A0CCD00609B49E4AAF8C744F2FEA35A806B9B79C519CCDCE59F225FA243FD1AD0C8DBAFA17291CCA0C0C4DAB68060205F72978A5879093A132BE80C061D33348D94A8C79AE86F637701FC44E795B0F15D4610E0B269DEC7B24F717A7284A521759894AE475E7E35472ABC8C82DADE518628FF0DD37B48D94D48C18BF686F509AE5A5C35CC7BC33861673166B743FE10EB6508D36B29D1C798210E3D1840418A67214F9DB6FAF60BB42329226517C202436F735C1D326B49E1A37FF80BA4599A55898A48A2967647EA5E48B88F8034C7BBE9AFC1CD8DCC986495AB7070346E83479BC23925D418A68C7D72B4BCC106FEE74532F70F3CA019C68D419E944C34A69DAC2CDA1155F4FCDEC53CFB3AED1FE07C58FD20D673CE274AC89AEB3D72C36C2D81B42A5F9A61A83FB748749FDA5598C5A519A3026B1475F61CA5DE7A77BE86C2DC6EBAA6F756D5C15AF0F0844C05F233A0468148956C0BA80ACDCB7850FE0CBE75DB675AB712ADBF0934765919A697F4C4345E2AD63B159664FE0DB201683C8DFBBDB1EFE3B580C11809AC815C1863929E60B7A0819D255C8EE7AA582C33E0153EB685E830627829C141DF8B5C599D9DDD25CB3EFAD7C4369A470D3AE3CF4CD0CDCB185A402F7C3E395C453E3A923
42120180102095212 2 6 100 8191 2 F461D7B72CCE12BB489DFEBB0D3252492FB894ADE7EEFCA4FCEAE71B2078652882837E3DDE311BA08D03316DDE3C3C844C34F37E7536601A57C95E1D191CC3B603E15D0E27D99ECC6B7781424F1D40E39FFF25D3F99C207359AD00CB7A68DC0937FDC38F24EF6C095DA60D92F977FBE8674D9885C4F147D6B6114F1CAF9F56327EF2A9CF30C5A26F46E19FAFACF357EC4E9119FB4AC34FF97FE5CDA2D578E00DF294AC88305AA8C9CFA074F35A211DD176486BBFDF04269B47C1EECAA0FAD95F6A5D829770F73DE8AF9D45928E4BF4C71412821419E2AFB2DA29FAA42557CB595B75433FDF015E42853C784AC8A15857D494900319D36B3A6672B885B686D6498D50A7843D381D240A77C053853FBFC670687678EA7AA909F9D82D2363ABD4851E3D20CE16632E0B1522AAB5DB8BB53AA1EE8CDFE86A494D1C2405C5AAE058D1990C91607D8043A74453AFB650110CA784BA307E531B153537B2C0A888D75229CC1D3CD27B0D7A6BEE20E82B7EB912D9F36BC8630990003DE2494DE017CB9D0EDBA7F0785927E79A76DA00707ADA18B9EBC57930E36E76737A7BA31F8F36F11D8CEDDCE28A411EEB34CE5D5235E88F66089F59CD921A84789512947DFDC8247A68353D05BEAFA6E450D7211D8BABE3C4C63685E9FA7742BD6309F3D72B9BE5E1B84E534596A81DAF1F5483C001FED71A9C7E432A28E52E43D9A0D4D4607B5E3459C7D424925C34311958344EBB86AF4E02675F8701BD55AACE3DDF48980E1977EE44275BEEE341C090820A63FD317595D7A0CCD00609B49E4AAF8C744F2FEA35A806B9B79C519CCDCE59F225FA243FD1AD0C8DBAFA17291CCA0C0C4DAB68060205F72978A5879093A132BE80C061D33348D94A8C79AE86F637701FC44E795B0F15D4610E0B269DEC7B24F717A7284A521759894AE475E7E35472ABC8C82DADE518628FF0DD37B48D94D48C18BF686F509AE5A5C35CC7BC33861673166B743FE10EB6508D36B29D1C798210E3D1840418A67214F9DB6FAF60BB42329226517C202436F735C1D326B49E1A37FF80BA4599A55898A48A2967647EA5E48B88F8034C7BBE9AFC1CD8DCC986495AB7070346E83479BC23925D418A68C7D72B4BCC106FEE74532F70F3CA019C68D419E944C34A69DAC2CDA1155F4FCDEC53CFB3AED1FE07C58FD20D673CE274AC89AEB3D72C36C2D81B42A5F9A61A83FB748749FDA5598C5A519A3026B1475F61CA5DE7A77BE86C2DC6EBAA6F756D5C15AF0F0844C05F233A0468148956C0BA80ACDCB7850FE0CBE75DB675AB712ADBF0934765919A697F4C4345E2AD63B159664FE0DB201683C8DFBBDB1EFE3B580C11809AC815C1863929E60B7A0819D255C8EE7AA582C33E0153EB685E830627829C141DF8B5C599D9DDD25CB3EFAD7C4369A470D3AE3CF4CD0CDCB185A402F7C3E395C4589223B3
42220180102194603 2 6 100 8191 2 F461D7B72CCE12BB489DFEBB0D3252492FB894ADE7EEFCA4FCEAE71B2078652882837E3DDE311BA08D03316DDE3C3C844C34F37E7536601A57C95E1D191CC3B603E15D0E27D99ECC6B7781424F1D40E39FFF25D3F99C207359AD00CB7A68DC0937FDC38F24EF6C095DA60D92F977FBE8674D9885C4F147D6B6114F1CAF9F56327EF2A9CF30C5A26F46E19FAFACF357EC4E9119FB4AC34FF97FE5CDA2D578E00DF294AC88305AA8C9CFA074F35A211DD176486BBFDF04269B47C1EECAA0FAD95F6A5D829770F73DE8AF9D45928E4BF4C71412821419E2AFB2DA29FAA42557CB595B75433FDF015E42853C784AC8A15857D494900319D36B3A6672B885B686D6498D50A7843D381D240A77C053853FBFC670687678EA7AA909F9D82D2363ABD4851E3D20CE16632E0B1522AAB5DB8BB53AA1EE8CDFE86A494D1C2405C5AAE058D1990C91607D8043A74453AFB650110CA784BA307E531B153537B2C0A888D75229CC1D3CD27B0D7A6BEE20E82B7EB912D9F36BC8630990003DE2494DE017CB9D0EDBA7F0785927E79A76DA00707ADA18B9EBC57930E36E76737A7BA31F8F36F11D8CEDDCE28A411EEB34CE5D5235E88F66089F59CD921A84789512947DFDC8247A68353D05BEAFA6E450D7211D8BABE3C4C63685E9FA7742BD6309F3D72B9BE5E1B84E534596A81DAF1F5483C001FED71A9C7E432A28E52E43D9A0D4D4607B5E3459C7D424925C34311958344EBB86AF4E02675F8701BD55AACE3DDF48980E1977EE44275BEEE341C090820A63FD317595D7A0CCD00609B49E4AAF8C744F2FEA35A806B9B79C519CCDCE59F225FA243FD1AD0C8DBAFA17291CCA0C0C4DAB68060205F72978A5879093A132BE80C061D33348D94A8C79AE86F637701FC44E795B0F15D4610E0B269DEC7B24F717A7284A521759894AE475E7E35472ABC8C82DADE518628FF0DD37B48D94D48C18BF686F509AE5A5C35CC7BC33861673166B743FE10EB6508D36B29D1C798210E3D1840418A67214F9DB6FAF60BB42329226517C202436F735C1D326B49E1A37FF80BA4599A55898A48A2967647EA5E48B88F8034C7BBE9AFC1CD8DCC986495AB7070346E83479BC23925D418A68C7D72B4BCC106FEE74532F70F3CA019C68D419E944C34A69DAC2CDA1155F4FCDEC53CFB3AED1FE07C58FD20D673CE274AC89AEB3D72C36C2D81B42A5F9A61A83FB748749FDA5598C5A519A3026B1475F61CA5DE7A77BE86C2DC6EBAA6F756D5C15AF0F0844C05F233A0468148956C0BA80ACDCB7850FE0CBE75DB675AB712ADBF0934765919A697F4C4345E2AD63B159664FE0DB201683C8DFBBDB1EFE3B580C11809AC815C1863929E60B7A0819D255C8EE7AA582C33E0153EB685E830627829C141DF8B5C599D9DDD25CB3EFAD7C4369A470D3AE3CF4CD0CDCB185A402F7C3E395C45EA32E73
42320180102224522 2 6 100 8191 2 F461D7B72CCE12BB489DFEBB0D3252492FB894ADE7EEFCA4FCEAE71B2078652882837E3DDE311BA08D03316DDE3C3C844C34F37E7536601A57C95E1D191CC3B603E15D0E27D99ECC6B7781424F1D40E39FFF25D3F99C207359AD00CB7A68DC0937FDC38F24EF6C095DA60D92F977FBE8674D9885C4F147D6B6114F1CAF9F56327EF2A9CF30C5A26F46E19FAFACF357EC4E9119FB4AC34FF97FE5CDA2D578E00DF294AC88305AA8C9CFA074F35A211DD176486BBFDF04269B47C1EECAA0FAD95F6A5D829770F73DE8AF9D45928E4BF4C71412821419E2AFB2DA29FAA42557CB595B75433FDF015E42853C784AC8A15857D494900319D36B3A6672B885B686D6498D50A7843D381D240A77C053853FBFC670687678EA7AA909F9D82D2363ABD4851E3D20CE16632E0B1522AAB5DB8BB53AA1EE8CDFE86A494D1C2405C5AAE058D1990C91607D8043A74453AFB650110CA784BA307E531B153537B2C0A888D75229CC1D3CD27B0D7A6BEE20E82B7EB912D9F36BC8630990003DE2494DE017CB9D0EDBA7F0785927E79A76DA00707ADA18B9EBC57930E36E76737A7BA31F8F36F11D8CEDDCE28A411EEB34CE5D5235E88F66089F59CD921A84789512947DFDC8247A68353D05BEAFA6E450D7211D8BABE3C4C63685E9FA7742BD6309F3D72B9BE5E1B84E534596A81DAF1F5483C001FED71A9C7E432A28E52E43D9A0D4D4607B5E3459C7D424925C34311958344EBB86AF4E02675F8701BD55AACE3DDF48980E1977EE44275BEEE341C090820A63FD317595D7A0CCD00609B49E4AAF8C744F2FEA35A806B9B79C519CCDCE59F225FA243FD1AD0C8DBAFA17291CCA0C0C4DAB68060205F72978A5879093A132BE80C061D33348D94A8C79AE86F637701FC44E795B0F15D4610E0B269DEC7B24F717A7284A521759894AE475E7E35472ABC8C82DADE518628FF0DD37B48D94D48C18BF686F509AE5A5C35CC7BC33861673166B743FE10EB6508D36B29D1C798210E3D1840418A67214F9DB6FAF60BB42329226517C202436F735C1D326B49E1A37FF80BA4599A55898A48A2967647EA5E48B88F8034C7BBE9AFC1CD8DCC986495AB7070346E83479BC23925D418A68C7D72B4BCC106FEE74532F70F3CA019C68D419E944C34A69DAC2CDA1155F4FCDEC53CFB3AED1FE07C58FD20D673CE274AC89AEB3D72C36C2D81B42A5F9A61A83FB748749FDA5598C5A519A3026B1475F61CA5DE7A77BE86C2DC6EBAA6F756D5C15AF0F0844C05F233A0468148956C0BA80ACDCB7850FE0CBE75DB675AB712ADBF0934765919A697F4C4345E2AD63B159664FE0DB201683C8DFBBDB1EFE3B580C11809AC815C1863929E60B7A0819D255C8EE7AA582C33E0153EB685E830627829C141DF8B5C599D9DDD25CB3EFAD7C4369A470D3AE3CF4CD0CDCB185A402F7C3E395C4606F2AEB
42420180103002357 2 6 100 8191 2 F461D7B72CCE12BB489DFEBB0D3252492FB894ADE7EEFCA4FCEAE71B2078652882837E3DDE311BA08D03316DDE3C3C844C34F37E7536601A57C95E1D191CC3B603E15D0E27D99ECC6B7781424F1D40E39FFF25D3F99C207359AD00CB7A68DC0937FDC38F24EF6C095DA60D92F977FBE8674D9885C4F147D6B6114F1CAF9F56327EF2A9CF30C5A26F46E19FAFACF357EC4E9119FB4AC34FF97FE5CDA2D578E00DF294AC88305AA8C9CFA074F35A211DD176486BBFDF04269B47C1EECAA0FAD95F6A5D829770F73DE8AF9D45928E4BF4C71412821419E2AFB2DA29FAA42557CB595B75433FDF015E42853C784AC8A15857D494900319D36B3A6672B885B686D6498D50A7843D381D240A77C053853FBFC670687678EA7AA909F9D82D2363ABD4851E3D20CE16632E0B1522AAB5DB8BB53AA1EE8CDFE86A494D1C2405C5AAE058D1990C91607D8043A74453AFB650110CA784BA307E531B153537B2C0A888D75229CC1D3CD27B0D7A6BEE20E82B7EB912D9F36BC8630990003DE2494DE017CB9D0EDBA7F0785927E79A76DA00707ADA18B9EBC57930E36E76737A7BA31F8F36F11D8CEDDCE28A411EEB34CE5D5235E88F66089F59CD921A84789512947DFDC8247A68353D05BEAFA6E450D7211D8BABE3C4C63685E9FA7742BD6309F3D72B9BE5E1B84E534596A81DAF1F5483C001FED71A9C7E432A28E52E43D9A0D4D4607B5E3459C7D424925C34311958344EBB86AF4E02675F8701BD55AACE3DDF48980E1977EE44275BEEE341C090820A63FD317595D7A0CCD00609B49E4AAF8C744F2FEA35A806B9B79C519CCDCE59F225FA243FD1AD0C8DBAFA17291CCA0C0C4DAB68060205F72978A5879093A132BE80C061D33348D94A8C79AE86F637701FC44E795B0F15D4610E0B269DEC7B24F717A7284A521759894AE475E7E35472ABC8C82DADE518628FF0DD37B48D94D48C18BF686F509AE5A5C35CC7BC33861673166B743FE10EB6508D36B29D1C798210E3D1840418A67214F9DB6FAF60BB42329226517C202436F735C1D326B49E1A37FF80BA4599A55898A48A2967647EA5E48B88F8034C7BBE9AFC1CD8DCC986495AB7070346E83479BC23925D418A68C7D72B4BCC106FEE74532F70F3CA019C68D419E944C34A69DAC2CDA1155F4FCDEC53CFB3AED1FE07C58FD20D673CE274AC89AEB3D72C36C2D81B42A5F9A61A83FB748749FDA5598C5A519A3026B1475F61CA5DE7A77BE86C2DC6EBAA6F756D5C15AF0F0844C05F233A0468148956C0BA80ACDCB7850FE0CBE75DB675AB712ADBF0934765919A697F4C4345E2AD63B159664FE0DB201683C8DFBBDB1EFE3B580C11809AC815C1863929E60B7A0819D255C8EE7AA582C33E0153EB685E830627829C141DF8B5C599D9DDD25CB3EFAD7C4369A470D3AE3CF4CD0CDCB185A402F7C3E395C4617220D3
42520180103011455 2 6 100 8191 5 F461D7B72CCE12BB489DFEBB0D3252492FB894ADE7EEFCA4FCEAE71B2078652882837E3DDE311BA08D03316DDE3C3C844C34F37E7536601A57C95E1D191CC3B603E15D0E27D99ECC6B7781424F1D40E39FFF25D3F99C207359AD00CB7A68DC0937FDC38F24EF6C095DA60D92F977FBE8674D9885C4F147D6B6114F1CAF9F56327EF2A9CF30C5A26F46E19FAFACF357EC4E9119FB4AC34FF97FE5CDA2D578E00DF294AC88305AA8C9CFA074F35A211DD176486BBFDF04269B47C1EECAA0FAD95F6A5D829770F73DE8AF9D45928E4BF4C71412821419E2AFB2DA29FAA42557CB595B75433FDF015E42853C784AC8A15857D494900319D36B3A6672B885B686D6498D50A7843D381D240A77C053853FBFC670687678EA7AA909F9D82D2363ABD4851E3D20CE16632E0B1522AAB5DB8BB53AA1EE8CDFE86A494D1C2405C5AAE058D1990C91607D8043A74453AFB650110CA784BA307E531B153537B2C0A888D75229CC1D3CD27B0D7A6BEE20E82B7EB912D9F36BC8630990003DE2494DE017CB9D0EDBA7F0785927E79A76DA00707ADA18B9EBC57930E36E76737A7BA31F8F36F11D8CEDDCE28A411EEB34CE5D5235E88F66089F59CD921A84789512947DFDC8247A68353D05BEAFA6E450D7211D8BABE3C4C63685E9FA7742BD6309F3D72B9BE5E1B84E534596A81DAF1F5483C001FED71A9C7E432A28E52E43D9A0D4D4607B5E3459C7D424925C34311958344EBB86AF4E02675F8701BD55AACE3DDF48980E1977EE44275BEEE341C090820A63FD317595D7A0CCD00609B49E4AAF8C744F2FEA35A806B9B79C519CCDCE59F225FA243FD1AD0C8DBAFA17291CCA0C0C4DAB68060205F72978A5879093A132BE80C061D33348D94A8C79AE86F637701FC44E795B0F15D4610E0B269DEC7B24F717A7284A521759894AE475E7E35472ABC8C82DADE518628FF0DD37B48D94D48C18BF686F509AE5A5C35CC7BC33861673166B743FE10EB6508D36B29D1C798210E3D1840418A67214F9DB6FAF60BB42329226517C202436F735C1D326B49E1A37FF80BA4599A55898A48A2967647EA5E48B88F8034C7BBE9AFC1CD8DCC986495AB7070346E83479BC23925D418A68C7D72B4BCC106FEE74532F70F3CA019C68D419E944C34A69DAC2CDA1155F4FCDEC53CFB3AED1FE07C58FD20D673CE274AC89AEB3D72C36C2D81B42A5F9A61A83FB748749FDA5598C5A519A3026B1475F61CA5DE7A77BE86C2DC6EBAA6F756D5C15AF0F0844C05F233A0468148956C0BA80ACDCB7850FE0CBE75DB675AB712ADBF0934765919A697F4C4345E2AD63B159664FE0DB201683C8DFBBDB1EFE3B580C11809AC815C1863929E60B7A0819D255C8EE7AA582C33E0153EB685E830627829C141DF8B5C599D9DDD25CB3EFAD7C4369A470D3AE3CF4CD0CDCB185A402F7C3E395C461EEC227
42620180103044126 2 6 100 8191 5 F461D7B72CCE12BB489DFEBB0D3252492FB894ADE7EEFCA4FCEAE71B2078652882837E3DDE311BA08D03316DDE3C3C844C34F37E7536601A57C95E1D191CC3B603E15D0E27D99ECC6B7781424F1D40E39FFF25D3F99C207359AD00CB7A68DC0937FDC38F24EF6C095DA60D92F977FBE8674D9885C4F147D6B6114F1CAF9F56327EF2A9CF30C5A26F46E19FAFACF357EC4E9119FB4AC34FF97FE5CDA2D578E00DF294AC88305AA8C9CFA074F35A211DD176486BBFDF04269B47C1EECAA0FAD95F6A5D829770F73DE8AF9D45928E4BF4C71412821419E2AFB2DA29FAA42557CB595B75433FDF015E42853C784AC8A15857D494900319D36B3A6672B885B686D6498D50A7843D381D240A77C053853FBFC670687678EA7AA909F9D82D2363ABD4851E3D20CE16632E0B1522AAB5DB8BB53AA1EE8CDFE86A494D1C2405C5AAE058D1990C91607D8043A74453AFB650110CA784BA307E531B153537B2C0A888D75229CC1D3CD27B0D7A6BEE20E82B7EB912D9F36BC8630990003DE2494DE017CB9D0EDBA7F0785927E79A76DA00707ADA18B9EBC57930E36E76737A7BA31F8F36F11D8CEDDCE28A411EEB34CE5D5235E88F66089F59CD921A84789512947DFDC8247A68353D05BEAFA6E450D7211D8BABE3C4C63685E9FA7742BD6309F3D72B9BE5E1B84E534596A81DAF1F5483C001FED71A9C7E432A28E52E43D9A0D4D4607B5E3459C7D424925C34311958344EBB86AF4E02675F8701BD55AACE3DDF48980E1977EE44275BEEE341C090820A63FD317595D7A0CCD00609B49E4AAF8C744F2FEA35A806B9B79C519CCDCE59F225FA243FD1AD0C8DBAFA17291CCA0C0C4DAB68060205F72978A5879093A132BE80C061D33348D94A8C79AE86F637701FC44E795B0F15D4610E0B269DEC7B24F717A7284A521759894AE475E7E35472ABC8C82DADE518628FF0DD37B48D94D48C18BF686F509AE5A5C35CC7BC33861673166B743FE10EB6508D36B29D1C798210E3D1840418A67214F9DB6FAF60BB42329226517C202436F735C1D326B49E1A37FF80BA4599A55898A48A2967647EA5E48B88F8034C7BBE9AFC1CD8DCC986495AB7070346E83479BC23925D418A68C7D72B4BCC106FEE74532F70F3CA019C68D419E944C34A69DAC2CDA1155F4FCDEC53CFB3AED1FE07C58FD20D673CE274AC89AEB3D72C36C2D81B42A5F9A61A83FB748749FDA5598C5A519A3026B1475F61CA5DE7A77BE86C2DC6EBAA6F756D5C15AF0F0844C05F233A0468148956C0BA80ACDCB7850FE0CBE75DB675AB712ADBF0934765919A697F4C4345E2AD63B159664FE0DB201683C8DFBBDB1EFE3B580C11809AC815C1863929E60B7A0819D255C8EE7AA582C33E0153EB685E830627829C141DF8B5C599D9DDD25CB3EFAD7C4369A470D3AE3CF4CD0CDCB185A402F7C3E395C4640ADAFF
42720180103102958 2 6 100 8191 2 F461D7B72CCE12BB489DFEBB0D3252492FB894ADE7EEFCA4FCEAE71B2078652882837E3DDE311BA08D03316DDE3C3C844C34F37E7536601A57C95E1D191CC3B603E15D0E27D99ECC6B7781424F1D40E39FFF25D3F99C207359AD00CB7A68DC0937FDC38F24EF6C095DA60D92F977FBE8674D9885C4F147D6B6114F1CAF9F56327EF2A9CF30C5A26F46E19FAFACF357EC4E9119FB4AC34FF97FE5CDA2D578E00DF294AC88305AA8C9CFA074F35A211DD176486BBFDF04269B47C1EECAA0FAD95F6A5D829770F73DE8AF9D45928E4BF4C71412821419E2AFB2DA29FAA42557CB595B75433FDF015E42853C784AC8A15857D494900319D36B3A6672B885B686D6498D50A7843D381D240A77C053853FBFC670687678EA7AA909F9D82D2363ABD4851E3D20CE16632E0B1522AAB5DB8BB53AA1EE8CDFE86A494D1C2405C5AAE058D1990C91607D8043A74453AFB650110CA784BA307E531B153537B2C0A888D75229CC1D3CD27B0D7A6BEE20E82B7EB912D9F36BC8630990003DE2494DE017CB9D0EDBA7F0785927E79A76DA00707ADA18B9EBC57930E36E76737A7BA31F8F36F11D8CEDDCE28A411EEB34CE5D5235E88F66089F59CD921A84789512947DFDC8247A68353D05BEAFA6E450D7211D8BABE3C4C63685E9FA7742BD6309F3D72B9BE5E1B84E534596A81DAF1F5483C001FED71A9C7E432A28E52E43D9A0D4D4607B5E3459C7D424925C34311958344EBB86AF4E02675F8701BD55AACE3DDF48980E1977EE44275BEEE341C090820A63FD317595D7A0CCD00609B49E4AAF8C744F2FEA35A806B9B79C519CCDCE59F225FA243FD1AD0C8DBAFA17291CCA0C0C4DAB68060205F72978A5879093A132BE80C061D33348D94A8C79AE86F637701FC44E795B0F15D4610E0B269DEC7B24F717A7284A521759894AE475E7E35472ABC8C82DADE518628FF0DD37B48D94D48C18BF686F509AE5A5C35CC7BC33861673166B743FE10EB6508D36B29D1C798210E3D1840418A67214F9DB6FAF60BB42329226517C202436F735C1D326B49E1A37FF80BA4599A55898A48A2967647EA5E48B88F8034C7BBE9AFC1CD8DCC986495AB7070346E83479BC23925D418A68C7D72B4BCC106FEE74532F70F3CA019C68D419E944C34A69DAC2CDA1155F4FCDEC53CFB3AED1FE07C58FD20D673CE274AC89AEB3D72C36C2D81B42A5F9A61A83FB748749FDA5598C5A519A3026B1475F61CA5DE7A77BE86C2DC6EBAA6F756D5C15AF0F0844C05F233A0468148956C0BA80ACDCB7850FE0CBE75DB675AB712ADBF0934765919A697F4C4345E2AD63B159664FE0DB201683C8DFBBDB1EFE3B580C11809AC815C1863929E60B7A0819D255C8EE7AA582C33E0153EB685E830627829C141DF8B5C599D9DDD25CB3EFAD7C4369A470D3AE3CF4CD0CDCB185A402F7C3E395C4678F8743
42820180103153131 2 6 100 8191 5 F461D7B72CCE12BB489DFEBB0D3252492FB894ADE7EEFCA4FCEAE71B2078652882837E3DDE311BA08D03316DDE3C3C844C34F37E7536601A57C95E1D191CC3B603E15D0E27D99ECC6B7781424F1D40E39FFF25D3F99C207359AD00CB7A68DC0937FDC38F24EF6C095DA60D92F977FBE8674D9885C4F147D6B6114F1CAF9F56327EF2A9CF30C5A26F46E19FAFACF357EC4E9119FB4AC34FF97FE5CDA2D578E00DF294AC88305AA8C9CFA074F35A211DD176486BBFDF04269B47C1EECAA0FAD95F6A5D829770F73DE8AF9D45928E4BF4C71412821419E2AFB2DA29FAA42557CB595B75433FDF015E42853C784AC8A15857D494900319D36B3A6672B885B686D6498D50A7843D381D240A77C053853FBFC670687678EA7AA909F9D82D2363ABD4851E3D20CE16632E0B1522AAB5DB8BB53AA1EE8CDFE86A494D1C2405C5AAE058D1990C91607D8043A74453AFB650110CA784BA307E531B153537B2C0A888D75229CC1D3CD27B0D7A6BEE20E82B7EB912D9F36BC8630990003DE2494DE017CB9D0EDBA7F0785927E79A76DA00707ADA18B9EBC57930E36E76737A7BA31F8F36F11D8CEDDCE28A411EEB34CE5D5235E88F66089F59CD921A84789512947DFDC8247A68353D05BEAFA6E450D7211D8BABE3C4C63685E9FA7742BD6309F3D72B9BE5E1B84E534596A81DAF1F5483C001FED71A9C7E432A28E52E43D9A0D4D4607B5E3459C7D424925C34311958344EBB86AF4E02675F8701BD55AACE3DDF48980E1977EE44275BEEE341C090820A63FD317595D7A0CCD00609B49E4AAF8C744F2FEA35A806B9B79C519CCDCE59F225FA243FD1AD0C8DBAFA17291CCA0C0C4DAB68060205F72978A5879093A132BE80C061D33348D94A8C79AE86F637701FC44E795B0F15D4610E0B269DEC7B24F717A7284A521759894AE475E7E35472ABC8C82DADE518628FF0DD37B48D94D48C18BF686F509AE5A5C35CC7BC33861673166B743FE10EB6508D36B29D1C798210E3D1840418A67214F9DB6FAF60BB42329226517C202436F735C1D326B49E1A37FF80BA4599A55898A48A2967647EA5E48B88F8034C7BBE9AFC1CD8DCC986495AB7070346E83479BC23925D418A68C7D72B4BCC106FEE74532F70F3CA019C68D419E944C34A69DAC2CDA1155F4FCDEC53CFB3AED1FE07C58FD20D673CE274AC89AEB3D72C36C2D81B42A5F9A61A83FB748749FDA5598C5A519A3026B1475F61CA5DE7A77BE86C2DC6EBAA6F756D5C15AF0F0844C05F233A0468148956C0BA80ACDCB7850FE0CBE75DB675AB712ADBF0934765919A697F4C4345E2AD63B159664FE0DB201683C8DFBBDB1EFE3B580C11809AC815C1863929E60B7A0819D255C8EE7AA582C33E0153EB685E830627829C141DF8B5C599D9DDD25CB3EFAD7C4369A470D3AE3CF4CD0CDCB185A402F7C3E395C46AA4F9DF
42920180103175311 2 6 100 8191 2 F461D7B72CCE12BB489DFEBB0D3252492FB894ADE7EEFCA4FCEAE71B2078652882837E3DDE311BA08D03316DDE3C3C844C34F37E7536601A57C95E1D191CC3B603E15D0E27D99ECC6B7781424F1D40E39FFF25D3F99C207359AD00CB7A68DC0937FDC38F24EF6C095DA60D92F977FBE8674D9885C4F147D6B6114F1CAF9F56327EF2A9CF30C5A26F46E19FAFACF357EC4E9119FB4AC34FF97FE5CDA2D578E00DF294AC88305AA8C9CFA074F35A211DD176486BBFDF04269B47C1EECAA0FAD95F6A5D829770F73DE8AF9D45928E4BF4C71412821419E2AFB2DA29FAA42557CB595B75433FDF015E42853C784AC8A15857D494900319D36B3A6672B885B686D6498D50A7843D381D240A77C053853FBFC670687678EA7AA909F9D82D2363ABD4851E3D20CE16632E0B1522AAB5DB8BB53AA1EE8CDFE86A494D1C2405C5AAE058D1990C91607D8043A74453AFB650110CA784BA307E531B153537B2C0A888D75229CC1D3CD27B0D7A6BEE20E82B7EB912D9F36BC8630990003DE2494DE017CB9D0EDBA7F0785927E79A76DA00707ADA18B9EBC57930E36E76737A7BA31F8F36F11D8CEDDCE28A411EEB34CE5D5235E88F66089F59CD921A84789512947DFDC8247A68353D05BEAFA6E450D7211D8BABE3C4C63685E9FA7742BD6309F3D72B9BE5E1B84E534596A81DAF1F5483C001FED71A9C7E432A28E52E43D9A0D4D4607B5E3459C7D424925C34311958344EBB86AF4E02675F8701BD55AACE3DDF48980E1977EE44275BEEE341C090820A63FD317595D7A0CCD00609B49E4AAF8C744F2FEA35A806B9B79C519CCDCE59F225FA243FD1AD0C8DBAFA17291CCA0C0C4DAB68060205F72978A5879093A132BE80C061D33348D94A8C79AE86F637701FC44E795B0F15D4610E0B269DEC7B24F717A7284A521759894AE475E7E35472ABC8C82DADE518628FF0DD37B48D94D48C18BF686F509AE5A5C35CC7BC33861673166B743FE10EB6508D36B29D1C798210E3D1840418A67214F9DB6FAF60BB42329226517C202436F735C1D326B49E1A37FF80BA4599A55898A48A2967647EA5E48B88F8034C7BBE9AFC1CD8DCC986495AB7070346E83479BC23925D418A68C7D72B4BCC106FEE74532F70F3CA019C68D419E944C34A69DAC2CDA1155F4FCDEC53CFB3AED1FE07C58FD20D673CE274AC89AEB3D72C36C2D81B42A5F9A61A83FB748749FDA5598C5A519A3026B1475F61CA5DE7A77BE86C2DC6EBAA6F756D5C15AF0F0844C05F233A0468148956C0BA80ACDCB7850FE0CBE75DB675AB712ADBF0934765919A697F4C4345E2AD63B159664FE0DB201683C8DFBBDB1EFE3B580C11809AC815C1863929E60B7A0819D255C8EE7AA582C33E0153EB685E830627829C141DF8B5C599D9DDD25CB3EFAD7C4369A470D3AE3CF4CD0CDCB185A402F7C3E395C46C14249B
43020180103210214 2 6 100 8191 5 F461D7B72CCE12BB489DFEBB0D3252492FB894ADE7EEFCA4FCEAE71B2078652882837E3DDE311BA08D03316DDE3C3C844C34F37E7536601A57C95E1D191CC3B603E15D0E27D99ECC6B7781424F1D40E39FFF25D3F99C207359AD00CB7A68DC0937FDC38F24EF6C095DA60D92F977FBE8674D9885C4F147D6B6114F1CAF9F56327EF2A9CF30C5A26F46E19FAFACF357EC4E9119FB4AC34FF97FE5CDA2D578E00DF294AC88305AA8C9CFA074F35A211DD176486BBFDF04269B47C1EECAA0FAD95F6A5D829770F73DE8AF9D45928E4BF4C71412821419E2AFB2DA29FAA42557CB595B75433FDF015E42853C784AC8A15857D494900319D36B3A6672B885B686D6498D50A7843D381D240A77C053853FBFC670687678EA7AA909F9D82D2363ABD4851E3D20CE16632E0B1522AAB5DB8BB53AA1EE8CDFE86A494D1C2405C5AAE058D1990C91607D8043A74453AFB650110CA784BA307E531B153537B2C0A888D75229CC1D3CD27B0D7A6BEE20E82B7EB912D9F36BC8630990003DE2494DE017CB9D0EDBA7F0785927E79A76DA00707ADA18B9EBC57930E36E76737A7BA31F8F36F11D8CEDDCE28A411EEB34CE5D5235E88F66089F59CD921A84789512947DFDC8247A68353D05BEAFA6E450D7211D8BABE3C4C63685E9FA7742BD6309F3D72B9BE5E1B84E534596A81DAF1F5483C001FED71A9C7E432A28E52E43D9A0D4D4607B5E3459C7D424925C34311958344EBB86AF4E02675F8701BD55AACE3DDF48980E1977EE44275BEEE341C090820A63FD317595D7A0CCD00609B49E4AAF8C744F2FEA35A806B9B79C519CCDCE59F225FA243FD1AD0C8DBAFA17291CCA0C0C4DAB68060205F72978A5879093A132BE80C061D33348D94A8C79AE86F637701FC44E795B0F15D4610E0B269DEC7B24F717A7284A521759894AE475E7E35472ABC8C82DADE518628FF0DD37B48D94D48C18BF686F509AE5A5C35CC7BC33861673166B743FE10EB6508D36B29D1C798210E3D1840418A67214F9DB6FAF60BB42329226517C202436F735C1D326B49E1A37FF80BA4599A55898A48A2967647EA5E48B88F8034C7BBE9AFC1CD8DCC986495AB7070346E83479BC23925D418A68C7D72B4BCC106FEE74532F70F3CA019C68D419E944C34A69DAC2CDA1155F4FCDEC53CFB3AED1FE07C58FD20D673CE274AC89AEB3D72C36C2D81B42A5F9A61A83FB748749FDA5598C5A519A3026B1475F61CA5DE7A77BE86C2DC6EBAA6F756D5C15AF0F0844C05F233A0468148956C0BA80ACDCB7850FE0CBE75DB675AB712ADBF0934765919A697F4C4345E2AD63B159664FE0DB201683C8DFBBDB1EFE3B580C11809AC815C1863929E60B7A0819D255C8EE7AA582C33E0153EB685E830627829C141DF8B5C599D9DDD25CB3EFAD7C4369A470D3AE3CF4CD0CDCB185A402F7C3E395C46DF36E37
43120180103214256 2 6 100 8191 2 F461D7B72CCE12BB489DFEBB0D3252492FB894ADE7EEFCA4FCEAE71B2078652882837E3DDE311BA08D03316DDE3C3C844C34F37E7536601A57C95E1D191CC3B603E15D0E27D99ECC6B7781424F1D40E39FFF25D3F99C207359AD00CB7A68DC0937FDC38F24EF6C095DA60D92F977FBE8674D9885C4F147D6B6114F1CAF9F56327EF2A9CF30C5A26F46E19FAFACF357EC4E9119FB4AC34FF97FE5CDA2D578E00DF294AC88305AA8C9CFA074F35A211DD176486BBFDF04269B47C1EECAA0FAD95F6A5D829770F73DE8AF9D45928E4BF4C71412821419E2AFB2DA29FAA42557CB595B75433FDF015E42853C784AC8A15857D494900319D36B3A6672B885B686D6498D50A7843D381D240A77C053853FBFC670687678EA7AA909F9D82D2363ABD4851E3D20CE16632E0B1522AAB5DB8BB53AA1EE8CDFE86A494D1C2405C5AAE058D1990C91607D8043A74453AFB650110CA784BA307E531B153537B2C0A888D75229CC1D3CD27B0D7A6BEE20E82B7EB912D9F36BC8630990003DE2494DE017CB9D0EDBA7F0785927E79A76DA00707ADA18B9EBC57930E36E76737A7BA31F8F36F11D8CEDDCE28A411EEB34CE5D5235E88F66089F59CD921A84789512947DFDC8247A68353D05BEAFA6E450D7211D8BABE3C4C63685E9FA7742BD6309F3D72B9BE5E1B84E534596A81DAF1F5483C001FED71A9C7E432A28E52E43D9A0D4D4607B5E3459C7D424925C34311958344EBB86AF4E02675F8701BD55AACE3DDF48980E1977EE44275BEEE341C090820A63FD317595D7A0CCD00609B49E4AAF8C744F2FEA35A806B9B79C519CCDCE59F225FA243FD1AD0C8DBAFA17291CCA0C0C4DAB68060205F72978A5879093A132BE80C061D33348D94A8C79AE86F637701FC44E795B0F15D4610E0B269DEC7B24F717A7284A521759894AE475E7E35472ABC8C82DADE518628FF0DD37B48D94D48C18BF686F509AE5A5C35CC7BC33861673166B743FE10EB6508D36B29D1C798210E3D1840418A67214F9DB6FAF60BB42329226517C202436F735C1D326B49E1A37FF80BA4599A55898A48A2967647EA5E48B88F8034C7BBE9AFC1CD8DCC986495AB7070346E83479BC23925D418A68C7D72B4BCC106FEE74532F70F3CA019C68D419E944C34A69DAC2CDA1155F4FCDEC53CFB3AED1FE07C58FD20D673CE274AC89AEB3D72C36C2D81B42A5F9A61A83FB748749FDA5598C5A519A3026B1475F61CA5DE7A77BE86C2DC6EBAA6F756D5C15AF0F0844C05F233A0468148956C0BA80ACDCB7850FE0CBE75DB675AB712ADBF0934765919A697F4C4345E2AD63B159664FE0DB201683C8DFBBDB1EFE3B580C11809AC815C1863929E60B7A0819D255C8EE7AA582C33E0153EB685E830627829C141DF8B5C599D9DDD25CB3EFAD7C4369A470D3AE3CF4CD0CDCB185A402F7C3E395C46E5524BB
43220180103224847 2 6 100 8191 2 F461D7B72CCE12BB489DFEBB0D3252492FB894ADE7EEFCA4FCEAE71B2078652882837E3DDE311BA08D03316DDE3C3C844C34F37E7536601A57C95E1D191CC3B603E15D0E27D99ECC6B7781424F1D40E39FFF25D3F99C207359AD00CB7A68DC0937FDC38F24EF6C095DA60D92F977FBE8674D9885C4F147D6B6114F1CAF9F56327EF2A9CF30C5A26F46E19FAFACF357EC4E9119FB4AC34FF97FE5CDA2D578E00DF294AC88305AA8C9CFA074F35A211DD176486BBFDF04269B47C1EECAA0FAD95F6A5D829770F73DE8AF9D45928E4BF4C71412821419E2AFB2DA29FAA42557CB595B75433FDF015E42853C784AC8A15857D494900319D36B3A6672B885B686D6498D50A7843D381D240A77C053853FBFC670687678EA7AA909F9D82D2363ABD4851E3D20CE16632E0B1522AAB5DB8BB53AA1EE8CDFE86A494D1C2405C5AAE058D1990C91607D8043A74453AFB650110CA784BA307E531B153537B2C0A888D75229CC1D3CD27B0D7A6BEE20E82B7EB912D9F36BC8630990003DE2494DE017CB9D0EDBA7F0785927E79A76DA00707ADA18B9EBC57930E36E76737A7BA31F8F36F11D8CEDDCE28A411EEB34CE5D5235E88F66089F59CD921A84789512947DFDC8247A68353D05BEAFA6E450D7211D8BABE3C4C63685E9FA7742BD6309F3D72B9BE5E1B84E534596A81DAF1F5483C001FED71A9C7E432A28E52E43D9A0D4D4607B5E3459C7D424925C34311958344EBB86AF4E02675F8701BD55AACE3DDF48980E1977EE44275BEEE341C090820A63FD317595D7A0CCD00609B49E4AAF8C744F2FEA35A806B9B79C519CCDCE59F225FA243FD1AD0C8DBAFA17291CCA0C0C4DAB68060205F72978A5879093A132BE80C061D33348D94A8C79AE86F637701FC44E795B0F15D4610E0B269DEC7B24F717A7284A521759894AE475E7E35472ABC8C82DADE518628FF0DD37B48D94D48C18BF686F509AE5A5C35CC7BC33861673166B743FE10EB6508D36B29D1C798210E3D1840418A67214F9DB6FAF60BB42329226517C202436F735C1D326B49E1A37FF80BA4599A55898A48A2967647EA5E48B88F8034C7BBE9AFC1CD8DCC986495AB7070346E83479BC23925D418A68C7D72B4BCC106FEE74532F70F3CA019C68D419E944C34A69DAC2CDA1155F4FCDEC53CFB3AED1FE07C58FD20D673CE274AC89AEB3D72C36C2D81B42A5F9A61A83FB748749FDA5598C5A519A3026B1475F61CA5DE7A77BE86C2DC6EBAA6F756D5C15AF0F0844C05F233A0468148956C0BA80ACDCB7850FE0CBE75DB675AB712ADBF0934765919A697F4C4345E2AD63B159664FE0DB201683C8DFBBDB1EFE3B580C11809AC815C1863929E60B7A0819D255C8EE7AA582C33E0153EB685E830627829C141DF8B5C599D9DDD25CB3EFAD7C4369A470D3AE3CF4CD0CDCB185A402F7C3E395C46EF5AD73
43320180104072036 2 6 100 8191 2 F461D7B72CCE12BB489DFEBB0D3252492FB894ADE7EEFCA4FCEAE71B2078652882837E3DDE311BA08D03316DDE3C3C844C34F37E7536601A57C95E1D191CC3B603E15D0E27D99ECC6B7781424F1D40E39FFF25D3F99C207359AD00CB7A68DC0937FDC38F24EF6C095DA60D92F977FBE8674D9885C4F147D6B6114F1CAF9F56327EF2A9CF30C5A26F46E19FAFACF357EC4E9119FB4AC34FF97FE5CDA2D578E00DF294AC88305AA8C9CFA074F35A211DD176486BBFDF04269B47C1EECAA0FAD95F6A5D829770F73DE8AF9D45928E4BF4C71412821419E2AFB2DA29FAA42557CB595B75433FDF015E42853C784AC8A15857D494900319D36B3A6672B885B686D6498D50A7843D381D240A77C053853FBFC670687678EA7AA909F9D82D2363ABD4851E3D20CE16632E0B1522AAB5DB8BB53AA1EE8CDFE86A494D1C2405C5AAE058D1990C91607D8043A74453AFB650110CA784BA307E531B153537B2C0A888D75229CC1D3CD27B0D7A6BEE20E82B7EB912D9F36BC8630990003DE2494DE017CB9D0EDBA7F0785927E79A76DA00707ADA18B9EBC57930E36E76737A7BA31F8F36F11D8CEDDCE28A411EEB34CE5D5235E88F66089F59CD921A84789512947DFDC8247A68353D05BEAFA6E450D7211D8BABE3C4C63685E9FA7742BD6309F3D72B9BE5E1B84E534596A81DAF1F5483C001FED71A9C7E432A28E52E43D9A0D4D4607B5E3459C7D424925C34311958344EBB86AF4E02675F8701BD55AACE3DDF48980E1977EE44275BEEE341C090820A63FD317595D7A0CCD00609B49E4AAF8C744F2FEA35A806B9B79C519CCDCE59F225FA243FD1AD0C8DBAFA17291CCA0C0C4DAB68060205F72978A5879093A132BE80C061D33348D94A8C79AE86F637701FC44E795B0F15D4610E0B269DEC7B24F717A7284A521759894AE475E7E35472ABC8C82DADE518628FF0DD37B48D94D48C18BF686F509AE5A5C35CC7BC33861673166B743FE10EB6508D36B29D1C798210E3D1840418A67214F9DB6FAF60BB42329226517C202436F735C1D326B49E1A37FF80BA4599A55898A48A2967647EA5E48B88F8034C7BBE9AFC1CD8DCC986495AB7070346E83479BC23925D418A68C7D72B4BCC106FEE74532F70F3CA019C68D419E944C34A69DAC2CDA1155F4FCDEC53CFB3AED1FE07C58FD20D673CE274AC89AEB3D72C36C2D81B42A5F9A61A83FB748749FDA5598C5A519A3026B1475F61CA5DE7A77BE86C2DC6EBAA6F756D5C15AF0F0844C05F233A0468148956C0BA80ACDCB7850FE0CBE75DB675AB712ADBF0934765919A697F4C4345E2AD63B159664FE0DB201683C8DFBBDB1EFE3B580C11809AC815C1863929E60B7A0819D255C8EE7AA582C33E0153EB685E830627829C141DF8B5C599D9DDD25CB3EFAD7C4369A470D3AE3CF4CD0CDCB185A402F7C3E395C473F7759B
43420180104112937 2 6 100 8191 5 F461D7B72CCE12BB489DFEBB0D3252492FB894ADE7EEFCA4FCEAE71B2078652882837E3DDE311BA08D03316DDE3C3C844C34F37E7536601A57C95E1D191CC3B603E15D0E27D99ECC6B7781424F1D40E39FFF25D3F99C207359AD00CB7A68DC0937FDC38F24EF6C095DA60D92F977FBE8674D9885C4F147D6B6114F1CAF9F56327EF2A9CF30C5A26F46E19FAFACF357EC4E9119FB4AC34FF97FE5CDA2D578E00DF294AC88305AA8C9CFA074F35A211DD176486BBFDF04269B47C1EECAA0FAD95F6A5D829770F73DE8AF9D45928E4BF4C71412821419E2AFB2DA29FAA42557CB595B75433FDF015E42853C784AC8A15857D494900319D36B3A6672B885B686D6498D50A7843D381D240A77C053853FBFC670687678EA7AA909F9D82D2363ABD4851E3D20CE16632E0B1522AAB5DB8BB53AA1EE8CDFE86A494D1C2405C5AAE058D1990C91607D8043A74453AFB650110CA784BA307E531B153537B2C0A888D75229CC1D3CD27B0D7A6BEE20E82B7EB912D9F36BC8630990003DE2494DE017CB9D0EDBA7F0785927E79A76DA00707ADA18B9EBC57930E36E76737A7BA31F8F36F11D8CEDDCE28A411EEB34CE5D5235E88F66089F59CD921A84789512947DFDC8247A68353D05BEAFA6E450D7211D8BABE3C4C63685E9FA7742BD6309F3D72B9BE5E1B84E534596A81DAF1F5483C001FED71A9C7E432A28E52E43D9A0D4D4607B5E3459C7D424925C34311958344EBB86AF4E02675F8701BD55AACE3DDF48980E1977EE44275BEEE341C090820A63FD317595D7A0CCD00609B49E4AAF8C744F2FEA35A806B9B79C519CCDCE59F225FA243FD1AD0C8DBAFA17291CCA0C0C4DAB68060205F72978A5879093A132BE80C061D33348D94A8C79AE86F637701FC44E795B0F15D4610E0B269DEC7B24F717A7284A521759894AE475E7E35472ABC8C82DADE518628FF0DD37B48D94D48C18BF686F509AE5A5C35CC7BC33861673166B743FE10EB6508D36B29D1C798210E3D1840418A67214F9DB6FAF60BB42329226517C202436F735C1D326B49E1A37FF80BA4599A55898A48A2967647EA5E48B88F8034C7BBE9AFC1CD8DCC986495AB7070346E83479BC23925D418A68C7D72B4BCC106FEE74532F70F3CA019C68D419E944C34A69DAC2CDA1155F4FCDEC53CFB3AED1FE07C58FD20D673CE274AC89AEB3D72C36C2D81B42A5F9A61A83FB748749FDA5598C5A519A3026B1475F61CA5DE7A77BE86C2DC6EBAA6F756D5C15AF0F0844C05F233A0468148956C0BA80ACDCB7850FE0CBE75DB675AB712ADBF0934765919A697F4C4345E2AD63B159664FE0DB201683C8DFBBDB1EFE3B580C11809AC815C1863929E60B7A0819D255C8EE7AA582C33E0153EB685E830627829C141DF8B5C599D9DDD25CB3EFAD7C4369A470D3AE3CF4CD0CDCB185A402F7C3E395C47658C257
43520180104122132 2 6 100 8191 2 F461D7B72CCE12BB489DFEBB0D3252492FB894ADE7EEFCA4FCEAE71B2078652882837E3DDE311BA08D03316DDE3C3C844C34F37E7536601A57C95E1D191CC3B603E15D0E27D99ECC6B7781424F1D40E39FFF25D3F99C207359AD00CB7A68DC0937FDC38F24EF6C095DA60D92F977FBE8674D9885C4F147D6B6114F1CAF9F56327EF2A9CF30C5A26F46E19FAFACF357EC4E9119FB4AC34FF97FE5CDA2D578E00DF294AC88305AA8C9CFA074F35A211DD176486BBFDF04269B47C1EECAA0FAD95F6A5D829770F73DE8AF9D45928E4BF4C71412821419E2AFB2DA29FAA42557CB595B75433FDF015E42853C784AC8A15857D494900319D36B3A6672B885B686D6498D50A7843D381D240A77C053853FBFC670687678EA7AA909F9D82D2363ABD4851E3D20CE16632E0B1522AAB5DB8BB53AA1EE8CDFE86A494D1C2405C5AAE058D1990C91607D8043A74453AFB650110CA784BA307E531B153537B2C0A888D75229CC1D3CD27B0D7A6BEE20E82B7EB912D9F36BC8630990003DE2494DE017CB9D0EDBA7F0785927E79A76DA00707ADA18B9EBC57930E36E76737A7BA31F8F36F11D8CEDDCE28A411EEB34CE5D5235E88F66089F59CD921A84789512947DFDC8247A68353D05BEAFA6E450D7211D8BABE3C4C63685E9FA7742BD6309F3D72B9BE5E1B84E534596A81DAF1F5483C001FED71A9C7E432A28E52E43D9A0D4D4607B5E3459C7D424925C34311958344EBB86AF4E02675F8701BD55AACE3DDF48980E1977EE44275BEEE341C090820A63FD317595D7A0CCD00609B49E4AAF8C744F2FEA35A806B9B79C519CCDCE59F225FA243FD1AD0C8DBAFA17291CCA0C0C4DAB68060205F72978A5879093A132BE80C061D33348D94A8C79AE86F637701FC44E795B0F15D4610E0B269DEC7B24F717A7284A521759894AE475E7E35472ABC8C82DADE518628FF0DD37B48D94D48C18BF686F509AE5A5C35CC7BC33861673166B743FE10EB6508D36B29D1C798210E3D1840418A67214F9DB6FAF60BB42329226517C202436F735C1D326B49E1A37FF80BA4599A55898A48A2967647EA5E48B88F8034C7BBE9AFC1CD8DCC986495AB7070346E83479BC23925D418A68C7D72B4BCC106FEE74532F70F3CA019C68D419E944C34A69DAC2CDA1155F4FCDEC53CFB3AED1FE07C58FD20D673CE274AC89AEB3D72C36C2D81B42A5F9A61A83FB748749FDA5598C5A519A3026B1475F61CA5DE7A77BE86C2DC6EBAA6F756D5C15AF0F0844C05F233A0468148956C0BA80ACDCB7850FE0CBE75DB675AB712ADBF0934765919A697F4C4345E2AD63B159664FE0DB201683C8DFBBDB1EFE3B580C11809AC815C1863929E60B7A0819D255C8EE7AA582C33E0153EB685E830627829C141DF8B5C599D9DDD25CB3EFAD7C4369A470D3AE3CF4CD0CDCB185A402F7C3E395C476D82313
43620180104192013 2 6 100 8191 5 F461D7B72CCE12BB489DFEBB0D3252492FB894ADE7EEFCA4FCEAE71B2078652882837E3DDE311BA08D03316DDE3C3C844C34F37E7536601A57C95E1D191CC3B603E15D0E27D99ECC6B7781424F1D40E39FFF25D3F99C207359AD00CB7A68DC0937FDC38F24EF6C095DA60D92F977FBE8674D9885C4F147D6B6114F1CAF9F56327EF2A9CF30C5A26F46E19FAFACF357EC4E9119FB4AC34FF97FE5CDA2D578E00DF294AC88305AA8C9CFA074F35A211DD176486BBFDF04269B47C1EECAA0FAD95F6A5D829770F73DE8AF9D45928E4BF4C71412821419E2AFB2DA29FAA42557CB595B75433FDF015E42853C784AC8A15857D494900319D36B3A6672B885B686D6498D50A7843D381D240A77C053853FBFC670687678EA7AA909F9D82D2363ABD4851E3D20CE16632E0B1522AAB5DB8BB53AA1EE8CDFE86A494D1C2405C5AAE058D1990C91607D8043A74453AFB650110CA784BA307E531B153537B2C0A888D75229CC1D3CD27B0D7A6BEE20E82B7EB912D9F36BC8630990003DE2494DE017CB9D0EDBA7F0785927E79A76DA00707ADA18B9EBC57930E36E76737A7BA31F8F36F11D8CEDDCE28A411EEB34CE5D5235E88F66089F59CD921A84789512947DFDC8247A68353D05BEAFA6E450D7211D8BABE3C4C63685E9FA7742BD6309F3D72B9BE5E1B84E534596A81DAF1F5483C001FED71A9C7E432A28E52E43D9A0D4D4607B5E3459C7D424925C34311958344EBB86AF4E02675F8701BD55AACE3DDF48980E1977EE44275BEEE341C090820A63FD317595D7A0CCD00609B49E4AAF8C744F2FEA35A806B9B79C519CCDCE59F225FA243FD1AD0C8DBAFA17291CCA0C0C4DAB68060205F72978A5879093A132BE80C061D33348D94A8C79AE86F637701FC44E795B0F15D4610E0B269DEC7B24F717A7284A521759894AE475E7E35472ABC8C82DADE518628FF0DD37B48D94D48C18BF686F509AE5A5C35CC7BC33861673166B743FE10EB6508D36B29D1C798210E3D1840418A67214F9DB6FAF60BB42329226517C202436F735C1D326B49E1A37FF80BA4599A55898A48A2967647EA5E48B88F8034C7BBE9AFC1CD8DCC986495AB7070346E83479BC23925D418A68C7D72B4BCC106FEE74532F70F3CA019C68D419E944C34A69DAC2CDA1155F4FCDEC53CFB3AED1FE07C58FD20D673CE274AC89AEB3D72C36C2D81B42A5F9A61A83FB748749FDA5598C5A519A3026B1475F61CA5DE7A77BE86C2DC6EBAA6F756D5C15AF0F0844C05F233A0468148956C0BA80ACDCB7850FE0CBE75DB675AB712ADBF0934765919A697F4C4345E2AD63B159664FE0DB201683C8DFBBDB1EFE3B580C11809AC815C1863929E60B7A0819D255C8EE7AA582C33E0153EB685E830627829C141DF8B5C599D9DDD25CB3EFAD7C4369A470D3AE3CF4CD0CDCB185A402F7C3E395C47AEEE017
43720180104234458 2 6 100 8191 2 F461D7B72CCE12BB489DFEBB0D3252492FB894ADE7EEFCA4FCEAE71B2078652882837E3DDE311BA08D03316DDE3C3C844C34F37E7536601A57C95E1D191CC3B603E15D0E27D99ECC6B7781424F1D40E39FFF25D3F99C207359AD00CB7A68DC0937FDC38F24EF6C095DA60D92F977FBE8674D9885C4F147D6B6114F1CAF9F56327EF2A9CF30C5A26F46E19FAFACF357EC4E9119FB4AC34FF97FE5CDA2D578E00DF294AC88305AA8C9CFA074F35A211DD176486BBFDF04269B47C1EECAA0FAD95F6A5D829770F73DE8AF9D45928E4BF4C71412821419E2AFB2DA29FAA42557CB595B75433FDF015E42853C784AC8A15857D494900319D36B3A6672B885B686D6498D50A7843D381D240A77C053853FBFC670687678EA7AA909F9D82D2363ABD4851E3D20CE16632E0B1522AAB5DB8BB53AA1EE8CDFE86A494D1C2405C5AAE058D1990C91607D8043A74453AFB650110CA784BA307E531B153537B2C0A888D75229CC1D3CD27B0D7A6BEE20E82B7EB912D9F36BC8630990003DE2494DE017CB9D0EDBA7F0785927E79A76DA00707ADA18B9EBC57930E36E76737A7BA31F8F36F11D8CEDDCE28A411EEB34CE5D5235E88F66089F59CD921A84789512947DFDC8247A68353D05BEAFA6E450D7211D8BABE3C4C63685E9FA7742BD6309F3D72B9BE5E1B84E534596A81DAF1F5483C001FED71A9C7E432A28E52E43D9A0D4D4607B5E3459C7D424925C34311958344EBB86AF4E02675F8701BD55AACE3DDF48980E1977EE44275BEEE341C090820A63FD317595D7A0CCD00609B49E4AAF8C744F2FEA35A806B9B79C519CCDCE59F225FA243FD1AD0C8DBAFA17291CCA0C0C4DAB68060205F72978A5879093A132BE80C061D33348D94A8C79AE86F637701FC44E795B0F15D4610E0B269DEC7B24F717A7284A521759894AE475E7E35472ABC8C82DADE518628FF0DD37B48D94D48C18BF686F509AE5A5C35CC7BC33861673166B743FE10EB6508D36B29D1C798210E3D1840418A67214F9DB6FAF60BB42329226517C202436F735C1D326B49E1A37FF80BA4599A55898A48A2967647EA5E48B88F8034C7BBE9AFC1CD8DCC986495AB7070346E83479BC23925D418A68C7D72B4BCC106FEE74532F70F3CA019C68D419E944C34A69DAC2CDA1155F4FCDEC53CFB3AED1FE07C58FD20D673CE274AC89AEB3D72C36C2D81B42A5F9A61A83FB748749FDA5598C5A519A3026B1475F61CA5DE7A77BE86C2DC6EBAA6F756D5C15AF0F0844C05F233A0468148956C0BA80ACDCB7850FE0CBE75DB675AB712ADBF0934765919A697F4C4345E2AD63B159664FE0DB201683C8DFBBDB1EFE3B580C11809AC815C1863929E60B7A0819D255C8EE7AA582C33E0153EB685E830627829C141DF8B5C599D9DDD25CB3EFAD7C4369A470D3AE3CF4CD0CDCB185A402F7C3E395C47D812CC3
43820180105001530 2 6 100 8191 5 F461D7B72CCE12BB489DFEBB0D3252492FB894ADE7EEFCA4FCEAE71B2078652882837E3DDE311BA08D03316DDE3C3C844C34F37E7536601A57C95E1D191CC3B603E15D0E27D99ECC6B7781424F1D40E39FFF25D3F99C207359AD00CB7A68DC0937FDC38F24EF6C095DA60D92F977FBE8674D9885C4F147D6B6114F1CAF9F56327EF2A9CF30C5A26F46E19FAFACF357EC4E9119FB4AC34FF97FE5CDA2D578E00DF294AC88305AA8C9CFA074F35A211DD176486BBFDF04269B47C1EECAA0FAD95F6A5D829770F73DE8AF9D45928E4BF4C71412821419E2AFB2DA29FAA42557CB595B75433FDF015E42853C784AC8A15857D494900319D36B3A6672B885B686D6498D50A7843D381D240A77C053853FBFC670687678EA7AA909F9D82D2363ABD4851E3D20CE16632E0B1522AAB5DB8BB53AA1EE8CDFE86A494D1C2405C5AAE058D1990C91607D8043A74453AFB650110CA784BA307E531B153537B2C0A888D75229CC1D3CD27B0D7A6BEE20E82B7EB912D9F36BC8630990003DE2494DE017CB9D0EDBA7F0785927E79A76DA00707ADA18B9EBC57930E36E76737A7BA31F8F36F11D8CEDDCE28A411EEB34CE5D5235E88F66089F59CD921A84789512947DFDC8247A68353D05BEAFA6E450D7211D8BABE3C4C63685E9FA7742BD6309F3D72B9BE5E1B84E534596A81DAF1F5483C001FED71A9C7E432A28E52E43D9A0D4D4607B5E3459C7D424925C34311958344EBB86AF4E02675F8701BD55AACE3DDF48980E1977EE44275BEEE341C090820A63FD317595D7A0CCD00609B49E4AAF8C744F2FEA35A806B9B79C519CCDCE59F225FA243FD1AD0C8DBAFA17291CCA0C0C4DAB68060205F72978A5879093A132BE80C061D33348D94A8C79AE86F637701FC44E795B0F15D4610E0B269DEC7B24F717A7284A521759894AE475E7E35472ABC8C82DADE518628FF0DD37B48D94D48C18BF686F509AE5A5C35CC7BC33861673166B743FE10EB6508D36B29D1C798210E3D1840418A67214F9DB6FAF60BB42329226517C202436F735C1D326B49E1A37FF80BA4599A55898A48A2967647EA5E48B88F8034C7BBE9AFC1CD8DCC986495AB7070346E83479BC23925D418A68C7D72B4BCC106FEE74532F70F3CA019C68D419E944C34A69DAC2CDA1155F4FCDEC53CFB3AED1FE07C58FD20D673CE274AC89AEB3D72C36C2D81B42A5F9A61A83FB748749FDA5598C5A519A3026B1475F61CA5DE7A77BE86C2DC6EBAA6F756D5C15AF0F0844C05F233A0468148956C0BA80ACDCB7850FE0CBE75DB675AB712ADBF0934765919A697F4C4345E2AD63B159664FE0DB201683C8DFBBDB1EFE3B580C11809AC815C1863929E60B7A0819D255C8EE7AA582C33E0153EB685E830627829C141DF8B5C599D9DDD25CB3EFAD7C4369A470D3AE3CF4CD0CDCB185A402F7C3E395C47DC6C2E7
diff --git a/moduli.0 b/moduli.0
index e319015b2..59767da38 100644
--- a/moduli.0
+++ b/moduli.0
@@ -71,4 +71,4 @@ STANDARDS
71 the Secure Shell (SSH) Transport Layer Protocol, RFC 4419, March 2006, 71 the Secure Shell (SSH) Transport Layer Protocol, RFC 4419, March 2006,
72 2006. 72 2006.
73 73
74OpenBSD 6.2 September 26, 2012 OpenBSD 6.2 74OpenBSD 6.4 September 26, 2012 OpenBSD 6.4
diff --git a/monitor.c b/monitor.c
index ed37458fb..c1e7e9b80 100644
--- a/monitor.c
+++ b/monitor.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: monitor.c,v 1.180 2018/03/03 03:15:51 djm Exp $ */ 1/* $OpenBSD: monitor.c,v 1.186 2018/07/20 03:46:34 djm Exp $ */
2/* 2/*
3 * Copyright 2002 Niels Provos <provos@citi.umich.edu> 3 * Copyright 2002 Niels Provos <provos@citi.umich.edu>
4 * Copyright 2002 Markus Friedl <markus@openbsd.org> 4 * Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -56,10 +56,6 @@
56# endif 56# endif
57#endif 57#endif
58 58
59#ifdef SKEY
60#include <skey.h>
61#endif
62
63#ifdef WITH_OPENSSL 59#ifdef WITH_OPENSSL
64#include <openssl/dh.h> 60#include <openssl/dh.h>
65#endif 61#endif
@@ -68,21 +64,14 @@
68#include "atomicio.h" 64#include "atomicio.h"
69#include "xmalloc.h" 65#include "xmalloc.h"
70#include "ssh.h" 66#include "ssh.h"
71#include "key.h" 67#include "sshkey.h"
72#include "buffer.h" 68#include "sshbuf.h"
73#include "hostfile.h" 69#include "hostfile.h"
74#include "auth.h" 70#include "auth.h"
75#include "cipher.h" 71#include "cipher.h"
76#include "kex.h" 72#include "kex.h"
77#include "dh.h" 73#include "dh.h"
78#include "auth-pam.h" 74#include "auth-pam.h"
79#ifdef TARGET_OS_MAC /* XXX Broken krb5 headers on Mac */
80#undef TARGET_OS_MAC
81#include "zlib.h"
82#define TARGET_OS_MAC 1
83#else
84#include "zlib.h"
85#endif
86#include "packet.h" 75#include "packet.h"
87#include "auth-options.h" 76#include "auth-options.h"
88#include "sshpty.h" 77#include "sshpty.h"
@@ -113,9 +102,7 @@ static Gssctxt *gsscontext = NULL;
113extern ServerOptions options; 102extern ServerOptions options;
114extern u_int utmp_len; 103extern u_int utmp_len;
115extern u_char session_id[]; 104extern u_char session_id[];
116extern Buffer auth_debug; 105extern struct sshbuf *loginmsg;
117extern int auth_debug_init;
118extern Buffer loginmsg;
119extern struct sshauthopt *auth_opts; /* XXX move to permanent ssh->authctxt? */ 106extern struct sshauthopt *auth_opts; /* XXX move to permanent ssh->authctxt? */
120 107
121/* State exported from the child */ 108/* State exported from the child */
@@ -123,49 +110,47 @@ static struct sshbuf *child_state;
123 110
124/* Functions on the monitor that answer unprivileged requests */ 111/* Functions on the monitor that answer unprivileged requests */
125 112
126int mm_answer_moduli(int, Buffer *); 113int mm_answer_moduli(int, struct sshbuf *);
127int mm_answer_sign(int, Buffer *); 114int mm_answer_sign(int, struct sshbuf *);
128int mm_answer_pwnamallow(int, Buffer *); 115int mm_answer_pwnamallow(int, struct sshbuf *);
129int mm_answer_auth2_read_banner(int, Buffer *); 116int mm_answer_auth2_read_banner(int, struct sshbuf *);
130int mm_answer_authserv(int, Buffer *); 117int mm_answer_authserv(int, struct sshbuf *);
131int mm_answer_authrole(int, Buffer *); 118int mm_answer_authrole(int, struct sshbuf *);
132int mm_answer_authpassword(int, Buffer *); 119int mm_answer_authpassword(int, struct sshbuf *);
133int mm_answer_bsdauthquery(int, Buffer *); 120int mm_answer_bsdauthquery(int, struct sshbuf *);
134int mm_answer_bsdauthrespond(int, Buffer *); 121int mm_answer_bsdauthrespond(int, struct sshbuf *);
135int mm_answer_skeyquery(int, Buffer *); 122int mm_answer_keyallowed(int, struct sshbuf *);
136int mm_answer_skeyrespond(int, Buffer *); 123int mm_answer_keyverify(int, struct sshbuf *);
137int mm_answer_keyallowed(int, Buffer *); 124int mm_answer_pty(int, struct sshbuf *);
138int mm_answer_keyverify(int, Buffer *); 125int mm_answer_pty_cleanup(int, struct sshbuf *);
139int mm_answer_pty(int, Buffer *); 126int mm_answer_term(int, struct sshbuf *);
140int mm_answer_pty_cleanup(int, Buffer *); 127int mm_answer_rsa_keyallowed(int, struct sshbuf *);
141int mm_answer_term(int, Buffer *); 128int mm_answer_rsa_challenge(int, struct sshbuf *);
142int mm_answer_rsa_keyallowed(int, Buffer *); 129int mm_answer_rsa_response(int, struct sshbuf *);
143int mm_answer_rsa_challenge(int, Buffer *); 130int mm_answer_sesskey(int, struct sshbuf *);
144int mm_answer_rsa_response(int, Buffer *); 131int mm_answer_sessid(int, struct sshbuf *);
145int mm_answer_sesskey(int, Buffer *);
146int mm_answer_sessid(int, Buffer *);
147 132
148#ifdef USE_PAM 133#ifdef USE_PAM
149int mm_answer_pam_start(int, Buffer *); 134int mm_answer_pam_start(int, struct sshbuf *);
150int mm_answer_pam_account(int, Buffer *); 135int mm_answer_pam_account(int, struct sshbuf *);
151int mm_answer_pam_init_ctx(int, Buffer *); 136int mm_answer_pam_init_ctx(int, struct sshbuf *);
152int mm_answer_pam_query(int, Buffer *); 137int mm_answer_pam_query(int, struct sshbuf *);
153int mm_answer_pam_respond(int, Buffer *); 138int mm_answer_pam_respond(int, struct sshbuf *);
154int mm_answer_pam_free_ctx(int, Buffer *); 139int mm_answer_pam_free_ctx(int, struct sshbuf *);
155#endif 140#endif
156 141
157#ifdef GSSAPI 142#ifdef GSSAPI
158int mm_answer_gss_setup_ctx(int, Buffer *); 143int mm_answer_gss_setup_ctx(int, struct sshbuf *);
159int mm_answer_gss_accept_ctx(int, Buffer *); 144int mm_answer_gss_accept_ctx(int, struct sshbuf *);
160int mm_answer_gss_userok(int, Buffer *); 145int mm_answer_gss_userok(int, struct sshbuf *);
161int mm_answer_gss_checkmic(int, Buffer *); 146int mm_answer_gss_checkmic(int, struct sshbuf *);
162int mm_answer_gss_sign(int, Buffer *); 147int mm_answer_gss_sign(int, struct sshbuf *);
163int mm_answer_gss_updatecreds(int, Buffer *); 148int mm_answer_gss_updatecreds(int, struct sshbuf *);
164#endif 149#endif
165 150
166#ifdef SSH_AUDIT_EVENTS 151#ifdef SSH_AUDIT_EVENTS
167int mm_answer_audit_event(int, Buffer *); 152int mm_answer_audit_event(int, struct sshbuf *);
168int mm_answer_audit_command(int, Buffer *); 153int mm_answer_audit_command(int, struct sshbuf *);
169#endif 154#endif
170 155
171static int monitor_read_log(struct monitor *); 156static int monitor_read_log(struct monitor *);
@@ -174,7 +159,7 @@ static Authctxt *authctxt;
174 159
175/* local state for key verify */ 160/* local state for key verify */
176static u_char *key_blob = NULL; 161static u_char *key_blob = NULL;
177static u_int key_bloblen = 0; 162static size_t key_bloblen = 0;
178static int key_blobtype = MM_NOKEY; 163static int key_blobtype = MM_NOKEY;
179static struct sshauthopt *key_opts = NULL; 164static struct sshauthopt *key_opts = NULL;
180static char *hostbased_cuser = NULL; 165static char *hostbased_cuser = NULL;
@@ -188,7 +173,7 @@ static pid_t monitor_child_pid;
188struct mon_table { 173struct mon_table {
189 enum monitor_reqtype type; 174 enum monitor_reqtype type;
190 int flags; 175 int flags;
191 int (*f)(int, Buffer *); 176 int (*f)(int, struct sshbuf *);
192}; 177};
193 178
194#define MON_ISAUTH 0x0004 /* Required for Authentication */ 179#define MON_ISAUTH 0x0004 /* Required for Authentication */
@@ -225,10 +210,6 @@ struct mon_table mon_dispatch_proto20[] = {
225 {MONITOR_REQ_BSDAUTHQUERY, MON_ISAUTH, mm_answer_bsdauthquery}, 210 {MONITOR_REQ_BSDAUTHQUERY, MON_ISAUTH, mm_answer_bsdauthquery},
226 {MONITOR_REQ_BSDAUTHRESPOND, MON_AUTH, mm_answer_bsdauthrespond}, 211 {MONITOR_REQ_BSDAUTHRESPOND, MON_AUTH, mm_answer_bsdauthrespond},
227#endif 212#endif
228#ifdef SKEY
229 {MONITOR_REQ_SKEYQUERY, MON_ISAUTH, mm_answer_skeyquery},
230 {MONITOR_REQ_SKEYRESPOND, MON_AUTH, mm_answer_skeyrespond},
231#endif
232 {MONITOR_REQ_KEYALLOWED, MON_ISAUTH, mm_answer_keyallowed}, 213 {MONITOR_REQ_KEYALLOWED, MON_ISAUTH, mm_answer_keyallowed},
233 {MONITOR_REQ_KEYVERIFY, MON_AUTH, mm_answer_keyverify}, 214 {MONITOR_REQ_KEYVERIFY, MON_AUTH, mm_answer_keyverify},
234#ifdef GSSAPI 215#ifdef GSSAPI
@@ -311,7 +292,7 @@ monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor)
311 memset(authctxt, 0, sizeof(*authctxt)); 292 memset(authctxt, 0, sizeof(*authctxt));
312 ssh->authctxt = authctxt; 293 ssh->authctxt = authctxt;
313 294
314 authctxt->loginmsg = &loginmsg; 295 authctxt->loginmsg = loginmsg;
315 296
316 mon_dispatch = mon_dispatch_proto20; 297 mon_dispatch = mon_dispatch_proto20;
317 /* Permit requests for moduli and signatures */ 298 /* Permit requests for moduli and signatures */
@@ -353,13 +334,16 @@ monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor)
353#ifdef USE_PAM 334#ifdef USE_PAM
354 /* PAM needs to perform account checks after auth */ 335 /* PAM needs to perform account checks after auth */
355 if (options.use_pam && authenticated) { 336 if (options.use_pam && authenticated) {
356 Buffer m; 337 struct sshbuf *m;
357 338
358 buffer_init(&m); 339 if ((m = sshbuf_new()) == NULL)
340 fatal("%s: sshbuf_new failed",
341 __func__);
359 mm_request_receive_expect(pmonitor->m_sendfd, 342 mm_request_receive_expect(pmonitor->m_sendfd,
360 MONITOR_REQ_PAM_ACCOUNT, &m); 343 MONITOR_REQ_PAM_ACCOUNT, m);
361 authenticated = mm_answer_pam_account(pmonitor->m_sendfd, &m); 344 authenticated = mm_answer_pam_account(
362 buffer_free(&m); 345 pmonitor->m_sendfd, m);
346 sshbuf_free(m);
363 } 347 }
364#endif 348#endif
365 } 349 }
@@ -447,18 +431,21 @@ monitor_child_postauth(struct monitor *pmonitor)
447static int 431static int
448monitor_read_log(struct monitor *pmonitor) 432monitor_read_log(struct monitor *pmonitor)
449{ 433{
450 Buffer logmsg; 434 struct sshbuf *logmsg;
451 u_int len, level; 435 u_int len, level;
452 char *msg; 436 char *msg;
437 u_char *p;
438 int r;
453 439
454 buffer_init(&logmsg); 440 if ((logmsg = sshbuf_new()) == NULL)
441 fatal("%s: sshbuf_new", __func__);
455 442
456 /* Read length */ 443 /* Read length */
457 buffer_append_space(&logmsg, 4); 444 if ((r = sshbuf_reserve(logmsg, 4, &p)) != 0)
458 if (atomicio(read, pmonitor->m_log_recvfd, 445 fatal("%s: reserve: %s", __func__, ssh_err(r));
459 buffer_ptr(&logmsg), buffer_len(&logmsg)) != buffer_len(&logmsg)) { 446 if (atomicio(read, pmonitor->m_log_recvfd, p, 4) != 4) {
460 if (errno == EPIPE) { 447 if (errno == EPIPE) {
461 buffer_free(&logmsg); 448 sshbuf_free(logmsg);
462 debug("%s: child log fd closed", __func__); 449 debug("%s: child log fd closed", __func__);
463 close(pmonitor->m_log_recvfd); 450 close(pmonitor->m_log_recvfd);
464 pmonitor->m_log_recvfd = -1; 451 pmonitor->m_log_recvfd = -1;
@@ -466,26 +453,28 @@ monitor_read_log(struct monitor *pmonitor)
466 } 453 }
467 fatal("%s: log fd read: %s", __func__, strerror(errno)); 454 fatal("%s: log fd read: %s", __func__, strerror(errno));
468 } 455 }
469 len = buffer_get_int(&logmsg); 456 if ((r = sshbuf_get_u32(logmsg, &len)) != 0)
457 fatal("%s: get len: %s", __func__, ssh_err(r));
470 if (len <= 4 || len > 8192) 458 if (len <= 4 || len > 8192)
471 fatal("%s: invalid log message length %u", __func__, len); 459 fatal("%s: invalid log message length %u", __func__, len);
472 460
473 /* Read severity, message */ 461 /* Read severity, message */
474 buffer_clear(&logmsg); 462 sshbuf_reset(logmsg);
475 buffer_append_space(&logmsg, len); 463 if ((r = sshbuf_reserve(logmsg, len, &p)) != 0)
476 if (atomicio(read, pmonitor->m_log_recvfd, 464 fatal("%s: reserve: %s", __func__, ssh_err(r));
477 buffer_ptr(&logmsg), buffer_len(&logmsg)) != buffer_len(&logmsg)) 465 if (atomicio(read, pmonitor->m_log_recvfd, p, len) != len)
478 fatal("%s: log fd read: %s", __func__, strerror(errno)); 466 fatal("%s: log fd read: %s", __func__, strerror(errno));
467 if ((r = sshbuf_get_u32(logmsg, &level)) != 0 ||
468 (r = sshbuf_get_cstring(logmsg, &msg, NULL)) != 0)
469 fatal("%s: decode: %s", __func__, ssh_err(r));
479 470
480 /* Log it */ 471 /* Log it */
481 level = buffer_get_int(&logmsg);
482 msg = buffer_get_string(&logmsg, NULL);
483 if (log_level_name(level) == NULL) 472 if (log_level_name(level) == NULL)
484 fatal("%s: invalid log level %u (corrupted message?)", 473 fatal("%s: invalid log level %u (corrupted message?)",
485 __func__, level); 474 __func__, level);
486 do_log2(level, "%s [preauth]", msg); 475 do_log2(level, "%s [preauth]", msg);
487 476
488 buffer_free(&logmsg); 477 sshbuf_free(logmsg);
489 free(msg); 478 free(msg);
490 479
491 return 0; 480 return 0;
@@ -495,8 +484,8 @@ int
495monitor_read(struct monitor *pmonitor, struct mon_table *ent, 484monitor_read(struct monitor *pmonitor, struct mon_table *ent,
496 struct mon_table **pent) 485 struct mon_table **pent)
497{ 486{
498 Buffer m; 487 struct sshbuf *m;
499 int ret; 488 int r, ret;
500 u_char type; 489 u_char type;
501 struct pollfd pfd[2]; 490 struct pollfd pfd[2];
502 491
@@ -523,10 +512,12 @@ monitor_read(struct monitor *pmonitor, struct mon_table *ent,
523 break; /* Continues below */ 512 break; /* Continues below */
524 } 513 }
525 514
526 buffer_init(&m); 515 if ((m = sshbuf_new()) == NULL)
516 fatal("%s: sshbuf_new", __func__);
527 517
528 mm_request_receive(pmonitor->m_sendfd, &m); 518 mm_request_receive(pmonitor->m_sendfd, m);
529 type = buffer_get_char(&m); 519 if ((r = sshbuf_get_u8(m, &type)) != 0)
520 fatal("%s: decode: %s", __func__, ssh_err(r));
530 521
531 debug3("%s: checking request %d", __func__, type); 522 debug3("%s: checking request %d", __func__, type);
532 523
@@ -540,8 +531,8 @@ monitor_read(struct monitor *pmonitor, struct mon_table *ent,
540 if (!(ent->flags & MON_PERMIT)) 531 if (!(ent->flags & MON_PERMIT))
541 fatal("%s: unpermitted request %d", __func__, 532 fatal("%s: unpermitted request %d", __func__,
542 type); 533 type);
543 ret = (*ent->f)(pmonitor->m_sendfd, &m); 534 ret = (*ent->f)(pmonitor->m_sendfd, m);
544 buffer_free(&m); 535 sshbuf_free(m);
545 536
546 /* The child may use this request only once, disable it */ 537 /* The child may use this request only once, disable it */
547 if (ent->flags & MON_ONCE) { 538 if (ent->flags & MON_ONCE) {
@@ -591,14 +582,16 @@ monitor_reset_key_state(void)
591 582
592#ifdef WITH_OPENSSL 583#ifdef WITH_OPENSSL
593int 584int
594mm_answer_moduli(int sock, Buffer *m) 585mm_answer_moduli(int sock, struct sshbuf *m)
595{ 586{
596 DH *dh; 587 DH *dh;
597 int min, want, max; 588 int r;
589 u_int min, want, max;
598 590
599 min = buffer_get_int(m); 591 if ((r = sshbuf_get_u32(m, &min)) != 0 ||
600 want = buffer_get_int(m); 592 (r = sshbuf_get_u32(m, &want)) != 0 ||
601 max = buffer_get_int(m); 593 (r = sshbuf_get_u32(m, &max)) != 0)
594 fatal("%s: buffer error: %s", __func__, ssh_err(r));
602 595
603 debug3("%s: got parameters: %d %d %d", 596 debug3("%s: got parameters: %d %d %d",
604 __func__, min, want, max); 597 __func__, min, want, max);
@@ -607,17 +600,19 @@ mm_answer_moduli(int sock, Buffer *m)
607 fatal("%s: bad parameters: %d %d %d", 600 fatal("%s: bad parameters: %d %d %d",
608 __func__, min, want, max); 601 __func__, min, want, max);
609 602
610 buffer_clear(m); 603 sshbuf_reset(m);
611 604
612 dh = choose_dh(min, want, max); 605 dh = choose_dh(min, want, max);
613 if (dh == NULL) { 606 if (dh == NULL) {
614 buffer_put_char(m, 0); 607 if ((r = sshbuf_put_u8(m, 0)) != 0)
608 fatal("%s: buffer error: %s", __func__, ssh_err(r));
615 return (0); 609 return (0);
616 } else { 610 } else {
617 /* Send first bignum */ 611 /* Send first bignum */
618 buffer_put_char(m, 1); 612 if ((r = sshbuf_put_u8(m, 1)) != 0 ||
619 buffer_put_bignum2(m, dh->p); 613 (r = sshbuf_put_bignum2(m, dh->p)) != 0 ||
620 buffer_put_bignum2(m, dh->g); 614 (r = sshbuf_put_bignum2(m, dh->g)) != 0)
615 fatal("%s: buffer error: %s", __func__, ssh_err(r));
621 616
622 DH_free(dh); 617 DH_free(dh);
623 } 618 }
@@ -627,7 +622,7 @@ mm_answer_moduli(int sock, Buffer *m)
627#endif 622#endif
628 623
629int 624int
630mm_answer_sign(int sock, Buffer *m) 625mm_answer_sign(int sock, struct sshbuf *m)
631{ 626{
632 struct ssh *ssh = active_state; /* XXX */ 627 struct ssh *ssh = active_state; /* XXX */
633 extern int auth_sock; /* XXX move to state struct? */ 628 extern int auth_sock; /* XXX move to state struct? */
@@ -637,14 +632,15 @@ mm_answer_sign(int sock, Buffer *m)
637 char *alg = NULL; 632 char *alg = NULL;
638 size_t datlen, siglen, alglen; 633 size_t datlen, siglen, alglen;
639 int r, is_proof = 0; 634 int r, is_proof = 0;
640 u_int keyid; 635 u_int keyid, compat;
641 const char proof_req[] = "hostkeys-prove-00@openssh.com"; 636 const char proof_req[] = "hostkeys-prove-00@openssh.com";
642 637
643 debug3("%s", __func__); 638 debug3("%s", __func__);
644 639
645 if ((r = sshbuf_get_u32(m, &keyid)) != 0 || 640 if ((r = sshbuf_get_u32(m, &keyid)) != 0 ||
646 (r = sshbuf_get_string(m, &p, &datlen)) != 0 || 641 (r = sshbuf_get_string(m, &p, &datlen)) != 0 ||
647 (r = sshbuf_get_cstring(m, &alg, &alglen)) != 0) 642 (r = sshbuf_get_cstring(m, &alg, &alglen)) != 0 ||
643 (r = sshbuf_get_u32(m, &compat)) != 0)
648 fatal("%s: buffer error: %s", __func__, ssh_err(r)); 644 fatal("%s: buffer error: %s", __func__, ssh_err(r));
649 if (keyid > INT_MAX) 645 if (keyid > INT_MAX)
650 fatal("%s: invalid key ID", __func__); 646 fatal("%s: invalid key ID", __func__);
@@ -694,13 +690,13 @@ mm_answer_sign(int sock, Buffer *m)
694 690
695 if ((key = get_hostkey_by_index(keyid)) != NULL) { 691 if ((key = get_hostkey_by_index(keyid)) != NULL) {
696 if ((r = sshkey_sign(key, &signature, &siglen, p, datlen, alg, 692 if ((r = sshkey_sign(key, &signature, &siglen, p, datlen, alg,
697 datafellows)) != 0) 693 compat)) != 0)
698 fatal("%s: sshkey_sign failed: %s", 694 fatal("%s: sshkey_sign failed: %s",
699 __func__, ssh_err(r)); 695 __func__, ssh_err(r));
700 } else if ((key = get_hostkey_public_by_index(keyid, ssh)) != NULL && 696 } else if ((key = get_hostkey_public_by_index(keyid, ssh)) != NULL &&
701 auth_sock > 0) { 697 auth_sock > 0) {
702 if ((r = ssh_agent_sign(auth_sock, key, &signature, &siglen, 698 if ((r = ssh_agent_sign(auth_sock, key, &signature, &siglen,
703 p, datlen, alg, datafellows)) != 0) { 699 p, datlen, alg, compat)) != 0) {
704 fatal("%s: ssh_agent_sign failed: %s", 700 fatal("%s: ssh_agent_sign failed: %s",
705 __func__, ssh_err(r)); 701 __func__, ssh_err(r));
706 } 702 }
@@ -729,12 +725,12 @@ mm_answer_sign(int sock, Buffer *m)
729/* Retrieves the password entry and also checks if the user is permitted */ 725/* Retrieves the password entry and also checks if the user is permitted */
730 726
731int 727int
732mm_answer_pwnamallow(int sock, Buffer *m) 728mm_answer_pwnamallow(int sock, struct sshbuf *m)
733{ 729{
734 struct ssh *ssh = active_state; /* XXX */ 730 struct ssh *ssh = active_state; /* XXX */
735 char *username; 731 char *username;
736 struct passwd *pwent; 732 struct passwd *pwent;
737 int allowed = 0; 733 int r, allowed = 0;
738 u_int i; 734 u_int i;
739 735
740 debug3("%s", __func__); 736 debug3("%s", __func__);
@@ -742,7 +738,8 @@ mm_answer_pwnamallow(int sock, Buffer *m)
742 if (authctxt->attempt++ != 0) 738 if (authctxt->attempt++ != 0)
743 fatal("%s: multiple attempts for getpwnam", __func__); 739 fatal("%s: multiple attempts for getpwnam", __func__);
744 740
745 username = buffer_get_string(m, NULL); 741 if ((r = sshbuf_get_cstring(m, &username, NULL)) != 0)
742 fatal("%s: buffer error: %s", __func__, ssh_err(r));
746 743
747 pwent = getpwnamallow(username); 744 pwent = getpwnamallow(username);
748 745
@@ -750,10 +747,11 @@ mm_answer_pwnamallow(int sock, Buffer *m)
750 setproctitle("%s [priv]", pwent ? username : "unknown"); 747 setproctitle("%s [priv]", pwent ? username : "unknown");
751 free(username); 748 free(username);
752 749
753 buffer_clear(m); 750 sshbuf_reset(m);
754 751
755 if (pwent == NULL) { 752 if (pwent == NULL) {
756 buffer_put_char(m, 0); 753 if ((r = sshbuf_put_u8(m, 0)) != 0)
754 fatal("%s: buffer error: %s", __func__, ssh_err(r));
757 authctxt->pw = fakepw(); 755 authctxt->pw = fakepw();
758 goto out; 756 goto out;
759 } 757 }
@@ -762,31 +760,40 @@ mm_answer_pwnamallow(int sock, Buffer *m)
762 authctxt->pw = pwent; 760 authctxt->pw = pwent;
763 authctxt->valid = 1; 761 authctxt->valid = 1;
764 762
765 buffer_put_char(m, 1); 763 /* XXX don't sent pwent to unpriv; send fake class/dir/shell too */
766 buffer_put_string(m, pwent, sizeof(struct passwd)); 764 if ((r = sshbuf_put_u8(m, 1)) != 0 ||
767 buffer_put_cstring(m, pwent->pw_name); 765 (r = sshbuf_put_string(m, pwent, sizeof(*pwent))) != 0 ||
768 buffer_put_cstring(m, "*"); 766 (r = sshbuf_put_cstring(m, pwent->pw_name)) != 0 ||
767 (r = sshbuf_put_cstring(m, "*")) != 0 ||
769#ifdef HAVE_STRUCT_PASSWD_PW_GECOS 768#ifdef HAVE_STRUCT_PASSWD_PW_GECOS
770 buffer_put_cstring(m, pwent->pw_gecos); 769 (r = sshbuf_put_cstring(m, pwent->pw_gecos)) != 0 ||
771#endif 770#endif
772#ifdef HAVE_STRUCT_PASSWD_PW_CLASS 771#ifdef HAVE_STRUCT_PASSWD_PW_CLASS
773 buffer_put_cstring(m, pwent->pw_class); 772 (r = sshbuf_put_cstring(m, pwent->pw_class)) != 0 ||
774#endif 773#endif
775 buffer_put_cstring(m, pwent->pw_dir); 774 (r = sshbuf_put_cstring(m, pwent->pw_dir)) != 0 ||
776 buffer_put_cstring(m, pwent->pw_shell); 775 (r = sshbuf_put_cstring(m, pwent->pw_shell)) != 0)
776 fatal("%s: buffer error: %s", __func__, ssh_err(r));
777 777
778 out: 778 out:
779 ssh_packet_set_log_preamble(ssh, "%suser %s", 779 ssh_packet_set_log_preamble(ssh, "%suser %s",
780 authctxt->valid ? "authenticating" : "invalid ", authctxt->user); 780 authctxt->valid ? "authenticating" : "invalid ", authctxt->user);
781 buffer_put_string(m, &options, sizeof(options)); 781 if ((r = sshbuf_put_string(m, &options, sizeof(options))) != 0)
782 fatal("%s: buffer error: %s", __func__, ssh_err(r));
782 783
783#define M_CP_STROPT(x) do { \ 784#define M_CP_STROPT(x) do { \
784 if (options.x != NULL) \ 785 if (options.x != NULL) { \
785 buffer_put_cstring(m, options.x); \ 786 if ((r = sshbuf_put_cstring(m, options.x)) != 0) \
787 fatal("%s: buffer error: %s", \
788 __func__, ssh_err(r)); \
789 } \
786 } while (0) 790 } while (0)
787#define M_CP_STRARRAYOPT(x, nx) do { \ 791#define M_CP_STRARRAYOPT(x, nx) do { \
788 for (i = 0; i < options.nx; i++) \ 792 for (i = 0; i < options.nx; i++) { \
789 buffer_put_cstring(m, options.x[i]); \ 793 if ((r = sshbuf_put_cstring(m, options.x[i])) != 0) \
794 fatal("%s: buffer error: %s", \
795 __func__, ssh_err(r)); \
796 } \
790 } while (0) 797 } while (0)
791 /* See comment in servconf.h */ 798 /* See comment in servconf.h */
792 COPY_MATCH_STRING_OPTS(); 799 COPY_MATCH_STRING_OPTS();
@@ -819,13 +826,15 @@ mm_answer_pwnamallow(int sock, Buffer *m)
819 return (0); 826 return (0);
820} 827}
821 828
822int mm_answer_auth2_read_banner(int sock, Buffer *m) 829int mm_answer_auth2_read_banner(int sock, struct sshbuf *m)
823{ 830{
824 char *banner; 831 char *banner;
832 int r;
825 833
826 buffer_clear(m); 834 sshbuf_reset(m);
827 banner = auth2_read_banner(); 835 banner = auth2_read_banner();
828 buffer_put_cstring(m, banner != NULL ? banner : ""); 836 if ((r = sshbuf_put_cstring(m, banner != NULL ? banner : "")) != 0)
837 fatal("%s: buffer error: %s", __func__, ssh_err(r));
829 mm_request_send(sock, MONITOR_ANS_AUTH2_READ_BANNER, m); 838 mm_request_send(sock, MONITOR_ANS_AUTH2_READ_BANNER, m);
830 free(banner); 839 free(banner);
831 840
@@ -833,13 +842,16 @@ int mm_answer_auth2_read_banner(int sock, Buffer *m)
833} 842}
834 843
835int 844int
836mm_answer_authserv(int sock, Buffer *m) 845mm_answer_authserv(int sock, struct sshbuf *m)
837{ 846{
847 int r;
848
838 monitor_permit_authentications(1); 849 monitor_permit_authentications(1);
839 850
840 authctxt->service = buffer_get_string(m, NULL); 851 if ((r = sshbuf_get_cstring(m, &authctxt->service, NULL)) != 0 ||
841 authctxt->style = buffer_get_string(m, NULL); 852 (r = sshbuf_get_cstring(m, &authctxt->style, NULL)) != 0 ||
842 authctxt->role = buffer_get_string(m, NULL); 853 (r = sshbuf_get_cstring(m, &authctxt->role, NULL)) != 0)
854 fatal("%s: buffer error: %s", __func__, ssh_err(r));
843 debug3("%s: service=%s, style=%s, role=%s", 855 debug3("%s: service=%s, style=%s, role=%s",
844 __func__, authctxt->service, authctxt->style, authctxt->role); 856 __func__, authctxt->service, authctxt->style, authctxt->role);
845 857
@@ -857,11 +869,14 @@ mm_answer_authserv(int sock, Buffer *m)
857} 869}
858 870
859int 871int
860mm_answer_authrole(int sock, Buffer *m) 872mm_answer_authrole(int sock, struct sshbuf *m)
861{ 873{
874 int r;
875
862 monitor_permit_authentications(1); 876 monitor_permit_authentications(1);
863 877
864 authctxt->role = buffer_get_string(m, NULL); 878 if ((r = sshbuf_get_cstring(m, &authctxt->role, NULL)) != 0)
879 fatal("%s: buffer error: %s", __func__, ssh_err(r));
865 debug3("%s: role=%s", 880 debug3("%s: role=%s",
866 __func__, authctxt->role); 881 __func__, authctxt->role);
867 882
@@ -874,27 +889,30 @@ mm_answer_authrole(int sock, Buffer *m)
874} 889}
875 890
876int 891int
877mm_answer_authpassword(int sock, Buffer *m) 892mm_answer_authpassword(int sock, struct sshbuf *m)
878{ 893{
879 struct ssh *ssh = active_state; /* XXX */ 894 struct ssh *ssh = active_state; /* XXX */
880 static int call_count; 895 static int call_count;
881 char *passwd; 896 char *passwd;
882 int authenticated; 897 int r, authenticated;
883 u_int plen; 898 size_t plen;
884 899
885 if (!options.password_authentication) 900 if (!options.password_authentication)
886 fatal("%s: password authentication not enabled", __func__); 901 fatal("%s: password authentication not enabled", __func__);
887 passwd = buffer_get_string(m, &plen); 902 if ((r = sshbuf_get_cstring(m, &passwd, &plen)) != 0)
903 fatal("%s: buffer error: %s", __func__, ssh_err(r));
888 /* Only authenticate if the context is valid */ 904 /* Only authenticate if the context is valid */
889 authenticated = options.password_authentication && 905 authenticated = options.password_authentication &&
890 auth_password(ssh, passwd); 906 auth_password(ssh, passwd);
891 explicit_bzero(passwd, strlen(passwd)); 907 explicit_bzero(passwd, plen);
892 free(passwd); 908 free(passwd);
893 909
894 buffer_clear(m); 910 sshbuf_reset(m);
895 buffer_put_int(m, authenticated); 911 if ((r = sshbuf_put_u32(m, authenticated)) != 0)
912 fatal("%s: buffer error: %s", __func__, ssh_err(r));
896#ifdef USE_PAM 913#ifdef USE_PAM
897 buffer_put_int(m, sshpam_get_maxtries_reached()); 914 if ((r = sshbuf_put_u32(m, sshpam_get_maxtries_reached())) != 0)
915 fatal("%s: buffer error: %s", __func__, ssh_err(r));
898#endif 916#endif
899 917
900 debug3("%s: sending result %d", __func__, authenticated); 918 debug3("%s: sending result %d", __func__, authenticated);
@@ -912,23 +930,25 @@ mm_answer_authpassword(int sock, Buffer *m)
912 930
913#ifdef BSD_AUTH 931#ifdef BSD_AUTH
914int 932int
915mm_answer_bsdauthquery(int sock, Buffer *m) 933mm_answer_bsdauthquery(int sock, struct sshbuf *m)
916{ 934{
917 char *name, *infotxt; 935 char *name, *infotxt;
918 u_int numprompts; 936 u_int numprompts, *echo_on, success;
919 u_int *echo_on;
920 char **prompts; 937 char **prompts;
921 u_int success; 938 int r;
922 939
923 if (!options.kbd_interactive_authentication) 940 if (!options.kbd_interactive_authentication)
924 fatal("%s: kbd-int authentication not enabled", __func__); 941 fatal("%s: kbd-int authentication not enabled", __func__);
925 success = bsdauth_query(authctxt, &name, &infotxt, &numprompts, 942 success = bsdauth_query(authctxt, &name, &infotxt, &numprompts,
926 &prompts, &echo_on) < 0 ? 0 : 1; 943 &prompts, &echo_on) < 0 ? 0 : 1;
927 944
928 buffer_clear(m); 945 sshbuf_reset(m);
929 buffer_put_int(m, success); 946 if ((r = sshbuf_put_u32(m, success)) != 0)
930 if (success) 947 fatal("%s: buffer error: %s", __func__, ssh_err(r));
931 buffer_put_cstring(m, prompts[0]); 948 if (success) {
949 if ((r = sshbuf_put_cstring(m, prompts[0])) != 0)
950 fatal("%s: buffer error: %s", __func__, ssh_err(r));
951 }
932 952
933 debug3("%s: sending challenge success: %u", __func__, success); 953 debug3("%s: sending challenge success: %u", __func__, success);
934 mm_request_send(sock, MONITOR_ANS_BSDAUTHQUERY, m); 954 mm_request_send(sock, MONITOR_ANS_BSDAUTHQUERY, m);
@@ -944,25 +964,27 @@ mm_answer_bsdauthquery(int sock, Buffer *m)
944} 964}
945 965
946int 966int
947mm_answer_bsdauthrespond(int sock, Buffer *m) 967mm_answer_bsdauthrespond(int sock, struct sshbuf *m)
948{ 968{
949 char *response; 969 char *response;
950 int authok; 970 int r, authok;
951 971
952 if (!options.kbd_interactive_authentication) 972 if (!options.kbd_interactive_authentication)
953 fatal("%s: kbd-int authentication not enabled", __func__); 973 fatal("%s: kbd-int authentication not enabled", __func__);
954 if (authctxt->as == NULL) 974 if (authctxt->as == NULL)
955 fatal("%s: no bsd auth session", __func__); 975 fatal("%s: no bsd auth session", __func__);
956 976
957 response = buffer_get_string(m, NULL); 977 if ((r = sshbuf_get_cstring(m, &response, NULL)) != 0)
978 fatal("%s: buffer error: %s", __func__, ssh_err(r));
958 authok = options.challenge_response_authentication && 979 authok = options.challenge_response_authentication &&
959 auth_userresponse(authctxt->as, response, 0); 980 auth_userresponse(authctxt->as, response, 0);
960 authctxt->as = NULL; 981 authctxt->as = NULL;
961 debug3("%s: <%s> = <%d>", __func__, response, authok); 982 debug3("%s: <%s> = <%d>", __func__, response, authok);
962 free(response); 983 free(response);
963 984
964 buffer_clear(m); 985 sshbuf_reset(m);
965 buffer_put_int(m, authok); 986 if ((r = sshbuf_put_u32(m, authok)) != 0)
987 fatal("%s: buffer error: %s", __func__, ssh_err(r));
966 988
967 debug3("%s: sending authenticated: %d", __func__, authok); 989 debug3("%s: sending authenticated: %d", __func__, authok);
968 mm_request_send(sock, MONITOR_ANS_BSDAUTHRESPOND, m); 990 mm_request_send(sock, MONITOR_ANS_BSDAUTHRESPOND, m);
@@ -974,59 +996,9 @@ mm_answer_bsdauthrespond(int sock, Buffer *m)
974} 996}
975#endif 997#endif
976 998
977#ifdef SKEY
978int
979mm_answer_skeyquery(int sock, Buffer *m)
980{
981 struct skey skey;
982 char challenge[1024];
983 u_int success;
984
985 success = _compat_skeychallenge(&skey, authctxt->user, challenge,
986 sizeof(challenge)) < 0 ? 0 : 1;
987
988 buffer_clear(m);
989 buffer_put_int(m, success);
990 if (success)
991 buffer_put_cstring(m, challenge);
992
993 debug3("%s: sending challenge success: %u", __func__, success);
994 mm_request_send(sock, MONITOR_ANS_SKEYQUERY, m);
995
996 return (0);
997}
998
999int
1000mm_answer_skeyrespond(int sock, Buffer *m)
1001{
1002 char *response;
1003 int authok;
1004
1005 response = buffer_get_string(m, NULL);
1006
1007 authok = (options.challenge_response_authentication &&
1008 authctxt->valid &&
1009 skey_haskey(authctxt->pw->pw_name) == 0 &&
1010 skey_passcheck(authctxt->pw->pw_name, response) != -1);
1011
1012 free(response);
1013
1014 buffer_clear(m);
1015 buffer_put_int(m, authok);
1016
1017 debug3("%s: sending authenticated: %d", __func__, authok);
1018 mm_request_send(sock, MONITOR_ANS_SKEYRESPOND, m);
1019
1020 auth_method = "keyboard-interactive";
1021 auth_submethod = "skey";
1022
1023 return (authok != 0);
1024}
1025#endif
1026
1027#ifdef USE_PAM 999#ifdef USE_PAM
1028int 1000int
1029mm_answer_pam_start(int sock, Buffer *m) 1001mm_answer_pam_start(int sock, struct sshbuf *m)
1030{ 1002{
1031 if (!options.use_pam) 1003 if (!options.use_pam)
1032 fatal("UsePAM not set, but ended up in %s anyway", __func__); 1004 fatal("UsePAM not set, but ended up in %s anyway", __func__);
@@ -1041,17 +1013,19 @@ mm_answer_pam_start(int sock, Buffer *m)
1041} 1013}
1042 1014
1043int 1015int
1044mm_answer_pam_account(int sock, Buffer *m) 1016mm_answer_pam_account(int sock, struct sshbuf *m)
1045{ 1017{
1046 u_int ret; 1018 u_int ret;
1019 int r;
1047 1020
1048 if (!options.use_pam) 1021 if (!options.use_pam)
1049 fatal("%s: PAM not enabled", __func__); 1022 fatal("%s: PAM not enabled", __func__);
1050 1023
1051 ret = do_pam_account(); 1024 ret = do_pam_account();
1052 1025
1053 buffer_put_int(m, ret); 1026 if ((r = sshbuf_put_u32(m, ret)) != 0 ||
1054 buffer_put_string(m, buffer_ptr(&loginmsg), buffer_len(&loginmsg)); 1027 (r = sshbuf_put_stringb(m, loginmsg)) != 0)
1028 fatal("%s: buffer error: %s", __func__, ssh_err(r));
1055 1029
1056 mm_request_send(sock, MONITOR_ANS_PAM_ACCOUNT, m); 1030 mm_request_send(sock, MONITOR_ANS_PAM_ACCOUNT, m);
1057 1031
@@ -1062,8 +1036,11 @@ static void *sshpam_ctxt, *sshpam_authok;
1062extern KbdintDevice sshpam_device; 1036extern KbdintDevice sshpam_device;
1063 1037
1064int 1038int
1065mm_answer_pam_init_ctx(int sock, Buffer *m) 1039mm_answer_pam_init_ctx(int sock, struct sshbuf *m)
1066{ 1040{
1041 u_int ok = 0;
1042 int r;
1043
1067 debug3("%s", __func__); 1044 debug3("%s", __func__);
1068 if (!options.kbd_interactive_authentication) 1045 if (!options.kbd_interactive_authentication)
1069 fatal("%s: kbd-int authentication not enabled", __func__); 1046 fatal("%s: kbd-int authentication not enabled", __func__);
@@ -1071,24 +1048,24 @@ mm_answer_pam_init_ctx(int sock, Buffer *m)
1071 fatal("%s: already called", __func__); 1048 fatal("%s: already called", __func__);
1072 sshpam_ctxt = (sshpam_device.init_ctx)(authctxt); 1049 sshpam_ctxt = (sshpam_device.init_ctx)(authctxt);
1073 sshpam_authok = NULL; 1050 sshpam_authok = NULL;
1074 buffer_clear(m); 1051 sshbuf_reset(m);
1075 if (sshpam_ctxt != NULL) { 1052 if (sshpam_ctxt != NULL) {
1076 monitor_permit(mon_dispatch, MONITOR_REQ_PAM_FREE_CTX, 1); 1053 monitor_permit(mon_dispatch, MONITOR_REQ_PAM_FREE_CTX, 1);
1077 monitor_permit(mon_dispatch, MONITOR_REQ_PAM_QUERY, 1); 1054 monitor_permit(mon_dispatch, MONITOR_REQ_PAM_QUERY, 1);
1078 buffer_put_int(m, 1); 1055 ok = 1;
1079 } else {
1080 buffer_put_int(m, 0);
1081 } 1056 }
1057 if ((r = sshbuf_put_u32(m, ok)) != 0)
1058 fatal("%s: buffer error: %s", __func__, ssh_err(r));
1082 mm_request_send(sock, MONITOR_ANS_PAM_INIT_CTX, m); 1059 mm_request_send(sock, MONITOR_ANS_PAM_INIT_CTX, m);
1083 return (0); 1060 return (0);
1084} 1061}
1085 1062
1086int 1063int
1087mm_answer_pam_query(int sock, Buffer *m) 1064mm_answer_pam_query(int sock, struct sshbuf *m)
1088{ 1065{
1089 char *name = NULL, *info = NULL, **prompts = NULL; 1066 char *name = NULL, *info = NULL, **prompts = NULL;
1090 u_int i, num = 0, *echo_on = 0; 1067 u_int i, num = 0, *echo_on = 0;
1091 int ret; 1068 int r, ret;
1092 1069
1093 debug3("%s", __func__); 1070 debug3("%s", __func__);
1094 sshpam_authok = NULL; 1071 sshpam_authok = NULL;
@@ -1101,18 +1078,20 @@ mm_answer_pam_query(int sock, Buffer *m)
1101 if (num > 1 || name == NULL || info == NULL) 1078 if (num > 1 || name == NULL || info == NULL)
1102 fatal("sshpam_device.query failed"); 1079 fatal("sshpam_device.query failed");
1103 monitor_permit(mon_dispatch, MONITOR_REQ_PAM_RESPOND, 1); 1080 monitor_permit(mon_dispatch, MONITOR_REQ_PAM_RESPOND, 1);
1104 buffer_clear(m); 1081 sshbuf_reset(m);
1105 buffer_put_int(m, ret); 1082 if ((r = sshbuf_put_u32(m, ret)) != 0 ||
1106 buffer_put_cstring(m, name); 1083 (r = sshbuf_put_cstring(m, name)) != 0 ||
1084 (r = sshbuf_put_cstring(m, info)) != 0 ||
1085 (r = sshbuf_put_u32(m, sshpam_get_maxtries_reached())) != 0 ||
1086 (r = sshbuf_put_u32(m, num)) != 0)
1087 fatal("%s: buffer error: %s", __func__, ssh_err(r));
1107 free(name); 1088 free(name);
1108 buffer_put_cstring(m, info);
1109 free(info); 1089 free(info);
1110 buffer_put_int(m, sshpam_get_maxtries_reached());
1111 buffer_put_int(m, num);
1112 for (i = 0; i < num; ++i) { 1090 for (i = 0; i < num; ++i) {
1113 buffer_put_cstring(m, prompts[i]); 1091 if ((r = sshbuf_put_cstring(m, prompts[i])) != 0 ||
1092 (r = sshbuf_put_u32(m, echo_on[i])) != 0)
1093 fatal("%s: buffer error: %s", __func__, ssh_err(r));
1114 free(prompts[i]); 1094 free(prompts[i]);
1115 buffer_put_int(m, echo_on[i]);
1116 } 1095 }
1117 free(prompts); 1096 free(prompts);
1118 free(echo_on); 1097 free(echo_on);
@@ -1123,21 +1102,25 @@ mm_answer_pam_query(int sock, Buffer *m)
1123} 1102}
1124 1103
1125int 1104int
1126mm_answer_pam_respond(int sock, Buffer *m) 1105mm_answer_pam_respond(int sock, struct sshbuf *m)
1127{ 1106{
1128 char **resp; 1107 char **resp;
1129 u_int i, num; 1108 u_int i, num;
1130 int ret; 1109 int r, ret;
1131 1110
1132 debug3("%s", __func__); 1111 debug3("%s", __func__);
1133 if (sshpam_ctxt == NULL) 1112 if (sshpam_ctxt == NULL)
1134 fatal("%s: no context", __func__); 1113 fatal("%s: no context", __func__);
1135 sshpam_authok = NULL; 1114 sshpam_authok = NULL;
1136 num = buffer_get_int(m); 1115 if ((r = sshbuf_get_u32(m, &num)) != 0)
1116 fatal("%s: buffer error: %s", __func__, ssh_err(r));
1137 if (num > 0) { 1117 if (num > 0) {
1138 resp = xcalloc(num, sizeof(char *)); 1118 resp = xcalloc(num, sizeof(char *));
1139 for (i = 0; i < num; ++i) 1119 for (i = 0; i < num; ++i) {
1140 resp[i] = buffer_get_string(m, NULL); 1120 if ((r = sshbuf_get_cstring(m, &(resp[i]), NULL)) != 0)
1121 fatal("%s: buffer error: %s",
1122 __func__, ssh_err(r));
1123 }
1141 ret = (sshpam_device.respond)(sshpam_ctxt, num, resp); 1124 ret = (sshpam_device.respond)(sshpam_ctxt, num, resp);
1142 for (i = 0; i < num; ++i) 1125 for (i = 0; i < num; ++i)
1143 free(resp[i]); 1126 free(resp[i]);
@@ -1145,8 +1128,9 @@ mm_answer_pam_respond(int sock, Buffer *m)
1145 } else { 1128 } else {
1146 ret = (sshpam_device.respond)(sshpam_ctxt, num, NULL); 1129 ret = (sshpam_device.respond)(sshpam_ctxt, num, NULL);
1147 } 1130 }
1148 buffer_clear(m); 1131 sshbuf_reset(m);
1149 buffer_put_int(m, ret); 1132 if ((r = sshbuf_put_u32(m, ret)) != 0)
1133 fatal("%s: buffer error: %s", __func__, ssh_err(r));
1150 mm_request_send(sock, MONITOR_ANS_PAM_RESPOND, m); 1134 mm_request_send(sock, MONITOR_ANS_PAM_RESPOND, m);
1151 auth_method = "keyboard-interactive"; 1135 auth_method = "keyboard-interactive";
1152 auth_submethod = "pam"; 1136 auth_submethod = "pam";
@@ -1156,7 +1140,7 @@ mm_answer_pam_respond(int sock, Buffer *m)
1156} 1140}
1157 1141
1158int 1142int
1159mm_answer_pam_free_ctx(int sock, Buffer *m) 1143mm_answer_pam_free_ctx(int sock, struct sshbuf *m)
1160{ 1144{
1161 int r = sshpam_authok != NULL && sshpam_authok == sshpam_ctxt; 1145 int r = sshpam_authok != NULL && sshpam_authok == sshpam_ctxt;
1162 1146
@@ -1165,7 +1149,7 @@ mm_answer_pam_free_ctx(int sock, Buffer *m)
1165 fatal("%s: no context", __func__); 1149 fatal("%s: no context", __func__);
1166 (sshpam_device.free_ctx)(sshpam_ctxt); 1150 (sshpam_device.free_ctx)(sshpam_ctxt);
1167 sshpam_ctxt = sshpam_authok = NULL; 1151 sshpam_ctxt = sshpam_authok = NULL;
1168 buffer_clear(m); 1152 sshbuf_reset(m);
1169 mm_request_send(sock, MONITOR_ANS_PAM_FREE_CTX, m); 1153 mm_request_send(sock, MONITOR_ANS_PAM_FREE_CTX, m);
1170 /* Allow another attempt */ 1154 /* Allow another attempt */
1171 monitor_permit(mon_dispatch, MONITOR_REQ_PAM_INIT_CTX, 1); 1155 monitor_permit(mon_dispatch, MONITOR_REQ_PAM_INIT_CTX, 1);
@@ -1176,31 +1160,29 @@ mm_answer_pam_free_ctx(int sock, Buffer *m)
1176#endif 1160#endif
1177 1161
1178int 1162int
1179mm_answer_keyallowed(int sock, Buffer *m) 1163mm_answer_keyallowed(int sock, struct sshbuf *m)
1180{ 1164{
1181 struct ssh *ssh = active_state; /* XXX */ 1165 struct ssh *ssh = active_state; /* XXX */
1182 struct sshkey *key; 1166 struct sshkey *key = NULL;
1183 char *cuser, *chost; 1167 char *cuser, *chost;
1184 u_char *blob; 1168 u_int pubkey_auth_attempt;
1185 u_int bloblen, pubkey_auth_attempt;
1186 enum mm_keytype type = 0; 1169 enum mm_keytype type = 0;
1187 int r, allowed = 0; 1170 int r, allowed = 0;
1188 struct sshauthopt *opts = NULL; 1171 struct sshauthopt *opts = NULL;
1189 1172
1190 debug3("%s entering", __func__); 1173 debug3("%s entering", __func__);
1191 type = buffer_get_int(m); 1174 if ((r = sshbuf_get_u32(m, &type)) != 0 ||
1192 cuser = buffer_get_string(m, NULL); 1175 (r = sshbuf_get_cstring(m, &cuser, NULL)) != 0 ||
1193 chost = buffer_get_string(m, NULL); 1176 (r = sshbuf_get_cstring(m, &chost, NULL)) != 0 ||
1194 blob = buffer_get_string(m, &bloblen); 1177 (r = sshkey_froms(m, &key)) != 0 ||
1195 pubkey_auth_attempt = buffer_get_int(m); 1178 (r = sshbuf_get_u32(m, &pubkey_auth_attempt)) != 0)
1196 1179 fatal("%s: buffer error: %s", __func__, ssh_err(r));
1197 key = key_from_blob(blob, bloblen);
1198 1180
1199 debug3("%s: key_from_blob: %p", __func__, key); 1181 debug3("%s: key_from_blob: %p", __func__, key);
1200 1182
1201 if (key != NULL && authctxt->valid) { 1183 if (key != NULL && authctxt->valid) {
1202 /* These should not make it past the privsep child */ 1184 /* These should not make it past the privsep child */
1203 if (key_type_plain(key->type) == KEY_RSA && 1185 if (sshkey_type_plain(key->type) == KEY_RSA &&
1204 (datafellows & SSH_BUG_RSASIGMD5) != 0) 1186 (datafellows & SSH_BUG_RSASIGMD5) != 0)
1205 fatal("%s: passed a SSH_BUG_RSASIGMD5 key", __func__); 1187 fatal("%s: passed a SSH_BUG_RSASIGMD5 key", __func__);
1206 1188
@@ -1244,15 +1226,14 @@ mm_answer_keyallowed(int sock, Buffer *m)
1244 allowed ? "allowed" : "not allowed"); 1226 allowed ? "allowed" : "not allowed");
1245 1227
1246 auth2_record_key(authctxt, 0, key); 1228 auth2_record_key(authctxt, 0, key);
1247 sshkey_free(key);
1248 1229
1249 /* clear temporarily storage (used by verify) */ 1230 /* clear temporarily storage (used by verify) */
1250 monitor_reset_key_state(); 1231 monitor_reset_key_state();
1251 1232
1252 if (allowed) { 1233 if (allowed) {
1253 /* Save temporarily for comparison in verify */ 1234 /* Save temporarily for comparison in verify */
1254 key_blob = blob; 1235 if ((r = sshkey_to_blob(key, &key_blob, &key_bloblen)) != 0)
1255 key_bloblen = bloblen; 1236 fatal("%s: buffer error: %s", __func__, ssh_err(r));
1256 key_blobtype = type; 1237 key_blobtype = type;
1257 key_opts = opts; 1238 key_opts = opts;
1258 hostbased_cuser = cuser; 1239 hostbased_cuser = cuser;
@@ -1260,13 +1241,14 @@ mm_answer_keyallowed(int sock, Buffer *m)
1260 } else { 1241 } else {
1261 /* Log failed attempt */ 1242 /* Log failed attempt */
1262 auth_log(authctxt, 0, 0, auth_method, NULL); 1243 auth_log(authctxt, 0, 0, auth_method, NULL);
1263 free(blob);
1264 free(cuser); 1244 free(cuser);
1265 free(chost); 1245 free(chost);
1266 } 1246 }
1247 sshkey_free(key);
1267 1248
1268 buffer_clear(m); 1249 sshbuf_reset(m);
1269 buffer_put_int(m, allowed); 1250 if ((r = sshbuf_put_u32(m, allowed)) != 0)
1251 fatal("%s: buffer error: %s", __func__, ssh_err(r));
1270 if (opts != NULL && (r = sshauthopt_serialise(opts, m, 1)) != 0) 1252 if (opts != NULL && (r = sshauthopt_serialise(opts, m, 1)) != 0)
1271 fatal("%s: sshauthopt_serialise: %s", __func__, ssh_err(r)); 1253 fatal("%s: sshauthopt_serialise: %s", __func__, ssh_err(r));
1272 mm_request_send(sock, MONITOR_ANS_KEYALLOWED, m); 1254 mm_request_send(sock, MONITOR_ANS_KEYALLOWED, m);
@@ -1280,34 +1262,41 @@ mm_answer_keyallowed(int sock, Buffer *m)
1280static int 1262static int
1281monitor_valid_userblob(u_char *data, u_int datalen) 1263monitor_valid_userblob(u_char *data, u_int datalen)
1282{ 1264{
1283 Buffer b; 1265 struct sshbuf *b;
1284 u_char *p; 1266 const u_char *p;
1285 char *userstyle, *cp; 1267 char *userstyle, *cp;
1286 u_int len; 1268 size_t len;
1287 int fail = 0; 1269 u_char type;
1270 int r, fail = 0;
1288 1271
1289 buffer_init(&b); 1272 if ((b = sshbuf_new()) == NULL)
1290 buffer_append(&b, data, datalen); 1273 fatal("%s: sshbuf_new", __func__);
1274 if ((r = sshbuf_put(b, data, datalen)) != 0)
1275 fatal("%s: buffer error: %s", __func__, ssh_err(r));
1291 1276
1292 if (datafellows & SSH_OLD_SESSIONID) { 1277 if (datafellows & SSH_OLD_SESSIONID) {
1293 p = buffer_ptr(&b); 1278 p = sshbuf_ptr(b);
1294 len = buffer_len(&b); 1279 len = sshbuf_len(b);
1295 if ((session_id2 == NULL) || 1280 if ((session_id2 == NULL) ||
1296 (len < session_id2_len) || 1281 (len < session_id2_len) ||
1297 (timingsafe_bcmp(p, session_id2, session_id2_len) != 0)) 1282 (timingsafe_bcmp(p, session_id2, session_id2_len) != 0))
1298 fail++; 1283 fail++;
1299 buffer_consume(&b, session_id2_len); 1284 if ((r = sshbuf_consume(b, session_id2_len)) != 0)
1285 fatal("%s: buffer error: %s", __func__, ssh_err(r));
1300 } else { 1286 } else {
1301 p = buffer_get_string(&b, &len); 1287 if ((r = sshbuf_get_string_direct(b, &p, &len)) != 0)
1288 fatal("%s: buffer error: %s", __func__, ssh_err(r));
1302 if ((session_id2 == NULL) || 1289 if ((session_id2 == NULL) ||
1303 (len != session_id2_len) || 1290 (len != session_id2_len) ||
1304 (timingsafe_bcmp(p, session_id2, session_id2_len) != 0)) 1291 (timingsafe_bcmp(p, session_id2, session_id2_len) != 0))
1305 fail++; 1292 fail++;
1306 free(p);
1307 } 1293 }
1308 if (buffer_get_char(&b) != SSH2_MSG_USERAUTH_REQUEST) 1294 if ((r = sshbuf_get_u8(b, &type)) != 0)
1295 fatal("%s: buffer error: %s", __func__, ssh_err(r));
1296 if (type != SSH2_MSG_USERAUTH_REQUEST)
1309 fail++; 1297 fail++;
1310 cp = buffer_get_cstring(&b, NULL); 1298 if ((r = sshbuf_get_cstring(b, &cp, NULL)) != 0)
1299 fatal("%s: buffer error: %s", __func__, ssh_err(r));
1311 xasprintf(&userstyle, "%s%s%s", authctxt->user, 1300 xasprintf(&userstyle, "%s%s%s", authctxt->user,
1312 authctxt->style ? ":" : "", 1301 authctxt->style ? ":" : "",
1313 authctxt->style ? authctxt->style : ""); 1302 authctxt->style ? authctxt->style : "");
@@ -1318,18 +1307,22 @@ monitor_valid_userblob(u_char *data, u_int datalen)
1318 } 1307 }
1319 free(userstyle); 1308 free(userstyle);
1320 free(cp); 1309 free(cp);
1321 buffer_skip_string(&b); 1310 if ((r = sshbuf_skip_string(b)) != 0 || /* service */
1322 cp = buffer_get_cstring(&b, NULL); 1311 (r = sshbuf_get_cstring(b, &cp, NULL)) != 0)
1312 fatal("%s: buffer error: %s", __func__, ssh_err(r));
1323 if (strcmp("publickey", cp) != 0) 1313 if (strcmp("publickey", cp) != 0)
1324 fail++; 1314 fail++;
1325 free(cp); 1315 free(cp);
1326 if (!buffer_get_char(&b)) 1316 if ((r = sshbuf_get_u8(b, &type)) != 0)
1317 fatal("%s: buffer error: %s", __func__, ssh_err(r));
1318 if (type == 0)
1327 fail++; 1319 fail++;
1328 buffer_skip_string(&b); 1320 if ((r = sshbuf_skip_string(b)) != 0 || /* pkalg */
1329 buffer_skip_string(&b); 1321 (r = sshbuf_skip_string(b)) != 0) /* pkblob */
1330 if (buffer_len(&b) != 0) 1322 fatal("%s: buffer error: %s", __func__, ssh_err(r));
1323 if (sshbuf_len(b) != 0)
1331 fail++; 1324 fail++;
1332 buffer_free(&b); 1325 sshbuf_free(b);
1333 return (fail == 0); 1326 return (fail == 0);
1334} 1327}
1335 1328
@@ -1337,59 +1330,69 @@ static int
1337monitor_valid_hostbasedblob(u_char *data, u_int datalen, char *cuser, 1330monitor_valid_hostbasedblob(u_char *data, u_int datalen, char *cuser,
1338 char *chost) 1331 char *chost)
1339{ 1332{
1340 Buffer b; 1333 struct sshbuf *b;
1341 char *p, *userstyle; 1334 const u_char *p;
1342 u_int len; 1335 char *cp, *userstyle;
1343 int fail = 0; 1336 size_t len;
1337 int r, fail = 0;
1338 u_char type;
1344 1339
1345 buffer_init(&b); 1340 if ((b = sshbuf_new()) == NULL)
1346 buffer_append(&b, data, datalen); 1341 fatal("%s: sshbuf_new", __func__);
1342 if ((r = sshbuf_put(b, data, datalen)) != 0 ||
1343 (r = sshbuf_get_string_direct(b, &p, &len)) != 0)
1344 fatal("%s: buffer error: %s", __func__, ssh_err(r));
1347 1345
1348 p = buffer_get_string(&b, &len);
1349 if ((session_id2 == NULL) || 1346 if ((session_id2 == NULL) ||
1350 (len != session_id2_len) || 1347 (len != session_id2_len) ||
1351 (timingsafe_bcmp(p, session_id2, session_id2_len) != 0)) 1348 (timingsafe_bcmp(p, session_id2, session_id2_len) != 0))
1352 fail++; 1349 fail++;
1353 free(p);
1354 1350
1355 if (buffer_get_char(&b) != SSH2_MSG_USERAUTH_REQUEST) 1351 if ((r = sshbuf_get_u8(b, &type)) != 0)
1352 fatal("%s: buffer error: %s", __func__, ssh_err(r));
1353 if (type != SSH2_MSG_USERAUTH_REQUEST)
1356 fail++; 1354 fail++;
1357 p = buffer_get_cstring(&b, NULL); 1355 if ((r = sshbuf_get_cstring(b, &cp, NULL)) != 0)
1356 fatal("%s: buffer error: %s", __func__, ssh_err(r));
1358 xasprintf(&userstyle, "%s%s%s", authctxt->user, 1357 xasprintf(&userstyle, "%s%s%s", authctxt->user,
1359 authctxt->style ? ":" : "", 1358 authctxt->style ? ":" : "",
1360 authctxt->style ? authctxt->style : ""); 1359 authctxt->style ? authctxt->style : "");
1361 if (strcmp(userstyle, p) != 0) { 1360 if (strcmp(userstyle, cp) != 0) {
1362 logit("wrong user name passed to monitor: expected %s != %.100s", 1361 logit("wrong user name passed to monitor: "
1363 userstyle, p); 1362 "expected %s != %.100s", userstyle, cp);
1364 fail++; 1363 fail++;
1365 } 1364 }
1366 free(userstyle); 1365 free(userstyle);
1367 free(p); 1366 free(cp);
1368 buffer_skip_string(&b); /* service */ 1367 if ((r = sshbuf_skip_string(b)) != 0 || /* service */
1369 p = buffer_get_cstring(&b, NULL); 1368 (r = sshbuf_get_cstring(b, &cp, NULL)) != 0)
1370 if (strcmp(p, "hostbased") != 0) 1369 fatal("%s: buffer error: %s", __func__, ssh_err(r));
1370 if (strcmp(cp, "hostbased") != 0)
1371 fail++; 1371 fail++;
1372 free(p); 1372 free(cp);
1373 buffer_skip_string(&b); /* pkalg */ 1373 if ((r = sshbuf_skip_string(b)) != 0 || /* pkalg */
1374 buffer_skip_string(&b); /* pkblob */ 1374 (r = sshbuf_skip_string(b)) != 0) /* pkblob */
1375 fatal("%s: buffer error: %s", __func__, ssh_err(r));
1375 1376
1376 /* verify client host, strip trailing dot if necessary */ 1377 /* verify client host, strip trailing dot if necessary */
1377 p = buffer_get_string(&b, NULL); 1378 if ((r = sshbuf_get_cstring(b, &cp, NULL)) != 0)
1378 if (((len = strlen(p)) > 0) && p[len - 1] == '.') 1379 fatal("%s: buffer error: %s", __func__, ssh_err(r));
1379 p[len - 1] = '\0'; 1380 if (((len = strlen(cp)) > 0) && cp[len - 1] == '.')
1380 if (strcmp(p, chost) != 0) 1381 cp[len - 1] = '\0';
1382 if (strcmp(cp, chost) != 0)
1381 fail++; 1383 fail++;
1382 free(p); 1384 free(cp);
1383 1385
1384 /* verify client user */ 1386 /* verify client user */
1385 p = buffer_get_string(&b, NULL); 1387 if ((r = sshbuf_get_cstring(b, &cp, NULL)) != 0)
1386 if (strcmp(p, cuser) != 0) 1388 fatal("%s: buffer error: %s", __func__, ssh_err(r));
1389 if (strcmp(cp, cuser) != 0)
1387 fail++; 1390 fail++;
1388 free(p); 1391 free(cp);
1389 1392
1390 if (buffer_len(&b) != 0) 1393 if (sshbuf_len(b) != 0)
1391 fail++; 1394 fail++;
1392 buffer_free(&b); 1395 sshbuf_free(b);
1393 return (fail == 0); 1396 return (fail == 0);
1394} 1397}
1395 1398
@@ -1505,15 +1508,15 @@ mm_session_close(Session *s)
1505} 1508}
1506 1509
1507int 1510int
1508mm_answer_pty(int sock, Buffer *m) 1511mm_answer_pty(int sock, struct sshbuf *m)
1509{ 1512{
1510 extern struct monitor *pmonitor; 1513 extern struct monitor *pmonitor;
1511 Session *s; 1514 Session *s;
1512 int res, fd0; 1515 int r, res, fd0;
1513 1516
1514 debug3("%s entering", __func__); 1517 debug3("%s entering", __func__);
1515 1518
1516 buffer_clear(m); 1519 sshbuf_reset(m);
1517 s = session_new(); 1520 s = session_new();
1518 if (s == NULL) 1521 if (s == NULL)
1519 goto error; 1522 goto error;
@@ -1525,8 +1528,9 @@ mm_answer_pty(int sock, Buffer *m)
1525 goto error; 1528 goto error;
1526 pty_setowner(authctxt->pw, s->tty, authctxt->role); 1529 pty_setowner(authctxt->pw, s->tty, authctxt->role);
1527 1530
1528 buffer_put_int(m, 1); 1531 if ((r = sshbuf_put_u32(m, 1)) != 0 ||
1529 buffer_put_cstring(m, s->tty); 1532 (r = sshbuf_put_cstring(m, s->tty)) != 0)
1533 fatal("%s: buffer error: %s", __func__, ssh_err(r));
1530 1534
1531 /* We need to trick ttyslot */ 1535 /* We need to trick ttyslot */
1532 if (dup2(s->ttyfd, 0) == -1) 1536 if (dup2(s->ttyfd, 0) == -1)
@@ -1538,8 +1542,9 @@ mm_answer_pty(int sock, Buffer *m)
1538 close(0); 1542 close(0);
1539 1543
1540 /* send messages generated by record_login */ 1544 /* send messages generated by record_login */
1541 buffer_put_string(m, buffer_ptr(&loginmsg), buffer_len(&loginmsg)); 1545 if ((r = sshbuf_put_stringb(m, loginmsg)) != 0)
1542 buffer_clear(&loginmsg); 1546 fatal("%s: put login message: %s", __func__, ssh_err(r));
1547 sshbuf_reset(loginmsg);
1543 1548
1544 mm_request_send(sock, MONITOR_ANS_PTY, m); 1549 mm_request_send(sock, MONITOR_ANS_PTY, m);
1545 1550
@@ -1566,29 +1571,32 @@ mm_answer_pty(int sock, Buffer *m)
1566 error: 1571 error:
1567 if (s != NULL) 1572 if (s != NULL)
1568 mm_session_close(s); 1573 mm_session_close(s);
1569 buffer_put_int(m, 0); 1574 if ((r = sshbuf_put_u32(m, 0)) != 0)
1575 fatal("%s: buffer error: %s", __func__, ssh_err(r));
1570 mm_request_send(sock, MONITOR_ANS_PTY, m); 1576 mm_request_send(sock, MONITOR_ANS_PTY, m);
1571 return (0); 1577 return (0);
1572} 1578}
1573 1579
1574int 1580int
1575mm_answer_pty_cleanup(int sock, Buffer *m) 1581mm_answer_pty_cleanup(int sock, struct sshbuf *m)
1576{ 1582{
1577 Session *s; 1583 Session *s;
1578 char *tty; 1584 char *tty;
1585 int r;
1579 1586
1580 debug3("%s entering", __func__); 1587 debug3("%s entering", __func__);
1581 1588
1582 tty = buffer_get_string(m, NULL); 1589 if ((r = sshbuf_get_cstring(m, &tty, NULL)) != 0)
1590 fatal("%s: buffer error: %s", __func__, ssh_err(r));
1583 if ((s = session_by_tty(tty)) != NULL) 1591 if ((s = session_by_tty(tty)) != NULL)
1584 mm_session_close(s); 1592 mm_session_close(s);
1585 buffer_clear(m); 1593 sshbuf_reset(m);
1586 free(tty); 1594 free(tty);
1587 return (0); 1595 return (0);
1588} 1596}
1589 1597
1590int 1598int
1591mm_answer_term(int sock, Buffer *req) 1599mm_answer_term(int sock, struct sshbuf *req)
1592{ 1600{
1593 struct ssh *ssh = active_state; /* XXX */ 1601 struct ssh *ssh = active_state; /* XXX */
1594 extern struct monitor *pmonitor; 1602 extern struct monitor *pmonitor;
@@ -1617,14 +1625,18 @@ mm_answer_term(int sock, Buffer *req)
1617#ifdef SSH_AUDIT_EVENTS 1625#ifdef SSH_AUDIT_EVENTS
1618/* Report that an audit event occurred */ 1626/* Report that an audit event occurred */
1619int 1627int
1620mm_answer_audit_event(int socket, Buffer *m) 1628mm_answer_audit_event(int socket, struct sshbuf *m)
1621{ 1629{
1630 u_int n;
1622 ssh_audit_event_t event; 1631 ssh_audit_event_t event;
1632 int r;
1623 1633
1624 debug3("%s entering", __func__); 1634 debug3("%s entering", __func__);
1625 1635
1626 event = buffer_get_int(m); 1636 if ((r = sshbuf_get_u32(m, &n)) != 0)
1627 switch(event) { 1637 fatal("%s: buffer error: %s", __func__, ssh_err(r));
1638 event = (ssh_audit_event_t)n;
1639 switch (event) {
1628 case SSH_AUTH_FAIL_PUBKEY: 1640 case SSH_AUTH_FAIL_PUBKEY:
1629 case SSH_AUTH_FAIL_HOSTBASED: 1641 case SSH_AUTH_FAIL_HOSTBASED:
1630 case SSH_AUTH_FAIL_GSSAPI: 1642 case SSH_AUTH_FAIL_GSSAPI:
@@ -1642,13 +1654,14 @@ mm_answer_audit_event(int socket, Buffer *m)
1642} 1654}
1643 1655
1644int 1656int
1645mm_answer_audit_command(int socket, Buffer *m) 1657mm_answer_audit_command(int socket, struct sshbuf *m)
1646{ 1658{
1647 u_int len;
1648 char *cmd; 1659 char *cmd;
1660 int r;
1649 1661
1650 debug3("%s entering", __func__); 1662 debug3("%s entering", __func__);
1651 cmd = buffer_get_string(m, &len); 1663 if ((r = sshbuf_get_cstring(m, &cmd, NULL)) != 0)
1664 fatal("%s: buffer error: %s", __func__, ssh_err(r));
1652 /* sanity check command, if so how? */ 1665 /* sanity check command, if so how? */
1653 audit_run_command(cmd); 1666 audit_run_command(cmd);
1654 free(cmd); 1667 free(cmd);
@@ -1784,24 +1797,29 @@ monitor_reinit(struct monitor *mon)
1784 1797
1785#ifdef GSSAPI 1798#ifdef GSSAPI
1786int 1799int
1787mm_answer_gss_setup_ctx(int sock, Buffer *m) 1800mm_answer_gss_setup_ctx(int sock, struct sshbuf *m)
1788{ 1801{
1789 gss_OID_desc goid; 1802 gss_OID_desc goid;
1790 OM_uint32 major; 1803 OM_uint32 major;
1791 u_int len; 1804 size_t len;
1805 u_char *p;
1806 int r;
1792 1807
1793 if (!options.gss_authentication && !options.gss_keyex) 1808 if (!options.gss_authentication && !options.gss_keyex)
1794 fatal("%s: GSSAPI not enabled", __func__); 1809 fatal("%s: GSSAPI not enabled", __func__);
1795 1810
1796 goid.elements = buffer_get_string(m, &len); 1811 if ((r = sshbuf_get_string(m, &p, &len)) != 0)
1812 fatal("%s: buffer error: %s", __func__, ssh_err(r));
1813 goid.elements = p;
1797 goid.length = len; 1814 goid.length = len;
1798 1815
1799 major = ssh_gssapi_server_ctx(&gsscontext, &goid); 1816 major = ssh_gssapi_server_ctx(&gsscontext, &goid);
1800 1817
1801 free(goid.elements); 1818 free(goid.elements);
1802 1819
1803 buffer_clear(m); 1820 sshbuf_reset(m);
1804 buffer_put_int(m, major); 1821 if ((r = sshbuf_put_u32(m, major)) != 0)
1822 fatal("%s: buffer error: %s", __func__, ssh_err(r));
1805 1823
1806 mm_request_send(sock, MONITOR_ANS_GSSSETUP, m); 1824 mm_request_send(sock, MONITOR_ANS_GSSSETUP, m);
1807 1825
@@ -1812,26 +1830,27 @@ mm_answer_gss_setup_ctx(int sock, Buffer *m)
1812} 1830}
1813 1831
1814int 1832int
1815mm_answer_gss_accept_ctx(int sock, Buffer *m) 1833mm_answer_gss_accept_ctx(int sock, struct sshbuf *m)
1816{ 1834{
1817 gss_buffer_desc in; 1835 gss_buffer_desc in;
1818 gss_buffer_desc out = GSS_C_EMPTY_BUFFER; 1836 gss_buffer_desc out = GSS_C_EMPTY_BUFFER;
1819 OM_uint32 major, minor; 1837 OM_uint32 major, minor;
1820 OM_uint32 flags = 0; /* GSI needs this */ 1838 OM_uint32 flags = 0; /* GSI needs this */
1821 u_int len; 1839 int r;
1822 1840
1823 if (!options.gss_authentication && !options.gss_keyex) 1841 if (!options.gss_authentication && !options.gss_keyex)
1824 fatal("%s: GSSAPI not enabled", __func__); 1842 fatal("%s: GSSAPI not enabled", __func__);
1825 1843
1826 in.value = buffer_get_string(m, &len); 1844 if ((r = ssh_gssapi_get_buffer_desc(m, &in)) != 0)
1827 in.length = len; 1845 fatal("%s: buffer error: %s", __func__, ssh_err(r));
1828 major = ssh_gssapi_accept_ctx(gsscontext, &in, &out, &flags); 1846 major = ssh_gssapi_accept_ctx(gsscontext, &in, &out, &flags);
1829 free(in.value); 1847 free(in.value);
1830 1848
1831 buffer_clear(m); 1849 sshbuf_reset(m);
1832 buffer_put_int(m, major); 1850 if ((r = sshbuf_put_u32(m, major)) != 0 ||
1833 buffer_put_string(m, out.value, out.length); 1851 (r = sshbuf_put_string(m, out.value, out.length)) != 0 ||
1834 buffer_put_int(m, flags); 1852 (r = sshbuf_put_u32(m, flags)) != 0)
1853 fatal("%s: buffer error: %s", __func__, ssh_err(r));
1835 mm_request_send(sock, MONITOR_ANS_GSSSTEP, m); 1854 mm_request_send(sock, MONITOR_ANS_GSSSTEP, m);
1836 1855
1837 gss_release_buffer(&minor, &out); 1856 gss_release_buffer(&minor, &out);
@@ -1846,27 +1865,27 @@ mm_answer_gss_accept_ctx(int sock, Buffer *m)
1846} 1865}
1847 1866
1848int 1867int
1849mm_answer_gss_checkmic(int sock, Buffer *m) 1868mm_answer_gss_checkmic(int sock, struct sshbuf *m)
1850{ 1869{
1851 gss_buffer_desc gssbuf, mic; 1870 gss_buffer_desc gssbuf, mic;
1852 OM_uint32 ret; 1871 OM_uint32 ret;
1853 u_int len; 1872 int r;
1854 1873
1855 if (!options.gss_authentication && !options.gss_keyex) 1874 if (!options.gss_authentication && !options.gss_keyex)
1856 fatal("%s: GSSAPI not enabled", __func__); 1875 fatal("%s: GSSAPI not enabled", __func__);
1857 1876
1858 gssbuf.value = buffer_get_string(m, &len); 1877 if ((r = ssh_gssapi_get_buffer_desc(m, &gssbuf)) != 0 ||
1859 gssbuf.length = len; 1878 (r = ssh_gssapi_get_buffer_desc(m, &mic)) != 0)
1860 mic.value = buffer_get_string(m, &len); 1879 fatal("%s: buffer error: %s", __func__, ssh_err(r));
1861 mic.length = len;
1862 1880
1863 ret = ssh_gssapi_checkmic(gsscontext, &gssbuf, &mic); 1881 ret = ssh_gssapi_checkmic(gsscontext, &gssbuf, &mic);
1864 1882
1865 free(gssbuf.value); 1883 free(gssbuf.value);
1866 free(mic.value); 1884 free(mic.value);
1867 1885
1868 buffer_clear(m); 1886 sshbuf_reset(m);
1869 buffer_put_int(m, ret); 1887 if ((r = sshbuf_put_u32(m, ret)) != 0)
1888 fatal("%s: buffer error: %s", __func__, ssh_err(r));
1870 1889
1871 mm_request_send(sock, MONITOR_ANS_GSSCHECKMIC, m); 1890 mm_request_send(sock, MONITOR_ANS_GSSCHECKMIC, m);
1872 1891
@@ -1877,9 +1896,9 @@ mm_answer_gss_checkmic(int sock, Buffer *m)
1877} 1896}
1878 1897
1879int 1898int
1880mm_answer_gss_userok(int sock, Buffer *m) 1899mm_answer_gss_userok(int sock, struct sshbuf *m)
1881{ 1900{
1882 int authenticated; 1901 int r, authenticated;
1883 const char *displayname; 1902 const char *displayname;
1884 1903
1885 if (!options.gss_authentication && !options.gss_keyex) 1904 if (!options.gss_authentication && !options.gss_keyex)
@@ -1888,8 +1907,9 @@ mm_answer_gss_userok(int sock, Buffer *m)
1888 authenticated = authctxt->valid && 1907 authenticated = authctxt->valid &&
1889 ssh_gssapi_userok(authctxt->user, authctxt->pw); 1908 ssh_gssapi_userok(authctxt->user, authctxt->pw);
1890 1909
1891 buffer_clear(m); 1910 sshbuf_reset(m);
1892 buffer_put_int(m, authenticated); 1911 if ((r = sshbuf_put_u32(m, authenticated)) != 0)
1912 fatal("%s: buffer error: %s", __func__, ssh_err(r));
1893 1913
1894 debug3("%s: sending result %d", __func__, authenticated); 1914 debug3("%s: sending result %d", __func__, authenticated);
1895 mm_request_send(sock, MONITOR_ANS_GSSUSEROK, m); 1915 mm_request_send(sock, MONITOR_ANS_GSSUSEROK, m);
@@ -1904,17 +1924,21 @@ mm_answer_gss_userok(int sock, Buffer *m)
1904} 1924}
1905 1925
1906int 1926int
1907mm_answer_gss_sign(int socket, Buffer *m) 1927mm_answer_gss_sign(int socket, struct sshbuf *m)
1908{ 1928{
1909 gss_buffer_desc data; 1929 gss_buffer_desc data;
1910 gss_buffer_desc hash = GSS_C_EMPTY_BUFFER; 1930 gss_buffer_desc hash = GSS_C_EMPTY_BUFFER;
1911 OM_uint32 major, minor; 1931 OM_uint32 major, minor;
1912 u_int len; 1932 size_t len;
1933 u_char *p;
1934 int r;
1913 1935
1914 if (!options.gss_authentication && !options.gss_keyex) 1936 if (!options.gss_authentication && !options.gss_keyex)
1915 fatal("%s: GSSAPI not enabled", __func__); 1937 fatal("%s: GSSAPI not enabled", __func__);
1916 1938
1917 data.value = buffer_get_string(m, &len); 1939 if ((r = sshbuf_get_string(m, &p, &len)) != 0)
1940 fatal("%s: buffer error: %s", __func__, ssh_err(r));
1941 data.value = p;
1918 data.length = len; 1942 data.length = len;
1919 if (data.length != 20) 1943 if (data.length != 20)
1920 fatal("%s: data length incorrect: %d", __func__, 1944 fatal("%s: data length incorrect: %d", __func__,
@@ -1930,9 +1954,10 @@ mm_answer_gss_sign(int socket, Buffer *m)
1930 1954
1931 free(data.value); 1955 free(data.value);
1932 1956
1933 buffer_clear(m); 1957 sshbuf_reset(m);
1934 buffer_put_int(m, major); 1958 if ((r = sshbuf_put_u32(m, major)) != 0 ||
1935 buffer_put_string(m, hash.value, hash.length); 1959 (r = sshbuf_put_string(m, hash.value, hash.length)) != 0)
1960 fatal("%s: buffer error: %s", __func__, ssh_err(r));
1936 1961
1937 mm_request_send(socket, MONITOR_ANS_GSSSIGN, m); 1962 mm_request_send(socket, MONITOR_ANS_GSSSIGN, m);
1938 1963
@@ -1948,16 +1973,17 @@ mm_answer_gss_sign(int socket, Buffer *m)
1948} 1973}
1949 1974
1950int 1975int
1951mm_answer_gss_updatecreds(int socket, Buffer *m) { 1976mm_answer_gss_updatecreds(int socket, struct sshbuf *m) {
1952 ssh_gssapi_ccache store; 1977 ssh_gssapi_ccache store;
1953 int ok; 1978 int r, ok;
1954 1979
1955 if (!options.gss_authentication && !options.gss_keyex) 1980 if (!options.gss_authentication && !options.gss_keyex)
1956 fatal("%s: GSSAPI not enabled", __func__); 1981 fatal("%s: GSSAPI not enabled", __func__);
1957 1982
1958 store.filename = buffer_get_string(m, NULL); 1983 if ((r = sshbuf_get_cstring(m, &store.filename, NULL)) != 0 ||
1959 store.envvar = buffer_get_string(m, NULL); 1984 (r = sshbuf_get_cstring(m, &store.envvar, NULL)) != 0 ||
1960 store.envval = buffer_get_string(m, NULL); 1985 (r = sshbuf_get_cstring(m, &store.envval, NULL)) != 0)
1986 fatal("%s: buffer error: %s", __func__, ssh_err(r));
1961 1987
1962 ok = ssh_gssapi_update_creds(&store); 1988 ok = ssh_gssapi_update_creds(&store);
1963 1989
@@ -1965,8 +1991,9 @@ mm_answer_gss_updatecreds(int socket, Buffer *m) {
1965 free(store.envvar); 1991 free(store.envvar);
1966 free(store.envval); 1992 free(store.envval);
1967 1993
1968 buffer_clear(m); 1994 sshbuf_reset(m);
1969 buffer_put_int(m, ok); 1995 if ((r = sshbuf_put_u32(m, ok)) != 0)
1996 fatal("%s: buffer error: %s", __func__, ssh_err(r));
1970 1997
1971 mm_request_send(socket, MONITOR_ANS_GSSUPCREDS, m); 1998 mm_request_send(socket, MONITOR_ANS_GSSUPCREDS, m);
1972 1999
diff --git a/monitor.h b/monitor.h
index 4c7955d7a..8f65e684d 100644
--- a/monitor.h
+++ b/monitor.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: monitor.h,v 1.20 2016/09/28 16:33:07 djm Exp $ */ 1/* $OpenBSD: monitor.h,v 1.21 2018/07/09 21:53:45 markus Exp $ */
2 2
3/* 3/*
4 * Copyright 2002 Niels Provos <provos@citi.umich.edu> 4 * Copyright 2002 Niels Provos <provos@citi.umich.edu>
@@ -39,8 +39,6 @@ enum monitor_reqtype {
39 MONITOR_REQ_AUTHPASSWORD = 12, MONITOR_ANS_AUTHPASSWORD = 13, 39 MONITOR_REQ_AUTHPASSWORD = 12, MONITOR_ANS_AUTHPASSWORD = 13,
40 MONITOR_REQ_BSDAUTHQUERY = 14, MONITOR_ANS_BSDAUTHQUERY = 15, 40 MONITOR_REQ_BSDAUTHQUERY = 14, MONITOR_ANS_BSDAUTHQUERY = 15,
41 MONITOR_REQ_BSDAUTHRESPOND = 16, MONITOR_ANS_BSDAUTHRESPOND = 17, 41 MONITOR_REQ_BSDAUTHRESPOND = 16, MONITOR_ANS_BSDAUTHRESPOND = 17,
42 MONITOR_REQ_SKEYQUERY = 18, MONITOR_ANS_SKEYQUERY = 19,
43 MONITOR_REQ_SKEYRESPOND = 20, MONITOR_ANS_SKEYRESPOND = 21,
44 MONITOR_REQ_KEYALLOWED = 22, MONITOR_ANS_KEYALLOWED = 23, 42 MONITOR_REQ_KEYALLOWED = 22, MONITOR_ANS_KEYALLOWED = 23,
45 MONITOR_REQ_KEYVERIFY = 24, MONITOR_ANS_KEYVERIFY = 25, 43 MONITOR_REQ_KEYVERIFY = 24, MONITOR_ANS_KEYVERIFY = 25,
46 MONITOR_REQ_KEYEXPORT = 26, 44 MONITOR_REQ_KEYEXPORT = 26,
@@ -92,8 +90,8 @@ struct mon_table;
92int monitor_read(struct monitor*, struct mon_table *, struct mon_table **); 90int monitor_read(struct monitor*, struct mon_table *, struct mon_table **);
93 91
94/* Prototypes for request sending and receiving */ 92/* Prototypes for request sending and receiving */
95void mm_request_send(int, enum monitor_reqtype, Buffer *); 93void mm_request_send(int, enum monitor_reqtype, struct sshbuf *);
96void mm_request_receive(int, Buffer *); 94void mm_request_receive(int, struct sshbuf *);
97void mm_request_receive_expect(int, enum monitor_reqtype, Buffer *); 95void mm_request_receive_expect(int, enum monitor_reqtype, struct sshbuf *);
98 96
99#endif /* _MONITOR_H_ */ 97#endif /* _MONITOR_H_ */
diff --git a/monitor_wrap.c b/monitor_wrap.c
index 7b2d06c65..fd4d7eb3b 100644
--- a/monitor_wrap.c
+++ b/monitor_wrap.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: monitor_wrap.c,v 1.99 2018/03/03 03:15:51 djm Exp $ */ 1/* $OpenBSD: monitor_wrap.c,v 1.107 2018/07/20 03:46:34 djm Exp $ */
2/* 2/*
3 * Copyright 2002 Niels Provos <provos@citi.umich.edu> 3 * Copyright 2002 Niels Provos <provos@citi.umich.edu>
4 * Copyright 2002 Markus Friedl <markus@openbsd.org> 4 * Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -50,8 +50,8 @@
50#ifdef WITH_OPENSSL 50#ifdef WITH_OPENSSL
51#include "dh.h" 51#include "dh.h"
52#endif 52#endif
53#include "buffer.h" 53#include "sshbuf.h"
54#include "key.h" 54#include "sshkey.h"
55#include "cipher.h" 55#include "cipher.h"
56#include "kex.h" 56#include "kex.h"
57#include "hostfile.h" 57#include "hostfile.h"
@@ -61,13 +61,6 @@
61#include "mac.h" 61#include "mac.h"
62#include "log.h" 62#include "log.h"
63#include "auth-pam.h" 63#include "auth-pam.h"
64#ifdef TARGET_OS_MAC /* XXX Broken krb5 headers on Mac */
65#undef TARGET_OS_MAC
66#include "zlib.h"
67#define TARGET_OS_MAC 1
68#else
69#include "zlib.h"
70#endif
71#include "monitor.h" 64#include "monitor.h"
72#ifdef GSSAPI 65#ifdef GSSAPI
73#include "ssh-gss.h" 66#include "ssh-gss.h"
@@ -84,36 +77,35 @@
84#include "ssherr.h" 77#include "ssherr.h"
85 78
86/* Imports */ 79/* Imports */
87extern z_stream incoming_stream;
88extern z_stream outgoing_stream;
89extern struct monitor *pmonitor; 80extern struct monitor *pmonitor;
90extern Buffer loginmsg; 81extern struct sshbuf *loginmsg;
91extern ServerOptions options; 82extern ServerOptions options;
92 83
93void 84void
94mm_log_handler(LogLevel level, const char *msg, void *ctx) 85mm_log_handler(LogLevel level, const char *msg, void *ctx)
95{ 86{
96 Buffer log_msg; 87 struct sshbuf *log_msg;
97 struct monitor *mon = (struct monitor *)ctx; 88 struct monitor *mon = (struct monitor *)ctx;
89 int r;
90 size_t len;
98 91
99 if (mon->m_log_sendfd == -1) 92 if (mon->m_log_sendfd == -1)
100 fatal("%s: no log channel", __func__); 93 fatal("%s: no log channel", __func__);
101 94
102 buffer_init(&log_msg); 95 if ((log_msg = sshbuf_new()) == NULL)
103 /* 96 fatal("%s: sshbuf_new failed", __func__);
104 * Placeholder for packet length. Will be filled in with the actual
105 * packet length once the packet has been constucted. This saves
106 * fragile math.
107 */
108 buffer_put_int(&log_msg, 0);
109 97
110 buffer_put_int(&log_msg, level); 98 if ((r = sshbuf_put_u32(log_msg, 0)) != 0 || /* length; filled below */
111 buffer_put_cstring(&log_msg, msg); 99 (r = sshbuf_put_u32(log_msg, level)) != 0 ||
112 put_u32(buffer_ptr(&log_msg), buffer_len(&log_msg) - 4); 100 (r = sshbuf_put_cstring(log_msg, msg)) != 0)
113 if (atomicio(vwrite, mon->m_log_sendfd, buffer_ptr(&log_msg), 101 fatal("%s: buffer error: %s", __func__, ssh_err(r));
114 buffer_len(&log_msg)) != buffer_len(&log_msg)) 102 if ((len = sshbuf_len(log_msg)) < 4 || len > 0xffffffff)
103 fatal("%s: bad length %zu", __func__, len);
104 POKE_U32(sshbuf_mutable_ptr(log_msg), len - 4);
105 if (atomicio(vwrite, mon->m_log_sendfd,
106 sshbuf_mutable_ptr(log_msg), len) != len)
115 fatal("%s: write: %s", __func__, strerror(errno)); 107 fatal("%s: write: %s", __func__, strerror(errno));
116 buffer_free(&log_msg); 108 sshbuf_free(log_msg);
117} 109}
118 110
119int 111int
@@ -127,26 +119,29 @@ mm_is_monitor(void)
127} 119}
128 120
129void 121void
130mm_request_send(int sock, enum monitor_reqtype type, Buffer *m) 122mm_request_send(int sock, enum monitor_reqtype type, struct sshbuf *m)
131{ 123{
132 u_int mlen = buffer_len(m); 124 size_t mlen = sshbuf_len(m);
133 u_char buf[5]; 125 u_char buf[5];
134 126
135 debug3("%s entering: type %d", __func__, type); 127 debug3("%s entering: type %d", __func__, type);
136 128
137 put_u32(buf, mlen + 1); 129 if (mlen >= 0xffffffff)
130 fatal("%s: bad length %zu", __func__, mlen);
131 POKE_U32(buf, mlen + 1);
138 buf[4] = (u_char) type; /* 1st byte of payload is mesg-type */ 132 buf[4] = (u_char) type; /* 1st byte of payload is mesg-type */
139 if (atomicio(vwrite, sock, buf, sizeof(buf)) != sizeof(buf)) 133 if (atomicio(vwrite, sock, buf, sizeof(buf)) != sizeof(buf))
140 fatal("%s: write: %s", __func__, strerror(errno)); 134 fatal("%s: write: %s", __func__, strerror(errno));
141 if (atomicio(vwrite, sock, buffer_ptr(m), mlen) != mlen) 135 if (atomicio(vwrite, sock, sshbuf_mutable_ptr(m), mlen) != mlen)
142 fatal("%s: write: %s", __func__, strerror(errno)); 136 fatal("%s: write: %s", __func__, strerror(errno));
143} 137}
144 138
145void 139void
146mm_request_receive(int sock, Buffer *m) 140mm_request_receive(int sock, struct sshbuf *m)
147{ 141{
148 u_char buf[4]; 142 u_char buf[4], *p = NULL;
149 u_int msg_len; 143 u_int msg_len;
144 int r;
150 145
151 debug3("%s entering", __func__); 146 debug3("%s entering", __func__);
152 147
@@ -155,24 +150,27 @@ mm_request_receive(int sock, Buffer *m)
155 cleanup_exit(255); 150 cleanup_exit(255);
156 fatal("%s: read: %s", __func__, strerror(errno)); 151 fatal("%s: read: %s", __func__, strerror(errno));
157 } 152 }
158 msg_len = get_u32(buf); 153 msg_len = PEEK_U32(buf);
159 if (msg_len > 256 * 1024) 154 if (msg_len > 256 * 1024)
160 fatal("%s: read: bad msg_len %d", __func__, msg_len); 155 fatal("%s: read: bad msg_len %d", __func__, msg_len);
161 buffer_clear(m); 156 sshbuf_reset(m);
162 buffer_append_space(m, msg_len); 157 if ((r = sshbuf_reserve(m, msg_len, &p)) != 0)
163 if (atomicio(read, sock, buffer_ptr(m), msg_len) != msg_len) 158 fatal("%s: buffer error: %s", __func__, ssh_err(r));
159 if (atomicio(read, sock, p, msg_len) != msg_len)
164 fatal("%s: read: %s", __func__, strerror(errno)); 160 fatal("%s: read: %s", __func__, strerror(errno));
165} 161}
166 162
167void 163void
168mm_request_receive_expect(int sock, enum monitor_reqtype type, Buffer *m) 164mm_request_receive_expect(int sock, enum monitor_reqtype type, struct sshbuf *m)
169{ 165{
170 u_char rtype; 166 u_char rtype;
167 int r;
171 168
172 debug3("%s entering: type %d", __func__, type); 169 debug3("%s entering: type %d", __func__, type);
173 170
174 mm_request_receive(sock, m); 171 mm_request_receive(sock, m);
175 rtype = buffer_get_char(m); 172 if ((r = sshbuf_get_u8(m, &rtype)) != 0)
173 fatal("%s: buffer error: %s", __func__, ssh_err(r));
176 if (rtype != type) 174 if (rtype != type)
177 fatal("%s: read: rtype %d != type %d", __func__, 175 fatal("%s: read: rtype %d != type %d", __func__,
178 rtype, type); 176 rtype, type);
@@ -183,20 +181,24 @@ DH *
183mm_choose_dh(int min, int nbits, int max) 181mm_choose_dh(int min, int nbits, int max)
184{ 182{
185 BIGNUM *p, *g; 183 BIGNUM *p, *g;
186 int success = 0; 184 int r;
187 Buffer m; 185 u_char success = 0;
186 struct sshbuf *m;
188 187
189 buffer_init(&m); 188 if ((m = sshbuf_new()) == NULL)
190 buffer_put_int(&m, min); 189 fatal("%s: sshbuf_new failed", __func__);
191 buffer_put_int(&m, nbits); 190 if ((r = sshbuf_put_u32(m, min)) != 0 ||
192 buffer_put_int(&m, max); 191 (r = sshbuf_put_u32(m, nbits)) != 0 ||
192 (r = sshbuf_put_u32(m, max)) != 0)
193 fatal("%s: buffer error: %s", __func__, ssh_err(r));
193 194
194 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_MODULI, &m); 195 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_MODULI, m);
195 196
196 debug3("%s: waiting for MONITOR_ANS_MODULI", __func__); 197 debug3("%s: waiting for MONITOR_ANS_MODULI", __func__);
197 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_MODULI, &m); 198 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_MODULI, m);
198 199
199 success = buffer_get_char(&m); 200 if ((r = sshbuf_get_u8(m, &success)) != 0)
201 fatal("%s: buffer error: %s", __func__, ssh_err(r));
200 if (success == 0) 202 if (success == 0)
201 fatal("%s: MONITOR_ANS_MODULI failed", __func__); 203 fatal("%s: MONITOR_ANS_MODULI failed", __func__);
202 204
@@ -204,36 +206,43 @@ mm_choose_dh(int min, int nbits, int max)
204 fatal("%s: BN_new failed", __func__); 206 fatal("%s: BN_new failed", __func__);
205 if ((g = BN_new()) == NULL) 207 if ((g = BN_new()) == NULL)
206 fatal("%s: BN_new failed", __func__); 208 fatal("%s: BN_new failed", __func__);
207 buffer_get_bignum2(&m, p); 209 if ((r = sshbuf_get_bignum2(m, p)) != 0 ||
208 buffer_get_bignum2(&m, g); 210 (r = sshbuf_get_bignum2(m, g)) != 0)
211 fatal("%s: buffer error: %s", __func__, ssh_err(r));
209 212
210 debug3("%s: remaining %d", __func__, buffer_len(&m)); 213 debug3("%s: remaining %zu", __func__, sshbuf_len(m));
211 buffer_free(&m); 214 sshbuf_free(m);
212 215
213 return (dh_new_group(g, p)); 216 return (dh_new_group(g, p));
214} 217}
215#endif 218#endif
216 219
217int 220int
218mm_key_sign(struct sshkey *key, u_char **sigp, u_int *lenp, 221mm_sshkey_sign(struct sshkey *key, u_char **sigp, size_t *lenp,
219 const u_char *data, u_int datalen, const char *hostkey_alg) 222 const u_char *data, size_t datalen, const char *hostkey_alg, u_int compat)
220{ 223{
221 struct kex *kex = *pmonitor->m_pkex; 224 struct kex *kex = *pmonitor->m_pkex;
222 Buffer m; 225 struct sshbuf *m;
226 u_int ndx = kex->host_key_index(key, 0, active_state);
227 int r;
223 228
224 debug3("%s entering", __func__); 229 debug3("%s entering", __func__);
225 230
226 buffer_init(&m); 231 if ((m = sshbuf_new()) == NULL)
227 buffer_put_int(&m, kex->host_key_index(key, 0, active_state)); 232 fatal("%s: sshbuf_new failed", __func__);
228 buffer_put_string(&m, data, datalen); 233 if ((r = sshbuf_put_u32(m, ndx)) != 0 ||
229 buffer_put_cstring(&m, hostkey_alg); 234 (r = sshbuf_put_string(m, data, datalen)) != 0 ||
235 (r = sshbuf_put_cstring(m, hostkey_alg)) != 0 ||
236 (r = sshbuf_put_u32(m, compat)) != 0)
237 fatal("%s: buffer error: %s", __func__, ssh_err(r));
230 238
231 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_SIGN, &m); 239 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_SIGN, m);
232 240
233 debug3("%s: waiting for MONITOR_ANS_SIGN", __func__); 241 debug3("%s: waiting for MONITOR_ANS_SIGN", __func__);
234 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_SIGN, &m); 242 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_SIGN, m);
235 *sigp = buffer_get_string(&m, lenp); 243 if ((r = sshbuf_get_string(m, sigp, lenp)) != 0)
236 buffer_free(&m); 244 fatal("%s: buffer error: %s", __func__, ssh_err(r));
245 sshbuf_free(m);
237 246
238 return (0); 247 return (0);
239} 248}
@@ -242,54 +251,80 @@ struct passwd *
242mm_getpwnamallow(const char *username) 251mm_getpwnamallow(const char *username)
243{ 252{
244 struct ssh *ssh = active_state; /* XXX */ 253 struct ssh *ssh = active_state; /* XXX */
245 Buffer m; 254 struct sshbuf *m;
246 struct passwd *pw; 255 struct passwd *pw;
247 u_int len, i; 256 size_t len;
257 u_int i;
248 ServerOptions *newopts; 258 ServerOptions *newopts;
259 int r;
260 u_char ok;
261 const u_char *p;
249 262
250 debug3("%s entering", __func__); 263 debug3("%s entering", __func__);
251 264
252 buffer_init(&m); 265 if ((m = sshbuf_new()) == NULL)
253 buffer_put_cstring(&m, username); 266 fatal("%s: sshbuf_new failed", __func__);
267 if ((r = sshbuf_put_cstring(m, username)) != 0)
268 fatal("%s: buffer error: %s", __func__, ssh_err(r));
254 269
255 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PWNAM, &m); 270 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PWNAM, m);
256 271
257 debug3("%s: waiting for MONITOR_ANS_PWNAM", __func__); 272 debug3("%s: waiting for MONITOR_ANS_PWNAM", __func__);
258 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_PWNAM, &m); 273 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_PWNAM, m);
259 274
260 if (buffer_get_char(&m) == 0) { 275 if ((r = sshbuf_get_u8(m, &ok)) != 0)
276 fatal("%s: buffer error: %s", __func__, ssh_err(r));
277 if (ok == 0) {
261 pw = NULL; 278 pw = NULL;
262 goto out; 279 goto out;
263 } 280 }
264 pw = buffer_get_string(&m, &len); 281
265 if (len != sizeof(struct passwd)) 282 /* XXX don't like passing struct passwd like this */
283 pw = xcalloc(sizeof(*pw), 1);
284 if ((r = sshbuf_get_string_direct(m, &p, &len)) != 0)
285 fatal("%s: buffer error: %s", __func__, ssh_err(r));
286 if (len != sizeof(*pw))
266 fatal("%s: struct passwd size mismatch", __func__); 287 fatal("%s: struct passwd size mismatch", __func__);
267 pw->pw_name = buffer_get_string(&m, NULL); 288 memcpy(pw, p, sizeof(*pw));
268 pw->pw_passwd = buffer_get_string(&m, NULL); 289
290 if ((r = sshbuf_get_cstring(m, &pw->pw_name, NULL)) != 0 ||
291 (r = sshbuf_get_cstring(m, &pw->pw_passwd, NULL)) != 0 ||
269#ifdef HAVE_STRUCT_PASSWD_PW_GECOS 292#ifdef HAVE_STRUCT_PASSWD_PW_GECOS
270 pw->pw_gecos = buffer_get_string(&m, NULL); 293 (r = sshbuf_get_cstring(m, &pw->pw_gecos, NULL)) != 0 ||
271#endif 294#endif
272#ifdef HAVE_STRUCT_PASSWD_PW_CLASS 295#ifdef HAVE_STRUCT_PASSWD_PW_CLASS
273 pw->pw_class = buffer_get_string(&m, NULL); 296 (r = sshbuf_get_cstring(m, &pw->pw_class, NULL)) != 0 ||
274#endif 297#endif
275 pw->pw_dir = buffer_get_string(&m, NULL); 298 (r = sshbuf_get_cstring(m, &pw->pw_dir, NULL)) != 0 ||
276 pw->pw_shell = buffer_get_string(&m, NULL); 299 (r = sshbuf_get_cstring(m, &pw->pw_shell, NULL)) != 0)
300 fatal("%s: buffer error: %s", __func__, ssh_err(r));
277 301
278out: 302out:
279 /* copy options block as a Match directive may have changed some */ 303 /* copy options block as a Match directive may have changed some */
280 newopts = buffer_get_string(&m, &len); 304 if ((r = sshbuf_get_string_direct(m, &p, &len)) != 0)
305 fatal("%s: buffer error: %s", __func__, ssh_err(r));
281 if (len != sizeof(*newopts)) 306 if (len != sizeof(*newopts))
282 fatal("%s: option block size mismatch", __func__); 307 fatal("%s: option block size mismatch", __func__);
308 newopts = xcalloc(sizeof(*newopts), 1);
309 memcpy(newopts, p, sizeof(*newopts));
283 310
284#define M_CP_STROPT(x) do { \ 311#define M_CP_STROPT(x) do { \
285 if (newopts->x != NULL) \ 312 if (newopts->x != NULL) { \
286 newopts->x = buffer_get_string(&m, NULL); \ 313 if ((r = sshbuf_get_cstring(m, \
314 &newopts->x, NULL)) != 0) \
315 fatal("%s: buffer error: %s", \
316 __func__, ssh_err(r)); \
317 } \
287 } while (0) 318 } while (0)
288#define M_CP_STRARRAYOPT(x, nx) do { \ 319#define M_CP_STRARRAYOPT(x, nx) do { \
289 newopts->x = newopts->nx == 0 ? \ 320 newopts->x = newopts->nx == 0 ? \
290 NULL : xcalloc(newopts->nx, sizeof(*newopts->x)); \ 321 NULL : xcalloc(newopts->nx, sizeof(*newopts->x)); \
291 for (i = 0; i < newopts->nx; i++) \ 322 for (i = 0; i < newopts->nx; i++) { \
292 newopts->x[i] = buffer_get_string(&m, NULL); \ 323 if ((r = sshbuf_get_cstring(m, \
324 &newopts->x[i], NULL)) != 0) \
325 fatal("%s: buffer error: %s", \
326 __func__, ssh_err(r)); \
327 } \
293 } while (0) 328 } while (0)
294 /* See comment in servconf.h */ 329 /* See comment in servconf.h */
295 COPY_MATCH_STRING_OPTS(); 330 COPY_MATCH_STRING_OPTS();
@@ -301,7 +336,7 @@ out:
301 process_permitopen(ssh, &options); 336 process_permitopen(ssh, &options);
302 free(newopts); 337 free(newopts);
303 338
304 buffer_free(&m); 339 sshbuf_free(m);
305 340
306 return (pw); 341 return (pw);
307} 342}
@@ -309,19 +344,22 @@ out:
309char * 344char *
310mm_auth2_read_banner(void) 345mm_auth2_read_banner(void)
311{ 346{
312 Buffer m; 347 struct sshbuf *m;
313 char *banner; 348 char *banner;
349 int r;
314 350
315 debug3("%s entering", __func__); 351 debug3("%s entering", __func__);
316 352
317 buffer_init(&m); 353 if ((m = sshbuf_new()) == NULL)
318 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUTH2_READ_BANNER, &m); 354 fatal("%s: sshbuf_new failed", __func__);
319 buffer_clear(&m); 355 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUTH2_READ_BANNER, m);
356 sshbuf_reset(m);
320 357
321 mm_request_receive_expect(pmonitor->m_recvfd, 358 mm_request_receive_expect(pmonitor->m_recvfd,
322 MONITOR_ANS_AUTH2_READ_BANNER, &m); 359 MONITOR_ANS_AUTH2_READ_BANNER, m);
323 banner = buffer_get_string(&m, NULL); 360 if ((r = sshbuf_get_cstring(m, &banner, NULL)) != 0)
324 buffer_free(&m); 361 fatal("%s: buffer error: %s", __func__, ssh_err(r));
362 sshbuf_free(m);
325 363
326 /* treat empty banner as missing banner */ 364 /* treat empty banner as missing banner */
327 if (strlen(banner) == 0) { 365 if (strlen(banner) == 0) {
@@ -336,18 +374,21 @@ mm_auth2_read_banner(void)
336void 374void
337mm_inform_authserv(char *service, char *style, char *role) 375mm_inform_authserv(char *service, char *style, char *role)
338{ 376{
339 Buffer m; 377 struct sshbuf *m;
378 int r;
340 379
341 debug3("%s entering", __func__); 380 debug3("%s entering", __func__);
342 381
343 buffer_init(&m); 382 if ((m = sshbuf_new()) == NULL)
344 buffer_put_cstring(&m, service); 383 fatal("%s: sshbuf_new failed", __func__);
345 buffer_put_cstring(&m, style ? style : ""); 384 if ((r = sshbuf_put_cstring(m, service)) != 0 ||
346 buffer_put_cstring(&m, role ? role : ""); 385 (r = sshbuf_put_cstring(m, style ? style : "")) != 0 ||
386 (r = sshbuf_put_cstring(m, role ? role : "")) != 0)
387 fatal("%s: buffer error: %s", __func__, ssh_err(r));
347 388
348 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUTHSERV, &m); 389 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUTHSERV, m);
349 390
350 buffer_free(&m); 391 sshbuf_free(m);
351} 392}
352 393
353/* Inform the privileged process about role */ 394/* Inform the privileged process about role */
@@ -355,40 +396,54 @@ mm_inform_authserv(char *service, char *style, char *role)
355void 396void
356mm_inform_authrole(char *role) 397mm_inform_authrole(char *role)
357{ 398{
358 Buffer m; 399 struct sshbuf *m;
400 int r;
359 401
360 debug3("%s entering", __func__); 402 debug3("%s entering", __func__);
361 403
362 buffer_init(&m); 404 if ((m = sshbuf_new()) == NULL)
363 buffer_put_cstring(&m, role ? role : ""); 405 fatal("%s: sshbuf_new failed", __func__);
406 if ((r = sshbuf_put_cstring(m, role ? role : "")) != 0)
407 fatal("%s: buffer error: %s", __func__, ssh_err(r));
364 408
365 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUTHROLE, &m); 409 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUTHROLE, m);
366 410
367 buffer_free(&m); 411 sshbuf_free(m);
368} 412}
369 413
370/* Do the password authentication */ 414/* Do the password authentication */
371int 415int
372mm_auth_password(struct ssh *ssh, char *password) 416mm_auth_password(struct ssh *ssh, char *password)
373{ 417{
374 Buffer m; 418 struct sshbuf *m;
375 int authenticated = 0; 419 int r, authenticated = 0;
420#ifdef USE_PAM
421 u_int maxtries = 0;
422#endif
376 423
377 debug3("%s entering", __func__); 424 debug3("%s entering", __func__);
378 425
379 buffer_init(&m); 426 if ((m = sshbuf_new()) == NULL)
380 buffer_put_cstring(&m, password); 427 fatal("%s: sshbuf_new failed", __func__);
381 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUTHPASSWORD, &m); 428 if ((r = sshbuf_put_cstring(m, password)) != 0)
429 fatal("%s: buffer error: %s", __func__, ssh_err(r));
430 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUTHPASSWORD, m);
382 431
383 debug3("%s: waiting for MONITOR_ANS_AUTHPASSWORD", __func__); 432 debug3("%s: waiting for MONITOR_ANS_AUTHPASSWORD", __func__);
384 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_AUTHPASSWORD, &m); 433 mm_request_receive_expect(pmonitor->m_recvfd,
434 MONITOR_ANS_AUTHPASSWORD, m);
385 435
386 authenticated = buffer_get_int(&m); 436 if ((r = sshbuf_get_u32(m, &authenticated)) != 0)
437 fatal("%s: buffer error: %s", __func__, ssh_err(r));
387#ifdef USE_PAM 438#ifdef USE_PAM
388 sshpam_set_maxtries_reached(buffer_get_int(&m)); 439 if ((r = sshbuf_get_u32(m, &maxtries)) != 0)
440 fatal("%s: buffer error: %s", __func__, ssh_err(r));
441 if (maxtries > INT_MAX)
442 fatal("%s: bad maxtries %u", __func__, maxtries);
443 sshpam_set_maxtries_reached(maxtries);
389#endif 444#endif
390 445
391 buffer_free(&m); 446 sshbuf_free(m);
392 447
393 debug3("%s: user %sauthenticated", 448 debug3("%s: user %sauthenticated",
394 __func__, authenticated ? "" : "not "); 449 __func__, authenticated ? "" : "not ");
@@ -414,9 +469,7 @@ int
414mm_key_allowed(enum mm_keytype type, const char *user, const char *host, 469mm_key_allowed(enum mm_keytype type, const char *user, const char *host,
415 struct sshkey *key, int pubkey_auth_attempt, struct sshauthopt **authoptp) 470 struct sshkey *key, int pubkey_auth_attempt, struct sshauthopt **authoptp)
416{ 471{
417 Buffer m; 472 struct sshbuf *m;
418 u_char *blob;
419 u_int len;
420 int r, allowed = 0; 473 int r, allowed = 0;
421 struct sshauthopt *opts = NULL; 474 struct sshauthopt *opts = NULL;
422 475
@@ -425,31 +478,29 @@ mm_key_allowed(enum mm_keytype type, const char *user, const char *host,
425 if (authoptp != NULL) 478 if (authoptp != NULL)
426 *authoptp = NULL; 479 *authoptp = NULL;
427 480
428 /* Convert the key to a blob and the pass it over */ 481 if ((m = sshbuf_new()) == NULL)
429 if (!key_to_blob(key, &blob, &len)) 482 fatal("%s: sshbuf_new failed", __func__);
430 return 0; 483 if ((r = sshbuf_put_u32(m, type)) != 0 ||
431 484 (r = sshbuf_put_cstring(m, user ? user : "")) != 0 ||
432 buffer_init(&m); 485 (r = sshbuf_put_cstring(m, host ? host : "")) != 0 ||
433 buffer_put_int(&m, type); 486 (r = sshkey_puts(key, m)) != 0 ||
434 buffer_put_cstring(&m, user ? user : ""); 487 (r = sshbuf_put_u32(m, pubkey_auth_attempt)) != 0)
435 buffer_put_cstring(&m, host ? host : ""); 488 fatal("%s: buffer error: %s", __func__, ssh_err(r));
436 buffer_put_string(&m, blob, len);
437 buffer_put_int(&m, pubkey_auth_attempt);
438 free(blob);
439 489
440 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_KEYALLOWED, &m); 490 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_KEYALLOWED, m);
441 491
442 debug3("%s: waiting for MONITOR_ANS_KEYALLOWED", __func__); 492 debug3("%s: waiting for MONITOR_ANS_KEYALLOWED", __func__);
443 mm_request_receive_expect(pmonitor->m_recvfd, 493 mm_request_receive_expect(pmonitor->m_recvfd,
444 MONITOR_ANS_KEYALLOWED, &m); 494 MONITOR_ANS_KEYALLOWED, m);
445 495
446 allowed = buffer_get_int(&m); 496 if ((r = sshbuf_get_u32(m, &allowed)) != 0)
497 fatal("%s: buffer error: %s", __func__, ssh_err(r));
447 if (allowed && type == MM_USERKEY) { 498 if (allowed && type == MM_USERKEY) {
448 if ((r = sshauthopt_deserialise(&m, &opts)) != 0) 499 if ((r = sshauthopt_deserialise(m, &opts)) != 0)
449 fatal("%s: sshauthopt_deserialise: %s", 500 fatal("%s: sshauthopt_deserialise: %s",
450 __func__, ssh_err(r)); 501 __func__, ssh_err(r));
451 } 502 }
452 buffer_free(&m); 503 sshbuf_free(m);
453 504
454 if (authoptp != NULL) { 505 if (authoptp != NULL) {
455 *authoptp = opts; 506 *authoptp = opts;
@@ -470,32 +521,31 @@ int
470mm_sshkey_verify(const struct sshkey *key, const u_char *sig, size_t siglen, 521mm_sshkey_verify(const struct sshkey *key, const u_char *sig, size_t siglen,
471 const u_char *data, size_t datalen, const char *sigalg, u_int compat) 522 const u_char *data, size_t datalen, const char *sigalg, u_int compat)
472{ 523{
473 Buffer m; 524 struct sshbuf *m;
474 u_char *blob;
475 u_int len;
476 u_int encoded_ret = 0; 525 u_int encoded_ret = 0;
526 int r;
477 527
478 debug3("%s entering", __func__); 528 debug3("%s entering", __func__);
479 529
480 /* Convert the key to a blob and the pass it over */
481 if (!key_to_blob(key, &blob, &len))
482 return (0);
483 530
484 buffer_init(&m); 531 if ((m = sshbuf_new()) == NULL)
485 buffer_put_string(&m, blob, len); 532 fatal("%s: sshbuf_new failed", __func__);
486 buffer_put_string(&m, sig, siglen); 533 if ((r = sshkey_puts(key, m)) != 0 ||
487 buffer_put_string(&m, data, datalen); 534 (r = sshbuf_put_string(m, sig, siglen)) != 0 ||
488 buffer_put_cstring(&m, sigalg == NULL ? "" : sigalg); 535 (r = sshbuf_put_string(m, data, datalen)) != 0 ||
489 free(blob); 536 (r = sshbuf_put_cstring(m, sigalg == NULL ? "" : sigalg)) != 0)
537 fatal("%s: buffer error: %s", __func__, ssh_err(r));
490 538
491 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_KEYVERIFY, &m); 539 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_KEYVERIFY, m);
492 540
493 debug3("%s: waiting for MONITOR_ANS_KEYVERIFY", __func__); 541 debug3("%s: waiting for MONITOR_ANS_KEYVERIFY", __func__);
494 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_KEYVERIFY, &m); 542 mm_request_receive_expect(pmonitor->m_recvfd,
543 MONITOR_ANS_KEYVERIFY, m);
495 544
496 encoded_ret = buffer_get_int(&m); 545 if ((r = sshbuf_get_u32(m, &encoded_ret)) != 0)
546 fatal("%s: buffer error: %s", __func__, ssh_err(r));
497 547
498 buffer_free(&m); 548 sshbuf_free(m);
499 549
500 if (encoded_ret != 0) 550 if (encoded_ret != 0)
501 return SSH_ERR_SIGNATURE_INVALID; 551 return SSH_ERR_SIGNATURE_INVALID;
@@ -522,9 +572,9 @@ mm_send_keystate(struct monitor *monitor)
522int 572int
523mm_pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, size_t namebuflen) 573mm_pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, size_t namebuflen)
524{ 574{
525 Buffer m; 575 struct sshbuf *m;
526 char *p, *msg; 576 char *p, *msg;
527 int success = 0, tmp1 = -1, tmp2 = -1; 577 int success = 0, tmp1 = -1, tmp2 = -1, r;
528 578
529 /* Kludge: ensure there are fds free to receive the pty/tty */ 579 /* Kludge: ensure there are fds free to receive the pty/tty */
530 if ((tmp1 = dup(pmonitor->m_recvfd)) == -1 || 580 if ((tmp1 = dup(pmonitor->m_recvfd)) == -1 ||
@@ -539,26 +589,30 @@ mm_pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, size_t namebuflen)
539 close(tmp1); 589 close(tmp1);
540 close(tmp2); 590 close(tmp2);
541 591
542 buffer_init(&m); 592 if ((m = sshbuf_new()) == NULL)
543 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PTY, &m); 593 fatal("%s: sshbuf_new failed", __func__);
594 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PTY, m);
544 595
545 debug3("%s: waiting for MONITOR_ANS_PTY", __func__); 596 debug3("%s: waiting for MONITOR_ANS_PTY", __func__);
546 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_PTY, &m); 597 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_PTY, m);
547 598
548 success = buffer_get_int(&m); 599 if ((r = sshbuf_get_u32(m, &success)) != 0)
600 fatal("%s: buffer error: %s", __func__, ssh_err(r));
549 if (success == 0) { 601 if (success == 0) {
550 debug3("%s: pty alloc failed", __func__); 602 debug3("%s: pty alloc failed", __func__);
551 buffer_free(&m); 603 sshbuf_free(m);
552 return (0); 604 return (0);
553 } 605 }
554 p = buffer_get_string(&m, NULL); 606 if ((r = sshbuf_get_cstring(m, &p, NULL)) != 0 ||
555 msg = buffer_get_string(&m, NULL); 607 (r = sshbuf_get_cstring(m, &msg, NULL)) != 0)
556 buffer_free(&m); 608 fatal("%s: buffer error: %s", __func__, ssh_err(r));
609 sshbuf_free(m);
557 610
558 strlcpy(namebuf, p, namebuflen); /* Possible truncation */ 611 strlcpy(namebuf, p, namebuflen); /* Possible truncation */
559 free(p); 612 free(p);
560 613
561 buffer_append(&loginmsg, msg, strlen(msg)); 614 if ((r = sshbuf_put(loginmsg, msg, strlen(msg))) != 0)
615 fatal("%s: buffer error: %s", __func__, ssh_err(r));
562 free(msg); 616 free(msg);
563 617
564 if ((*ptyfd = mm_receive_fd(pmonitor->m_recvfd)) == -1 || 618 if ((*ptyfd = mm_receive_fd(pmonitor->m_recvfd)) == -1 ||
@@ -572,14 +626,17 @@ mm_pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, size_t namebuflen)
572void 626void
573mm_session_pty_cleanup2(Session *s) 627mm_session_pty_cleanup2(Session *s)
574{ 628{
575 Buffer m; 629 struct sshbuf *m;
630 int r;
576 631
577 if (s->ttyfd == -1) 632 if (s->ttyfd == -1)
578 return; 633 return;
579 buffer_init(&m); 634 if ((m = sshbuf_new()) == NULL)
580 buffer_put_cstring(&m, s->tty); 635 fatal("%s: sshbuf_new failed", __func__);
581 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PTYCLEANUP, &m); 636 if ((r = sshbuf_put_cstring(m, s->tty)) != 0)
582 buffer_free(&m); 637 fatal("%s: buffer error: %s", __func__, ssh_err(r));
638 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PTYCLEANUP, m);
639 sshbuf_free(m);
583 640
584 /* closed dup'ed master */ 641 /* closed dup'ed master */
585 if (s->ptymaster != -1 && close(s->ptymaster) < 0) 642 if (s->ptymaster != -1 && close(s->ptymaster) < 0)
@@ -594,40 +651,44 @@ mm_session_pty_cleanup2(Session *s)
594void 651void
595mm_start_pam(Authctxt *authctxt) 652mm_start_pam(Authctxt *authctxt)
596{ 653{
597 Buffer m; 654 struct sshbuf *m;
598 655
599 debug3("%s entering", __func__); 656 debug3("%s entering", __func__);
600 if (!options.use_pam) 657 if (!options.use_pam)
601 fatal("UsePAM=no, but ended up in %s anyway", __func__); 658 fatal("UsePAM=no, but ended up in %s anyway", __func__);
659 if ((m = sshbuf_new()) == NULL)
660 fatal("%s: sshbuf_new failed", __func__);
661 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_START, m);
602 662
603 buffer_init(&m); 663 sshbuf_free(m);
604 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_START, &m);
605
606 buffer_free(&m);
607} 664}
608 665
609u_int 666u_int
610mm_do_pam_account(void) 667mm_do_pam_account(void)
611{ 668{
612 Buffer m; 669 struct sshbuf *m;
613 u_int ret; 670 u_int ret;
614 char *msg; 671 char *msg;
672 size_t msglen;
673 int r;
615 674
616 debug3("%s entering", __func__); 675 debug3("%s entering", __func__);
617 if (!options.use_pam) 676 if (!options.use_pam)
618 fatal("UsePAM=no, but ended up in %s anyway", __func__); 677 fatal("UsePAM=no, but ended up in %s anyway", __func__);
619 678
620 buffer_init(&m); 679 if ((m = sshbuf_new()) == NULL)
621 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_ACCOUNT, &m); 680 fatal("%s: sshbuf_new failed", __func__);
681 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_ACCOUNT, m);
622 682
623 mm_request_receive_expect(pmonitor->m_recvfd, 683 mm_request_receive_expect(pmonitor->m_recvfd,
624 MONITOR_ANS_PAM_ACCOUNT, &m); 684 MONITOR_ANS_PAM_ACCOUNT, m);
625 ret = buffer_get_int(&m); 685 if ((r = sshbuf_get_u32(m, &ret)) != 0 ||
626 msg = buffer_get_string(&m, NULL); 686 (r = sshbuf_get_cstring(m, &msg, &msglen)) != 0 ||
627 buffer_append(&loginmsg, msg, strlen(msg)); 687 (r = sshbuf_put(loginmsg, msg, msglen)) != 0)
628 free(msg); 688 fatal("%s: buffer error: %s", __func__, ssh_err(r));
629 689
630 buffer_free(&m); 690 free(msg);
691 sshbuf_free(m);
631 692
632 debug3("%s returning %d", __func__, ret); 693 debug3("%s returning %d", __func__, ret);
633 694
@@ -637,21 +698,24 @@ mm_do_pam_account(void)
637void * 698void *
638mm_sshpam_init_ctx(Authctxt *authctxt) 699mm_sshpam_init_ctx(Authctxt *authctxt)
639{ 700{
640 Buffer m; 701 struct sshbuf *m;
641 int success; 702 int r, success;
642 703
643 debug3("%s", __func__); 704 debug3("%s", __func__);
644 buffer_init(&m); 705 if ((m = sshbuf_new()) == NULL)
645 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_INIT_CTX, &m); 706 fatal("%s: sshbuf_new failed", __func__);
707 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_INIT_CTX, m);
646 debug3("%s: waiting for MONITOR_ANS_PAM_INIT_CTX", __func__); 708 debug3("%s: waiting for MONITOR_ANS_PAM_INIT_CTX", __func__);
647 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_PAM_INIT_CTX, &m); 709 mm_request_receive_expect(pmonitor->m_recvfd,
648 success = buffer_get_int(&m); 710 MONITOR_ANS_PAM_INIT_CTX, m);
711 if ((r = sshbuf_get_u32(m, &success)) != 0)
712 fatal("%s: buffer error: %s", __func__, ssh_err(r));
649 if (success == 0) { 713 if (success == 0) {
650 debug3("%s: pam_init_ctx failed", __func__); 714 debug3("%s: pam_init_ctx failed", __func__);
651 buffer_free(&m); 715 sshbuf_free(m);
652 return (NULL); 716 return (NULL);
653 } 717 }
654 buffer_free(&m); 718 sshbuf_free(m);
655 return (authctxt); 719 return (authctxt);
656} 720}
657 721
@@ -659,66 +723,79 @@ int
659mm_sshpam_query(void *ctx, char **name, char **info, 723mm_sshpam_query(void *ctx, char **name, char **info,
660 u_int *num, char ***prompts, u_int **echo_on) 724 u_int *num, char ***prompts, u_int **echo_on)
661{ 725{
662 Buffer m; 726 struct sshbuf *m;
663 u_int i; 727 u_int i, n;
664 int ret; 728 int r, ret;
665 729
666 debug3("%s", __func__); 730 debug3("%s", __func__);
667 buffer_init(&m); 731 if ((m = sshbuf_new()) == NULL)
668 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_QUERY, &m); 732 fatal("%s: sshbuf_new failed", __func__);
733 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_QUERY, m);
669 debug3("%s: waiting for MONITOR_ANS_PAM_QUERY", __func__); 734 debug3("%s: waiting for MONITOR_ANS_PAM_QUERY", __func__);
670 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_PAM_QUERY, &m); 735 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_PAM_QUERY, m);
671 ret = buffer_get_int(&m); 736 if ((r = sshbuf_get_u32(m, &ret)) != 0 ||
737 (r = sshbuf_get_cstring(m, name, NULL)) != 0 ||
738 (r = sshbuf_get_cstring(m, info, NULL)) != 0 ||
739 (r = sshbuf_get_u32(m, &n)) != 0 ||
740 (r = sshbuf_get_u32(m, num)) != 0)
741 fatal("%s: buffer error: %s", __func__, ssh_err(r));
672 debug3("%s: pam_query returned %d", __func__, ret); 742 debug3("%s: pam_query returned %d", __func__, ret);
673 *name = buffer_get_string(&m, NULL); 743 sshpam_set_maxtries_reached(n);
674 *info = buffer_get_string(&m, NULL);
675 sshpam_set_maxtries_reached(buffer_get_int(&m));
676 *num = buffer_get_int(&m);
677 if (*num > PAM_MAX_NUM_MSG) 744 if (*num > PAM_MAX_NUM_MSG)
678 fatal("%s: recieved %u PAM messages, expected <= %u", 745 fatal("%s: received %u PAM messages, expected <= %u",
679 __func__, *num, PAM_MAX_NUM_MSG); 746 __func__, *num, PAM_MAX_NUM_MSG);
680 *prompts = xcalloc((*num + 1), sizeof(char *)); 747 *prompts = xcalloc((*num + 1), sizeof(char *));
681 *echo_on = xcalloc((*num + 1), sizeof(u_int)); 748 *echo_on = xcalloc((*num + 1), sizeof(u_int));
682 for (i = 0; i < *num; ++i) { 749 for (i = 0; i < *num; ++i) {
683 (*prompts)[i] = buffer_get_string(&m, NULL); 750 if ((r = sshbuf_get_cstring(m, &((*prompts)[i]), NULL)) != 0 ||
684 (*echo_on)[i] = buffer_get_int(&m); 751 (r = sshbuf_get_u32(m, &((*echo_on)[i]))) != 0)
752 fatal("%s: buffer error: %s", __func__, ssh_err(r));
685 } 753 }
686 buffer_free(&m); 754 sshbuf_free(m);
687 return (ret); 755 return (ret);
688} 756}
689 757
690int 758int
691mm_sshpam_respond(void *ctx, u_int num, char **resp) 759mm_sshpam_respond(void *ctx, u_int num, char **resp)
692{ 760{
693 Buffer m; 761 struct sshbuf *m;
694 u_int i; 762 u_int n, i;
695 int ret; 763 int r, ret;
696 764
697 debug3("%s", __func__); 765 debug3("%s", __func__);
698 buffer_init(&m); 766 if ((m = sshbuf_new()) == NULL)
699 buffer_put_int(&m, num); 767 fatal("%s: sshbuf_new failed", __func__);
700 for (i = 0; i < num; ++i) 768 if ((r = sshbuf_put_u32(m, num)) != 0)
701 buffer_put_cstring(&m, resp[i]); 769 fatal("%s: buffer error: %s", __func__, ssh_err(r));
702 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_RESPOND, &m); 770 for (i = 0; i < num; ++i) {
771 if ((r = sshbuf_put_cstring(m, resp[i])) != 0)
772 fatal("%s: buffer error: %s", __func__, ssh_err(r));
773 }
774 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_RESPOND, m);
703 debug3("%s: waiting for MONITOR_ANS_PAM_RESPOND", __func__); 775 debug3("%s: waiting for MONITOR_ANS_PAM_RESPOND", __func__);
704 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_PAM_RESPOND, &m); 776 mm_request_receive_expect(pmonitor->m_recvfd,
705 ret = buffer_get_int(&m); 777 MONITOR_ANS_PAM_RESPOND, m);
778 if ((r = sshbuf_get_u32(m, &n)) != 0)
779 fatal("%s: buffer error: %s", __func__, ssh_err(r));
780 ret = (int)n; /* XXX */
706 debug3("%s: pam_respond returned %d", __func__, ret); 781 debug3("%s: pam_respond returned %d", __func__, ret);
707 buffer_free(&m); 782 sshbuf_free(m);
708 return (ret); 783 return (ret);
709} 784}
710 785
711void 786void
712mm_sshpam_free_ctx(void *ctxtp) 787mm_sshpam_free_ctx(void *ctxtp)
713{ 788{
714 Buffer m; 789 struct sshbuf *m;
715 790
716 debug3("%s", __func__); 791 debug3("%s", __func__);
717 buffer_init(&m); 792 if ((m = sshbuf_new()) == NULL)
718 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_FREE_CTX, &m); 793 fatal("%s: sshbuf_new failed", __func__);
794 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_FREE_CTX, m);
719 debug3("%s: waiting for MONITOR_ANS_PAM_FREE_CTX", __func__); 795 debug3("%s: waiting for MONITOR_ANS_PAM_FREE_CTX", __func__);
720 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_PAM_FREE_CTX, &m); 796 mm_request_receive_expect(pmonitor->m_recvfd,
721 buffer_free(&m); 797 MONITOR_ANS_PAM_FREE_CTX, m);
798 sshbuf_free(m);
722} 799}
723#endif /* USE_PAM */ 800#endif /* USE_PAM */
724 801
@@ -727,11 +804,12 @@ mm_sshpam_free_ctx(void *ctxtp)
727void 804void
728mm_terminate(void) 805mm_terminate(void)
729{ 806{
730 Buffer m; 807 struct sshbuf *m;
731 808
732 buffer_init(&m); 809 if ((m = sshbuf_new()) == NULL)
733 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_TERM, &m); 810 fatal("%s: sshbuf_new failed", __func__);
734 buffer_free(&m); 811 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_TERM, m);
812 sshbuf_free(m);
735} 813}
736 814
737static void 815static void
@@ -750,27 +828,31 @@ int
750mm_bsdauth_query(void *ctx, char **name, char **infotxt, 828mm_bsdauth_query(void *ctx, char **name, char **infotxt,
751 u_int *numprompts, char ***prompts, u_int **echo_on) 829 u_int *numprompts, char ***prompts, u_int **echo_on)
752{ 830{
753 Buffer m; 831 struct sshbuf *m;
754 u_int success; 832 u_int success;
755 char *challenge; 833 char *challenge;
834 int r;
756 835
757 debug3("%s: entering", __func__); 836 debug3("%s: entering", __func__);
758 837
759 buffer_init(&m); 838 if ((m = sshbuf_new()) == NULL)
760 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_BSDAUTHQUERY, &m); 839 fatal("%s: sshbuf_new failed", __func__);
840 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_BSDAUTHQUERY, m);
761 841
762 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_BSDAUTHQUERY, 842 mm_request_receive_expect(pmonitor->m_recvfd,
763 &m); 843 MONITOR_ANS_BSDAUTHQUERY, m);
764 success = buffer_get_int(&m); 844 if ((r = sshbuf_get_u32(m, &success)) != 0)
845 fatal("%s: buffer error: %s", __func__, ssh_err(r));
765 if (success == 0) { 846 if (success == 0) {
766 debug3("%s: no challenge", __func__); 847 debug3("%s: no challenge", __func__);
767 buffer_free(&m); 848 sshbuf_free(m);
768 return (-1); 849 return (-1);
769 } 850 }
770 851
771 /* Get the challenge, and format the response */ 852 /* Get the challenge, and format the response */
772 challenge = buffer_get_string(&m, NULL); 853 if ((r = sshbuf_get_cstring(m, &challenge, NULL)) != 0)
773 buffer_free(&m); 854 fatal("%s: buffer error: %s", __func__, ssh_err(r));
855 sshbuf_free(m);
774 856
775 mm_chall_setup(name, infotxt, numprompts, prompts, echo_on); 857 mm_chall_setup(name, infotxt, numprompts, prompts, echo_on);
776 (*prompts)[0] = challenge; 858 (*prompts)[0] = challenge;
@@ -783,114 +865,62 @@ mm_bsdauth_query(void *ctx, char **name, char **infotxt,
783int 865int
784mm_bsdauth_respond(void *ctx, u_int numresponses, char **responses) 866mm_bsdauth_respond(void *ctx, u_int numresponses, char **responses)
785{ 867{
786 Buffer m; 868 struct sshbuf *m;
787 int authok; 869 int r, authok;
788
789 debug3("%s: entering", __func__);
790 if (numresponses != 1)
791 return (-1);
792
793 buffer_init(&m);
794 buffer_put_cstring(&m, responses[0]);
795 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_BSDAUTHRESPOND, &m);
796
797 mm_request_receive_expect(pmonitor->m_recvfd,
798 MONITOR_ANS_BSDAUTHRESPOND, &m);
799
800 authok = buffer_get_int(&m);
801 buffer_free(&m);
802
803 return ((authok == 0) ? -1 : 0);
804}
805
806#ifdef SKEY
807int
808mm_skey_query(void *ctx, char **name, char **infotxt,
809 u_int *numprompts, char ***prompts, u_int **echo_on)
810{
811 Buffer m;
812 u_int success;
813 char *challenge;
814
815 debug3("%s: entering", __func__);
816
817 buffer_init(&m);
818 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_SKEYQUERY, &m);
819
820 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_SKEYQUERY,
821 &m);
822 success = buffer_get_int(&m);
823 if (success == 0) {
824 debug3("%s: no challenge", __func__);
825 buffer_free(&m);
826 return (-1);
827 }
828
829 /* Get the challenge, and format the response */
830 challenge = buffer_get_string(&m, NULL);
831 buffer_free(&m);
832
833 debug3("%s: received challenge: %s", __func__, challenge);
834
835 mm_chall_setup(name, infotxt, numprompts, prompts, echo_on);
836
837 xasprintf(*prompts, "%s%s", challenge, SKEY_PROMPT);
838 free(challenge);
839
840 return (0);
841}
842
843int
844mm_skey_respond(void *ctx, u_int numresponses, char **responses)
845{
846 Buffer m;
847 int authok;
848 870
849 debug3("%s: entering", __func__); 871 debug3("%s: entering", __func__);
850 if (numresponses != 1) 872 if (numresponses != 1)
851 return (-1); 873 return (-1);
852 874
853 buffer_init(&m); 875 if ((m = sshbuf_new()) == NULL)
854 buffer_put_cstring(&m, responses[0]); 876 fatal("%s: sshbuf_new failed", __func__);
855 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_SKEYRESPOND, &m); 877 if ((r = sshbuf_put_cstring(m, responses[0])) != 0)
878 fatal("%s: buffer error: %s", __func__, ssh_err(r));
879 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_BSDAUTHRESPOND, m);
856 880
857 mm_request_receive_expect(pmonitor->m_recvfd, 881 mm_request_receive_expect(pmonitor->m_recvfd,
858 MONITOR_ANS_SKEYRESPOND, &m); 882 MONITOR_ANS_BSDAUTHRESPOND, m);
859 883
860 authok = buffer_get_int(&m); 884 if ((r = sshbuf_get_u32(m, &authok)) != 0)
861 buffer_free(&m); 885 fatal("%s: buffer error: %s", __func__, ssh_err(r));
886 sshbuf_free(m);
862 887
863 return ((authok == 0) ? -1 : 0); 888 return ((authok == 0) ? -1 : 0);
864} 889}
865#endif /* SKEY */
866 890
867#ifdef SSH_AUDIT_EVENTS 891#ifdef SSH_AUDIT_EVENTS
868void 892void
869mm_audit_event(ssh_audit_event_t event) 893mm_audit_event(ssh_audit_event_t event)
870{ 894{
871 Buffer m; 895 struct sshbuf *m;
896 int r;
872 897
873 debug3("%s entering", __func__); 898 debug3("%s entering", __func__);
874 899
875 buffer_init(&m); 900 if ((m = sshbuf_new()) == NULL)
876 buffer_put_int(&m, event); 901 fatal("%s: sshbuf_new failed", __func__);
902 if ((r = sshbuf_put_u32(m, event)) != 0)
903 fatal("%s: buffer error: %s", __func__, ssh_err(r));
877 904
878 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUDIT_EVENT, &m); 905 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUDIT_EVENT, m);
879 buffer_free(&m); 906 sshbuf_free(m);
880} 907}
881 908
882void 909void
883mm_audit_run_command(const char *command) 910mm_audit_run_command(const char *command)
884{ 911{
885 Buffer m; 912 struct sshbuf *m;
913 int r;
886 914
887 debug3("%s entering command %s", __func__, command); 915 debug3("%s entering command %s", __func__, command);
888 916
889 buffer_init(&m); 917 if ((m = sshbuf_new()) == NULL)
890 buffer_put_cstring(&m, command); 918 fatal("%s: sshbuf_new failed", __func__);
919 if ((r = sshbuf_put_cstring(m, command)) != 0)
920 fatal("%s: buffer error: %s", __func__, ssh_err(r));
891 921
892 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUDIT_COMMAND, &m); 922 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUDIT_COMMAND, m);
893 buffer_free(&m); 923 sshbuf_free(m);
894} 924}
895#endif /* SSH_AUDIT_EVENTS */ 925#endif /* SSH_AUDIT_EVENTS */
896 926
@@ -898,45 +928,55 @@ mm_audit_run_command(const char *command)
898OM_uint32 928OM_uint32
899mm_ssh_gssapi_server_ctx(Gssctxt **ctx, gss_OID goid) 929mm_ssh_gssapi_server_ctx(Gssctxt **ctx, gss_OID goid)
900{ 930{
901 Buffer m; 931 struct sshbuf *m;
902 OM_uint32 major; 932 OM_uint32 major;
933 int r;
903 934
904 /* Client doesn't get to see the context */ 935 /* Client doesn't get to see the context */
905 *ctx = NULL; 936 *ctx = NULL;
906 937
907 buffer_init(&m); 938 if ((m = sshbuf_new()) == NULL)
908 buffer_put_string(&m, goid->elements, goid->length); 939 fatal("%s: sshbuf_new failed", __func__);
940 if ((r = sshbuf_put_string(m, goid->elements, goid->length)) != 0)
941 fatal("%s: buffer error: %s", __func__, ssh_err(r));
909 942
910 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSSETUP, &m); 943 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSSETUP, m);
911 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_GSSSETUP, &m); 944 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_GSSSETUP, m);
912 945
913 major = buffer_get_int(&m); 946 if ((r = sshbuf_get_u32(m, &major)) != 0)
947 fatal("%s: buffer error: %s", __func__, ssh_err(r));
914 948
915 buffer_free(&m); 949 sshbuf_free(m);
916 return (major); 950 return (major);
917} 951}
918 952
919OM_uint32 953OM_uint32
920mm_ssh_gssapi_accept_ctx(Gssctxt *ctx, gss_buffer_desc *in, 954mm_ssh_gssapi_accept_ctx(Gssctxt *ctx, gss_buffer_desc *in,
921 gss_buffer_desc *out, OM_uint32 *flags) 955 gss_buffer_desc *out, OM_uint32 *flagsp)
922{ 956{
923 Buffer m; 957 struct sshbuf *m;
924 OM_uint32 major; 958 OM_uint32 major;
925 u_int len; 959 u_int flags;
926 960 int r;
927 buffer_init(&m);
928 buffer_put_string(&m, in->value, in->length);
929
930 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSSTEP, &m);
931 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_GSSSTEP, &m);
932 961
933 major = buffer_get_int(&m); 962 if ((m = sshbuf_new()) == NULL)
934 out->value = buffer_get_string(&m, &len); 963 fatal("%s: sshbuf_new failed", __func__);
935 out->length = len; 964 if ((r = sshbuf_put_string(m, in->value, in->length)) != 0)
936 if (flags) 965 fatal("%s: buffer error: %s", __func__, ssh_err(r));
937 *flags = buffer_get_int(&m); 966
967 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSSTEP, m);
968 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_GSSSTEP, m);
969
970 if ((r = sshbuf_get_u32(m, &major)) != 0 ||
971 (r = ssh_gssapi_get_buffer_desc(m, out)) != 0)
972 fatal("%s: buffer error: %s", __func__, ssh_err(r));
973 if (flagsp != NULL) {
974 if ((r = sshbuf_get_u32(m, &flags)) != 0)
975 fatal("%s: buffer error: %s", __func__, ssh_err(r));
976 *flagsp = flags;
977 }
938 978
939 buffer_free(&m); 979 sshbuf_free(m);
940 980
941 return (major); 981 return (major);
942} 982}
@@ -944,37 +984,43 @@ mm_ssh_gssapi_accept_ctx(Gssctxt *ctx, gss_buffer_desc *in,
944OM_uint32 984OM_uint32
945mm_ssh_gssapi_checkmic(Gssctxt *ctx, gss_buffer_t gssbuf, gss_buffer_t gssmic) 985mm_ssh_gssapi_checkmic(Gssctxt *ctx, gss_buffer_t gssbuf, gss_buffer_t gssmic)
946{ 986{
947 Buffer m; 987 struct sshbuf *m;
948 OM_uint32 major; 988 OM_uint32 major;
989 int r;
949 990
950 buffer_init(&m); 991 if ((m = sshbuf_new()) == NULL)
951 buffer_put_string(&m, gssbuf->value, gssbuf->length); 992 fatal("%s: sshbuf_new failed", __func__);
952 buffer_put_string(&m, gssmic->value, gssmic->length); 993 if ((r = sshbuf_put_string(m, gssbuf->value, gssbuf->length)) != 0 ||
994 (r = sshbuf_put_string(m, gssmic->value, gssmic->length)) != 0)
995 fatal("%s: buffer error: %s", __func__, ssh_err(r));
953 996
954 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSCHECKMIC, &m); 997 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSCHECKMIC, m);
955 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_GSSCHECKMIC, 998 mm_request_receive_expect(pmonitor->m_recvfd,
956 &m); 999 MONITOR_ANS_GSSCHECKMIC, m);
957 1000
958 major = buffer_get_int(&m); 1001 if ((r = sshbuf_get_u32(m, &major)) != 0)
959 buffer_free(&m); 1002 fatal("%s: buffer error: %s", __func__, ssh_err(r));
1003 sshbuf_free(m);
960 return(major); 1004 return(major);
961} 1005}
962 1006
963int 1007int
964mm_ssh_gssapi_userok(char *user, struct passwd *pw) 1008mm_ssh_gssapi_userok(char *user, struct passwd *pw)
965{ 1009{
966 Buffer m; 1010 struct sshbuf *m;
967 int authenticated = 0; 1011 int r, authenticated = 0;
968 1012
969 buffer_init(&m); 1013 if ((m = sshbuf_new()) == NULL)
1014 fatal("%s: sshbuf_new failed", __func__);
970 1015
971 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSUSEROK, &m); 1016 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSUSEROK, m);
972 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_GSSUSEROK, 1017 mm_request_receive_expect(pmonitor->m_recvfd,
973 &m); 1018 MONITOR_ANS_GSSUSEROK, m);
974 1019
975 authenticated = buffer_get_int(&m); 1020 if ((r = sshbuf_get_u32(m, &authenticated)) != 0)
1021 fatal("%s: buffer error: %s", __func__, ssh_err(r));
976 1022
977 buffer_free(&m); 1023 sshbuf_free(m);
978 debug3("%s: user %sauthenticated",__func__, authenticated ? "" : "not "); 1024 debug3("%s: user %sauthenticated",__func__, authenticated ? "" : "not ");
979 return (authenticated); 1025 return (authenticated);
980} 1026}
@@ -982,21 +1028,23 @@ mm_ssh_gssapi_userok(char *user, struct passwd *pw)
982OM_uint32 1028OM_uint32
983mm_ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_desc *data, gss_buffer_desc *hash) 1029mm_ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_desc *data, gss_buffer_desc *hash)
984{ 1030{
985 Buffer m; 1031 struct sshbuf *m;
986 OM_uint32 major; 1032 OM_uint32 major;
987 u_int len; 1033 int r;
988 1034
989 buffer_init(&m); 1035 if ((m = sshbuf_new()) == NULL)
990 buffer_put_string(&m, data->value, data->length); 1036 fatal("%s: sshbuf_new failed", __func__);
1037 if ((r = sshbuf_put_string(m, data->value, data->length)) != 0)
1038 fatal("%s: buffer error: %s", __func__, ssh_err(r));
991 1039
992 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSSIGN, &m); 1040 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSSIGN, m);
993 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_GSSSIGN, &m); 1041 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_GSSSIGN, m);
994 1042
995 major = buffer_get_int(&m); 1043 if ((r = sshbuf_get_u32(m, &major)) != 0 ||
996 hash->value = buffer_get_string(&m, &len); 1044 (r = ssh_gssapi_get_buffer_desc(m, hash)) != 0)
997 hash->length = len; 1045 fatal("%s: buffer error: %s", __func__, ssh_err(r));
998 1046
999 buffer_free(&m); 1047 sshbuf_free(m);
1000 1048
1001 return(major); 1049 return(major);
1002} 1050}
@@ -1004,24 +1052,27 @@ mm_ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_desc *data, gss_buffer_desc *hash)
1004int 1052int
1005mm_ssh_gssapi_update_creds(ssh_gssapi_ccache *store) 1053mm_ssh_gssapi_update_creds(ssh_gssapi_ccache *store)
1006{ 1054{
1007 Buffer m; 1055 struct sshbuf *m;
1008 int ok; 1056 int r, ok;
1009
1010 buffer_init(&m);
1011
1012 buffer_put_cstring(&m, store->filename ? store->filename : "");
1013 buffer_put_cstring(&m, store->envvar ? store->envvar : "");
1014 buffer_put_cstring(&m, store->envval ? store->envval : "");
1015
1016 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSUPCREDS, &m);
1017 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_GSSUPCREDS, &m);
1018 1057
1019 ok = buffer_get_int(&m); 1058 if ((m = sshbuf_new()) == NULL)
1059 fatal("%s: sshbuf_new failed", __func__);
1060 if ((r = sshbuf_put_cstring(m,
1061 store->filename ? store->filename : "")) != 0 ||
1062 (r = sshbuf_put_cstring(m,
1063 store->envvar ? store->envvar : "")) != 0 ||
1064 (r = sshbuf_put_cstring(m,
1065 store->envval ? store->envval : "")) != 0)
1066 fatal("%s: buffer error: %s", __func__, ssh_err(r));
1067
1068 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSUPCREDS, m);
1069 mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_GSSUPCREDS, m);
1070
1071 if ((r = sshbuf_get_u32(m, &ok)) != 0)
1072 fatal("%s: buffer error: %s", __func__, ssh_err(r));
1073 sshbuf_free(m);
1020 1074
1021 buffer_free(&m);
1022
1023 return (ok); 1075 return (ok);
1024} 1076}
1025 1077
1026#endif /* GSSAPI */ 1078#endif /* GSSAPI */
1027
diff --git a/monitor_wrap.h b/monitor_wrap.h
index 492de5c85..79e78cc90 100644
--- a/monitor_wrap.h
+++ b/monitor_wrap.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: monitor_wrap.h,v 1.37 2018/03/03 03:15:51 djm Exp $ */ 1/* $OpenBSD: monitor_wrap.h,v 1.38 2018/07/11 18:53:29 markus Exp $ */
2 2
3/* 3/*
4 * Copyright 2002 Niels Provos <provos@citi.umich.edu> 4 * Copyright 2002 Niels Provos <provos@citi.umich.edu>
@@ -41,8 +41,8 @@ struct sshauthopt;
41void mm_log_handler(LogLevel, const char *, void *); 41void mm_log_handler(LogLevel, const char *, void *);
42int mm_is_monitor(void); 42int mm_is_monitor(void);
43DH *mm_choose_dh(int, int, int); 43DH *mm_choose_dh(int, int, int);
44int mm_key_sign(struct sshkey *, u_char **, u_int *, const u_char *, u_int, 44int mm_sshkey_sign(struct sshkey *, u_char **, size_t *, const u_char *, size_t,
45 const char *); 45 const char *, u_int compat);
46void mm_inform_authserv(char *, char *, char *); 46void mm_inform_authserv(char *, char *, char *);
47void mm_inform_authrole(char *); 47void mm_inform_authrole(char *);
48struct passwd *mm_getpwnamallow(const char *); 48struct passwd *mm_getpwnamallow(const char *);
@@ -100,8 +100,4 @@ void mm_send_keystate(struct monitor*);
100int mm_bsdauth_query(void *, char **, char **, u_int *, char ***, u_int **); 100int mm_bsdauth_query(void *, char **, char **, u_int *, char ***, u_int **);
101int mm_bsdauth_respond(void *, u_int, char **); 101int mm_bsdauth_respond(void *, u_int, char **);
102 102
103/* skey */
104int mm_skey_query(void *, char **, char **, u_int *, char ***, u_int **);
105int mm_skey_respond(void *, u_int, char **);
106
107#endif /* _MM_WRAP_H_ */ 103#endif /* _MM_WRAP_H_ */
diff --git a/msg.c b/msg.c
index 5a7b8ca91..1bd20f3d3 100644
--- a/msg.c
+++ b/msg.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: msg.c,v 1.16 2015/01/15 09:40:00 djm Exp $ */ 1/* $OpenBSD: msg.c,v 1.17 2018/07/09 21:59:10 markus Exp $ */
2/* 2/*
3 * Copyright (c) 2002 Markus Friedl. All rights reserved. 3 * Copyright (c) 2002 Markus Friedl. All rights reserved.
4 * 4 *
@@ -55,7 +55,7 @@ ssh_msg_send(int fd, u_char type, struct sshbuf *m)
55 error("ssh_msg_send: write"); 55 error("ssh_msg_send: write");
56 return (-1); 56 return (-1);
57 } 57 }
58 if (atomicio(vwrite, fd, (u_char *)sshbuf_ptr(m), mlen) != mlen) { 58 if (atomicio(vwrite, fd, sshbuf_mutable_ptr(m), mlen) != mlen) {
59 error("ssh_msg_send: write"); 59 error("ssh_msg_send: write");
60 return (-1); 60 return (-1);
61 } 61 }
diff --git a/mux.c b/mux.c
index 5ae454410..e607acd08 100644
--- a/mux.c
+++ b/mux.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: mux.c,v 1.69 2017/09/20 05:19:00 dtucker Exp $ */ 1/* $OpenBSD: mux.c,v 1.75 2018/07/31 03:07:24 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2002-2008 Damien Miller <djm@openbsd.org> 3 * Copyright (c) 2002-2008 Damien Miller <djm@openbsd.org>
4 * 4 *
@@ -70,13 +70,13 @@
70#include "pathnames.h" 70#include "pathnames.h"
71#include "misc.h" 71#include "misc.h"
72#include "match.h" 72#include "match.h"
73#include "buffer.h" 73#include "sshbuf.h"
74#include "channels.h" 74#include "channels.h"
75#include "msg.h" 75#include "msg.h"
76#include "packet.h" 76#include "packet.h"
77#include "monitor_fdpass.h" 77#include "monitor_fdpass.h"
78#include "sshpty.h" 78#include "sshpty.h"
79#include "key.h" 79#include "sshkey.h"
80#include "readconf.h" 80#include "readconf.h"
81#include "clientloop.h" 81#include "clientloop.h"
82#include "ssherr.h" 82#include "ssherr.h"
@@ -87,7 +87,7 @@ extern Options options;
87extern int stdin_null_flag; 87extern int stdin_null_flag;
88extern char *host; 88extern char *host;
89extern int subsystem_flag; 89extern int subsystem_flag;
90extern Buffer command; 90extern struct sshbuf *command;
91extern volatile sig_atomic_t quit_pending; 91extern volatile sig_atomic_t quit_pending;
92 92
93/* Context for session open confirmation callback */ 93/* Context for session open confirmation callback */
@@ -96,7 +96,7 @@ struct mux_session_confirm_ctx {
96 u_int want_subsys; 96 u_int want_subsys;
97 u_int want_x_fwd; 97 u_int want_x_fwd;
98 u_int want_agent_fwd; 98 u_int want_agent_fwd;
99 Buffer cmd; 99 struct sshbuf *cmd;
100 char *term; 100 char *term;
101 struct termios tio; 101 struct termios tio;
102 char **env; 102 char **env;
@@ -279,10 +279,11 @@ env_permitted(char *env)
279 279
280static int 280static int
281process_mux_master_hello(struct ssh *ssh, u_int rid, 281process_mux_master_hello(struct ssh *ssh, u_int rid,
282 Channel *c, Buffer *m, Buffer *r) 282 Channel *c, struct sshbuf *m, struct sshbuf *reply)
283{ 283{
284 u_int ver; 284 u_int ver;
285 struct mux_master_state *state = (struct mux_master_state *)c->mux_ctx; 285 struct mux_master_state *state = (struct mux_master_state *)c->mux_ctx;
286 int r;
286 287
287 if (state == NULL) 288 if (state == NULL)
288 fatal("%s: channel %d: c->mux_ctx == NULL", __func__, c->self); 289 fatal("%s: channel %d: c->mux_ctx == NULL", __func__, c->self);
@@ -290,9 +291,8 @@ process_mux_master_hello(struct ssh *ssh, u_int rid,
290 error("%s: HELLO received twice", __func__); 291 error("%s: HELLO received twice", __func__);
291 return -1; 292 return -1;
292 } 293 }
293 if (buffer_get_int_ret(&ver, m) != 0) { 294 if ((r = sshbuf_get_u32(m, &ver)) != 0) {
294 malf: 295 error("%s: malformed message: %s", __func__, ssh_err(r));
295 error("%s: malformed message", __func__);
296 return -1; 296 return -1;
297 } 297 }
298 if (ver != SSHMUX_VER) { 298 if (ver != SSHMUX_VER) {
@@ -303,51 +303,72 @@ process_mux_master_hello(struct ssh *ssh, u_int rid,
303 debug2("%s: channel %d slave version %u", __func__, c->self, ver); 303 debug2("%s: channel %d slave version %u", __func__, c->self, ver);
304 304
305 /* No extensions are presently defined */ 305 /* No extensions are presently defined */
306 while (buffer_len(m) > 0) { 306 while (sshbuf_len(m) > 0) {
307 char *name = buffer_get_string_ret(m, NULL); 307 char *name = NULL;
308 char *value = buffer_get_string_ret(m, NULL);
309 308
310 if (name == NULL || value == NULL) { 309 if ((r = sshbuf_get_cstring(m, &name, NULL)) != 0 ||
311 free(name); 310 (r = sshbuf_skip_string(m)) != 0) { /* value */
312 free(value); 311 error("%s: malformed extension: %s",
313 goto malf; 312 __func__, ssh_err(r));
313 return -1;
314 } 314 }
315 debug2("Unrecognised slave extension \"%s\"", name); 315 debug2("Unrecognised slave extension \"%s\"", name);
316 free(name); 316 free(name);
317 free(value);
318 } 317 }
319 state->hello_rcvd = 1; 318 state->hello_rcvd = 1;
320 return 0; 319 return 0;
321} 320}
322 321
322/* Enqueue a "ok" response to the reply buffer */
323static void
324reply_ok(struct sshbuf *reply, u_int rid)
325{
326 int r;
327
328 if ((r = sshbuf_put_u32(reply, MUX_S_OK)) != 0 ||
329 (r = sshbuf_put_u32(reply, rid)) != 0)
330 fatal("%s: reply: %s", __func__, ssh_err(r));
331}
332
333/* Enqueue an error response to the reply buffer */
334static void
335reply_error(struct sshbuf *reply, u_int type, u_int rid, const char *msg)
336{
337 int r;
338
339 if ((r = sshbuf_put_u32(reply, type)) != 0 ||
340 (r = sshbuf_put_u32(reply, rid)) != 0 ||
341 (r = sshbuf_put_cstring(reply, msg)) != 0)
342 fatal("%s: reply: %s", __func__, ssh_err(r));
343}
344
323static int 345static int
324process_mux_new_session(struct ssh *ssh, u_int rid, 346process_mux_new_session(struct ssh *ssh, u_int rid,
325 Channel *c, Buffer *m, Buffer *r) 347 Channel *c, struct sshbuf *m, struct sshbuf *reply)
326{ 348{
327 Channel *nc; 349 Channel *nc;
328 struct mux_session_confirm_ctx *cctx; 350 struct mux_session_confirm_ctx *cctx;
329 char *reserved, *cmd, *cp; 351 char *cmd, *cp;
330 u_int i, j, len, env_len, escape_char, window, packetmax; 352 u_int i, j, env_len, escape_char, window, packetmax;
331 int new_fd[3]; 353 int r, new_fd[3];
332 354
333 /* Reply for SSHMUX_COMMAND_OPEN */ 355 /* Reply for SSHMUX_COMMAND_OPEN */
334 cctx = xcalloc(1, sizeof(*cctx)); 356 cctx = xcalloc(1, sizeof(*cctx));
335 cctx->term = NULL; 357 cctx->term = NULL;
336 cctx->rid = rid; 358 cctx->rid = rid;
337 cmd = reserved = NULL; 359 cmd = NULL;
338 cctx->env = NULL; 360 cctx->env = NULL;
339 env_len = 0; 361 env_len = 0;
340 if ((reserved = buffer_get_string_ret(m, NULL)) == NULL || 362 if ((r = sshbuf_skip_string(m)) != 0 || /* reserved */
341 buffer_get_int_ret(&cctx->want_tty, m) != 0 || 363 (r = sshbuf_get_u32(m, &cctx->want_tty)) != 0 ||
342 buffer_get_int_ret(&cctx->want_x_fwd, m) != 0 || 364 (r = sshbuf_get_u32(m, &cctx->want_x_fwd)) != 0 ||
343 buffer_get_int_ret(&cctx->want_agent_fwd, m) != 0 || 365 (r = sshbuf_get_u32(m, &cctx->want_agent_fwd)) != 0 ||
344 buffer_get_int_ret(&cctx->want_subsys, m) != 0 || 366 (r = sshbuf_get_u32(m, &cctx->want_subsys)) != 0 ||
345 buffer_get_int_ret(&escape_char, m) != 0 || 367 (r = sshbuf_get_u32(m, &escape_char)) != 0 ||
346 (cctx->term = buffer_get_string_ret(m, &len)) == NULL || 368 (r = sshbuf_get_cstring(m, &cctx->term, NULL)) != 0 ||
347 (cmd = buffer_get_string_ret(m, &len)) == NULL) { 369 (r = sshbuf_get_cstring(m, &cmd, NULL)) != 0) {
348 malf: 370 malf:
349 free(cmd); 371 free(cmd);
350 free(reserved);
351 for (j = 0; j < env_len; j++) 372 for (j = 0; j < env_len; j++)
352 free(cctx->env[j]); 373 free(cctx->env[j]);
353 free(cctx->env); 374 free(cctx->env);
@@ -356,12 +377,10 @@ process_mux_new_session(struct ssh *ssh, u_int rid,
356 error("%s: malformed message", __func__); 377 error("%s: malformed message", __func__);
357 return -1; 378 return -1;
358 } 379 }
359 free(reserved);
360 reserved = NULL;
361 380
362 while (buffer_len(m) > 0) {
363#define MUX_MAX_ENV_VARS 4096 381#define MUX_MAX_ENV_VARS 4096
364 if ((cp = buffer_get_string_ret(m, &len)) == NULL) 382 while (sshbuf_len(m) > 0) {
383 if ((r = sshbuf_get_cstring(m, &cp, NULL)) != 0)
365 goto malf; 384 goto malf;
366 if (!env_permitted(cp)) { 385 if (!env_permitted(cp)) {
367 free(cp); 386 free(cp);
@@ -383,8 +402,10 @@ process_mux_new_session(struct ssh *ssh, u_int rid,
383 cctx->want_tty, cctx->want_x_fwd, cctx->want_agent_fwd, 402 cctx->want_tty, cctx->want_x_fwd, cctx->want_agent_fwd,
384 cctx->want_subsys, cctx->term, cmd, env_len); 403 cctx->want_subsys, cctx->term, cmd, env_len);
385 404
386 buffer_init(&cctx->cmd); 405 if ((cctx->cmd = sshbuf_new()) == NULL)
387 buffer_append(&cctx->cmd, cmd, strlen(cmd)); 406 fatal("%s: sshbuf_new", __func__);
407 if ((r = sshbuf_put(cctx->cmd, cmd, strlen(cmd))) != 0)
408 fatal("%s: sshbuf_put: %s", __func__, ssh_err(r));
388 free(cmd); 409 free(cmd);
389 cmd = NULL; 410 cmd = NULL;
390 411
@@ -399,13 +420,9 @@ process_mux_new_session(struct ssh *ssh, u_int rid,
399 free(cctx->env[j]); 420 free(cctx->env[j]);
400 free(cctx->env); 421 free(cctx->env);
401 free(cctx->term); 422 free(cctx->term);
402 buffer_free(&cctx->cmd); 423 sshbuf_free(cctx->cmd);
403 free(cctx); 424 free(cctx);
404 425 reply_error(reply, MUX_S_FAILURE, rid,
405 /* prepare reply */
406 buffer_put_int(r, MUX_S_FAILURE);
407 buffer_put_int(r, rid);
408 buffer_put_cstring(r,
409 "did not receive file descriptors"); 426 "did not receive file descriptors");
410 return -1; 427 return -1;
411 } 428 }
@@ -417,10 +434,8 @@ process_mux_new_session(struct ssh *ssh, u_int rid,
417 /* XXX support multiple child sessions in future */ 434 /* XXX support multiple child sessions in future */
418 if (c->have_remote_id) { 435 if (c->have_remote_id) {
419 debug2("%s: session already open", __func__); 436 debug2("%s: session already open", __func__);
420 /* prepare reply */ 437 reply_error(reply, MUX_S_FAILURE, rid,
421 buffer_put_int(r, MUX_S_FAILURE); 438 "Multiple sessions not supported");
422 buffer_put_int(r, rid);
423 buffer_put_cstring(r, "Multiple sessions not supported");
424 cleanup: 439 cleanup:
425 close(new_fd[0]); 440 close(new_fd[0]);
426 close(new_fd[1]); 441 close(new_fd[1]);
@@ -431,7 +446,7 @@ process_mux_new_session(struct ssh *ssh, u_int rid,
431 free(cctx->env[i]); 446 free(cctx->env[i]);
432 free(cctx->env); 447 free(cctx->env);
433 } 448 }
434 buffer_free(&cctx->cmd); 449 sshbuf_free(cctx->cmd);
435 free(cctx); 450 free(cctx);
436 return 0; 451 return 0;
437 } 452 }
@@ -440,10 +455,8 @@ process_mux_new_session(struct ssh *ssh, u_int rid,
440 options.control_master == SSHCTL_MASTER_AUTO_ASK) { 455 options.control_master == SSHCTL_MASTER_AUTO_ASK) {
441 if (!ask_permission("Allow shared connection to %s? ", host)) { 456 if (!ask_permission("Allow shared connection to %s? ", host)) {
442 debug2("%s: session refused by user", __func__); 457 debug2("%s: session refused by user", __func__);
443 /* prepare reply */ 458 reply_error(reply, MUX_S_PERMISSION_DENIED, rid,
444 buffer_put_int(r, MUX_S_PERMISSION_DENIED); 459 "Permission denied");
445 buffer_put_int(r, rid);
446 buffer_put_cstring(r, "Permission denied");
447 goto cleanup; 460 goto cleanup;
448 } 461 }
449 } 462 }
@@ -497,21 +510,24 @@ process_mux_new_session(struct ssh *ssh, u_int rid,
497 510
498static int 511static int
499process_mux_alive_check(struct ssh *ssh, u_int rid, 512process_mux_alive_check(struct ssh *ssh, u_int rid,
500 Channel *c, Buffer *m, Buffer *r) 513 Channel *c, struct sshbuf *m, struct sshbuf *reply)
501{ 514{
515 int r;
516
502 debug2("%s: channel %d: alive check", __func__, c->self); 517 debug2("%s: channel %d: alive check", __func__, c->self);
503 518
504 /* prepare reply */ 519 /* prepare reply */
505 buffer_put_int(r, MUX_S_ALIVE); 520 if ((r = sshbuf_put_u32(reply, MUX_S_ALIVE)) != 0 ||
506 buffer_put_int(r, rid); 521 (r = sshbuf_put_u32(reply, rid)) != 0 ||
507 buffer_put_int(r, (u_int)getpid()); 522 (r = sshbuf_put_u32(reply, (u_int)getpid())) != 0)
523 fatal("%s: reply: %s", __func__, ssh_err(r));
508 524
509 return 0; 525 return 0;
510} 526}
511 527
512static int 528static int
513process_mux_terminate(struct ssh *ssh, u_int rid, 529process_mux_terminate(struct ssh *ssh, u_int rid,
514 Channel *c, Buffer *m, Buffer *r) 530 Channel *c, struct sshbuf *m, struct sshbuf *reply)
515{ 531{
516 debug2("%s: channel %d: terminate request", __func__, c->self); 532 debug2("%s: channel %d: terminate request", __func__, c->self);
517 533
@@ -520,16 +536,14 @@ process_mux_terminate(struct ssh *ssh, u_int rid,
520 if (!ask_permission("Terminate shared connection to %s? ", 536 if (!ask_permission("Terminate shared connection to %s? ",
521 host)) { 537 host)) {
522 debug2("%s: termination refused by user", __func__); 538 debug2("%s: termination refused by user", __func__);
523 buffer_put_int(r, MUX_S_PERMISSION_DENIED); 539 reply_error(reply, MUX_S_PERMISSION_DENIED, rid,
524 buffer_put_int(r, rid); 540 "Permission denied");
525 buffer_put_cstring(r, "Permission denied");
526 return 0; 541 return 0;
527 } 542 }
528 } 543 }
529 544
530 quit_pending = 1; 545 quit_pending = 1;
531 buffer_put_int(r, MUX_S_OK); 546 reply_ok(reply, rid);
532 buffer_put_int(r, rid);
533 /* XXX exit happens too soon - message never makes it to client */ 547 /* XXX exit happens too soon - message never makes it to client */
534 return 0; 548 return 0;
535} 549}
@@ -606,14 +620,16 @@ mux_confirm_remote_forward(struct ssh *ssh, int type, u_int32_t seq, void *ctxt)
606 char *failmsg = NULL; 620 char *failmsg = NULL;
607 struct Forward *rfwd; 621 struct Forward *rfwd;
608 Channel *c; 622 Channel *c;
609 Buffer out; 623 struct sshbuf *out;
624 int r;
610 625
611 if ((c = channel_by_id(ssh, fctx->cid)) == NULL) { 626 if ((c = channel_by_id(ssh, fctx->cid)) == NULL) {
612 /* no channel for reply */ 627 /* no channel for reply */
613 error("%s: unknown channel", __func__); 628 error("%s: unknown channel", __func__);
614 return; 629 return;
615 } 630 }
616 buffer_init(&out); 631 if ((out = sshbuf_new()) == NULL)
632 fatal("%s: sshbuf_new", __func__);
617 if (fctx->fid >= options.num_remote_forwards || 633 if (fctx->fid >= options.num_remote_forwards ||
618 (options.remote_forwards[fctx->fid].connect_path == NULL && 634 (options.remote_forwards[fctx->fid].connect_path == NULL &&
619 options.remote_forwards[fctx->fid].connect_host == NULL)) { 635 options.remote_forwards[fctx->fid].connect_host == NULL)) {
@@ -631,19 +647,21 @@ mux_confirm_remote_forward(struct ssh *ssh, int type, u_int32_t seq, void *ctxt)
631 debug("Allocated port %u for mux remote forward" 647 debug("Allocated port %u for mux remote forward"
632 " to %s:%d", rfwd->allocated_port, 648 " to %s:%d", rfwd->allocated_port,
633 rfwd->connect_host, rfwd->connect_port); 649 rfwd->connect_host, rfwd->connect_port);
634 buffer_put_int(&out, MUX_S_REMOTE_PORT); 650 if ((r = sshbuf_put_u32(out,
635 buffer_put_int(&out, fctx->rid); 651 MUX_S_REMOTE_PORT)) != 0 ||
636 buffer_put_int(&out, rfwd->allocated_port); 652 (r = sshbuf_put_u32(out, fctx->rid)) != 0 ||
637 channel_update_permitted_opens(ssh, rfwd->handle, 653 (r = sshbuf_put_u32(out,
654 rfwd->allocated_port)) != 0)
655 fatal("%s: reply: %s", __func__, ssh_err(r));
656 channel_update_permission(ssh, rfwd->handle,
638 rfwd->allocated_port); 657 rfwd->allocated_port);
639 } else { 658 } else {
640 buffer_put_int(&out, MUX_S_OK); 659 reply_ok(out, fctx->rid);
641 buffer_put_int(&out, fctx->rid);
642 } 660 }
643 goto out; 661 goto out;
644 } else { 662 } else {
645 if (rfwd->listen_port == 0) 663 if (rfwd->listen_port == 0)
646 channel_update_permitted_opens(ssh, rfwd->handle, -1); 664 channel_update_permission(ssh, rfwd->handle, -1);
647 if (rfwd->listen_path != NULL) 665 if (rfwd->listen_path != NULL)
648 xasprintf(&failmsg, "remote port forwarding failed for " 666 xasprintf(&failmsg, "remote port forwarding failed for "
649 "listen path %s", rfwd->listen_path); 667 "listen path %s", rfwd->listen_path);
@@ -664,13 +682,12 @@ mux_confirm_remote_forward(struct ssh *ssh, int type, u_int32_t seq, void *ctxt)
664 } 682 }
665 fail: 683 fail:
666 error("%s: %s", __func__, failmsg); 684 error("%s: %s", __func__, failmsg);
667 buffer_put_int(&out, MUX_S_FAILURE); 685 reply_error(out, MUX_S_FAILURE, fctx->rid, failmsg);
668 buffer_put_int(&out, fctx->rid);
669 buffer_put_cstring(&out, failmsg);
670 free(failmsg); 686 free(failmsg);
671 out: 687 out:
672 buffer_put_string(c->output, buffer_ptr(&out), buffer_len(&out)); 688 if ((r = sshbuf_put_stringb(c->output, out)) != 0)
673 buffer_free(&out); 689 fatal("%s: sshbuf_put_stringb: %s", __func__, ssh_err(r));
690 sshbuf_free(out);
674 if (c->mux_pause <= 0) 691 if (c->mux_pause <= 0)
675 fatal("%s: mux_pause %d", __func__, c->mux_pause); 692 fatal("%s: mux_pause %d", __func__, c->mux_pause);
676 c->mux_pause = 0; /* start processing messages again */ 693 c->mux_pause = 0; /* start processing messages again */
@@ -678,23 +695,23 @@ mux_confirm_remote_forward(struct ssh *ssh, int type, u_int32_t seq, void *ctxt)
678 695
679static int 696static int
680process_mux_open_fwd(struct ssh *ssh, u_int rid, 697process_mux_open_fwd(struct ssh *ssh, u_int rid,
681 Channel *c, Buffer *m, Buffer *r) 698 Channel *c, struct sshbuf *m, struct sshbuf *reply)
682{ 699{
683 struct Forward fwd; 700 struct Forward fwd;
684 char *fwd_desc = NULL; 701 char *fwd_desc = NULL;
685 char *listen_addr, *connect_addr; 702 char *listen_addr, *connect_addr;
686 u_int ftype; 703 u_int ftype;
687 u_int lport, cport; 704 u_int lport, cport;
688 int i, ret = 0, freefwd = 1; 705 int r, i, ret = 0, freefwd = 1;
689 706
690 memset(&fwd, 0, sizeof(fwd)); 707 memset(&fwd, 0, sizeof(fwd));
691 708
692 /* XXX - lport/cport check redundant */ 709 /* XXX - lport/cport check redundant */
693 if (buffer_get_int_ret(&ftype, m) != 0 || 710 if ((r = sshbuf_get_u32(m, &ftype)) != 0 ||
694 (listen_addr = buffer_get_string_ret(m, NULL)) == NULL || 711 (r = sshbuf_get_cstring(m, &listen_addr, NULL)) != 0 ||
695 buffer_get_int_ret(&lport, m) != 0 || 712 (r = sshbuf_get_u32(m, &lport)) != 0 ||
696 (connect_addr = buffer_get_string_ret(m, NULL)) == NULL || 713 (r = sshbuf_get_cstring(m, &connect_addr, NULL)) != 0 ||
697 buffer_get_int_ret(&cport, m) != 0 || 714 (r = sshbuf_get_u32(m, &cport)) != 0 ||
698 (lport != (u_int)PORT_STREAMLOCAL && lport > 65535) || 715 (lport != (u_int)PORT_STREAMLOCAL && lport > 65535) ||
699 (cport != (u_int)PORT_STREAMLOCAL && cport > 65535)) { 716 (cport != (u_int)PORT_STREAMLOCAL && cport > 65535)) {
700 error("%s: malformed message", __func__); 717 error("%s: malformed message", __func__);
@@ -731,9 +748,8 @@ process_mux_open_fwd(struct ssh *ssh, u_int rid,
731 invalid: 748 invalid:
732 free(listen_addr); 749 free(listen_addr);
733 free(connect_addr); 750 free(connect_addr);
734 buffer_put_int(r, MUX_S_FAILURE); 751 reply_error(reply, MUX_S_FAILURE, rid,
735 buffer_put_int(r, rid); 752 "Invalid forwarding request");
736 buffer_put_cstring(r, "Invalid forwarding request");
737 return 0; 753 return 0;
738 } 754 }
739 if (ftype == MUX_FWD_DYNAMIC && fwd.listen_path) { 755 if (ftype == MUX_FWD_DYNAMIC && fwd.listen_path) {
@@ -770,26 +786,25 @@ process_mux_open_fwd(struct ssh *ssh, u_int rid,
770 exists: 786 exists:
771 debug2("%s: found existing forwarding", 787 debug2("%s: found existing forwarding",
772 __func__); 788 __func__);
773 buffer_put_int(r, MUX_S_OK); 789 reply_ok(reply, rid);
774 buffer_put_int(r, rid);
775 goto out; 790 goto out;
776 } 791 }
777 } 792 }
778 break; 793 break;
779 case MUX_FWD_REMOTE: 794 case MUX_FWD_REMOTE:
780 for (i = 0; i < options.num_remote_forwards; i++) { 795 for (i = 0; i < options.num_remote_forwards; i++) {
781 if (compare_forward(&fwd, 796 if (!compare_forward(&fwd, options.remote_forwards + i))
782 options.remote_forwards + i)) { 797 continue;
783 if (fwd.listen_port != 0) 798 if (fwd.listen_port != 0)
784 goto exists; 799 goto exists;
785 debug2("%s: found allocated port", 800 debug2("%s: found allocated port", __func__);
786 __func__); 801 if ((r = sshbuf_put_u32(reply,
787 buffer_put_int(r, MUX_S_REMOTE_PORT); 802 MUX_S_REMOTE_PORT)) != 0 ||
788 buffer_put_int(r, rid); 803 (r = sshbuf_put_u32(reply, rid)) != 0 ||
789 buffer_put_int(r, 804 (r = sshbuf_put_u32(reply,
790 options.remote_forwards[i].allocated_port); 805 options.remote_forwards[i].allocated_port)) != 0)
791 goto out; 806 fatal("%s: reply: %s", __func__, ssh_err(r));
792 } 807 goto out;
793 } 808 }
794 break; 809 break;
795 } 810 }
@@ -798,9 +813,8 @@ process_mux_open_fwd(struct ssh *ssh, u_int rid,
798 options.control_master == SSHCTL_MASTER_AUTO_ASK) { 813 options.control_master == SSHCTL_MASTER_AUTO_ASK) {
799 if (!ask_permission("Open %s on %s?", fwd_desc, host)) { 814 if (!ask_permission("Open %s on %s?", fwd_desc, host)) {
800 debug2("%s: forwarding refused by user", __func__); 815 debug2("%s: forwarding refused by user", __func__);
801 buffer_put_int(r, MUX_S_PERMISSION_DENIED); 816 reply_error(reply, MUX_S_PERMISSION_DENIED, rid,
802 buffer_put_int(r, rid); 817 "Permission denied");
803 buffer_put_cstring(r, "Permission denied");
804 goto out; 818 goto out;
805 } 819 }
806 } 820 }
@@ -810,9 +824,8 @@ process_mux_open_fwd(struct ssh *ssh, u_int rid,
810 &options.fwd_opts)) { 824 &options.fwd_opts)) {
811 fail: 825 fail:
812 logit("slave-requested %s failed", fwd_desc); 826 logit("slave-requested %s failed", fwd_desc);
813 buffer_put_int(r, MUX_S_FAILURE); 827 reply_error(reply, MUX_S_FAILURE, rid,
814 buffer_put_int(r, rid); 828 "Port forwarding failed");
815 buffer_put_cstring(r, "Port forwarding failed");
816 goto out; 829 goto out;
817 } 830 }
818 add_local_forward(&options, &fwd); 831 add_local_forward(&options, &fwd);
@@ -835,8 +848,7 @@ process_mux_open_fwd(struct ssh *ssh, u_int rid,
835 /* delayed reply in mux_confirm_remote_forward */ 848 /* delayed reply in mux_confirm_remote_forward */
836 goto out; 849 goto out;
837 } 850 }
838 buffer_put_int(r, MUX_S_OK); 851 reply_ok(reply, rid);
839 buffer_put_int(r, rid);
840 out: 852 out:
841 free(fwd_desc); 853 free(fwd_desc);
842 if (freefwd) { 854 if (freefwd) {
@@ -850,23 +862,23 @@ process_mux_open_fwd(struct ssh *ssh, u_int rid,
850 862
851static int 863static int
852process_mux_close_fwd(struct ssh *ssh, u_int rid, 864process_mux_close_fwd(struct ssh *ssh, u_int rid,
853 Channel *c, Buffer *m, Buffer *r) 865 Channel *c, struct sshbuf *m, struct sshbuf *reply)
854{ 866{
855 struct Forward fwd, *found_fwd; 867 struct Forward fwd, *found_fwd;
856 char *fwd_desc = NULL; 868 char *fwd_desc = NULL;
857 const char *error_reason = NULL; 869 const char *error_reason = NULL;
858 char *listen_addr = NULL, *connect_addr = NULL; 870 char *listen_addr = NULL, *connect_addr = NULL;
859 u_int ftype; 871 u_int ftype;
860 int i, ret = 0; 872 int r, i, ret = 0;
861 u_int lport, cport; 873 u_int lport, cport;
862 874
863 memset(&fwd, 0, sizeof(fwd)); 875 memset(&fwd, 0, sizeof(fwd));
864 876
865 if (buffer_get_int_ret(&ftype, m) != 0 || 877 if ((r = sshbuf_get_u32(m, &ftype)) != 0 ||
866 (listen_addr = buffer_get_string_ret(m, NULL)) == NULL || 878 (r = sshbuf_get_cstring(m, &listen_addr, NULL)) != 0 ||
867 buffer_get_int_ret(&lport, m) != 0 || 879 (r = sshbuf_get_u32(m, &lport)) != 0 ||
868 (connect_addr = buffer_get_string_ret(m, NULL)) == NULL || 880 (r = sshbuf_get_cstring(m, &connect_addr, NULL)) != 0 ||
869 buffer_get_int_ret(&cport, m) != 0 || 881 (r = sshbuf_get_u32(m, &cport)) != 0 ||
870 (lport != (u_int)PORT_STREAMLOCAL && lport > 65535) || 882 (lport != (u_int)PORT_STREAMLOCAL && lport > 65535) ||
871 (cport != (u_int)PORT_STREAMLOCAL && cport > 65535)) { 883 (cport != (u_int)PORT_STREAMLOCAL && cport > 65535)) {
872 error("%s: malformed message", __func__); 884 error("%s: malformed message", __func__);
@@ -940,10 +952,10 @@ process_mux_close_fwd(struct ssh *ssh, u_int rid,
940 error_reason = "port not found"; 952 error_reason = "port not found";
941 } 953 }
942 954
943 if (error_reason == NULL) { 955 if (error_reason != NULL)
944 buffer_put_int(r, MUX_S_OK); 956 reply_error(reply, MUX_S_FAILURE, rid, error_reason);
945 buffer_put_int(r, rid); 957 else {
946 958 reply_ok(reply, rid);
947 free(found_fwd->listen_host); 959 free(found_fwd->listen_host);
948 free(found_fwd->listen_path); 960 free(found_fwd->listen_path);
949 free(found_fwd->connect_host); 961 free(found_fwd->connect_host);
@@ -951,10 +963,6 @@ process_mux_close_fwd(struct ssh *ssh, u_int rid,
951 found_fwd->listen_host = found_fwd->connect_host = NULL; 963 found_fwd->listen_host = found_fwd->connect_host = NULL;
952 found_fwd->listen_path = found_fwd->connect_path = NULL; 964 found_fwd->listen_path = found_fwd->connect_path = NULL;
953 found_fwd->listen_port = found_fwd->connect_port = 0; 965 found_fwd->listen_port = found_fwd->connect_port = 0;
954 } else {
955 buffer_put_int(r, MUX_S_FAILURE);
956 buffer_put_int(r, rid);
957 buffer_put_cstring(r, error_reason);
958 } 966 }
959 out: 967 out:
960 free(fwd_desc); 968 free(fwd_desc);
@@ -966,24 +974,21 @@ process_mux_close_fwd(struct ssh *ssh, u_int rid,
966 974
967static int 975static int
968process_mux_stdio_fwd(struct ssh *ssh, u_int rid, 976process_mux_stdio_fwd(struct ssh *ssh, u_int rid,
969 Channel *c, Buffer *m, Buffer *r) 977 Channel *c, struct sshbuf *m, struct sshbuf *reply)
970{ 978{
971 Channel *nc; 979 Channel *nc;
972 char *reserved, *chost; 980 char *chost = NULL;
973 u_int cport, i, j; 981 u_int cport, i, j;
974 int new_fd[2]; 982 int r, new_fd[2];
975 struct mux_stdio_confirm_ctx *cctx; 983 struct mux_stdio_confirm_ctx *cctx;
976 984
977 chost = reserved = NULL; 985 if ((r = sshbuf_skip_string(m)) != 0 || /* reserved */
978 if ((reserved = buffer_get_string_ret(m, NULL)) == NULL || 986 (r = sshbuf_get_cstring(m, &chost, NULL)) != 0 ||
979 (chost = buffer_get_string_ret(m, NULL)) == NULL || 987 (r = sshbuf_get_u32(m, &cport)) != 0) {
980 buffer_get_int_ret(&cport, m) != 0) {
981 free(reserved);
982 free(chost); 988 free(chost);
983 error("%s: malformed message", __func__); 989 error("%s: malformed message", __func__);
984 return -1; 990 return -1;
985 } 991 }
986 free(reserved);
987 992
988 debug2("%s: channel %d: request stdio fwd to %s:%u", 993 debug2("%s: channel %d: request stdio fwd to %s:%u",
989 __func__, c->self, chost, cport); 994 __func__, c->self, chost, cport);
@@ -998,9 +1003,7 @@ process_mux_stdio_fwd(struct ssh *ssh, u_int rid,
998 free(chost); 1003 free(chost);
999 1004
1000 /* prepare reply */ 1005 /* prepare reply */
1001 buffer_put_int(r, MUX_S_FAILURE); 1006 reply_error(reply, MUX_S_FAILURE, rid,
1002 buffer_put_int(r, rid);
1003 buffer_put_cstring(r,
1004 "did not receive file descriptors"); 1007 "did not receive file descriptors");
1005 return -1; 1008 return -1;
1006 } 1009 }
@@ -1012,10 +1015,8 @@ process_mux_stdio_fwd(struct ssh *ssh, u_int rid,
1012 /* XXX support multiple child sessions in future */ 1015 /* XXX support multiple child sessions in future */
1013 if (c->have_remote_id) { 1016 if (c->have_remote_id) {
1014 debug2("%s: session already open", __func__); 1017 debug2("%s: session already open", __func__);
1015 /* prepare reply */ 1018 reply_error(reply, MUX_S_FAILURE, rid,
1016 buffer_put_int(r, MUX_S_FAILURE); 1019 "Multiple sessions not supported");
1017 buffer_put_int(r, rid);
1018 buffer_put_cstring(r, "Multiple sessions not supported");
1019 cleanup: 1020 cleanup:
1020 close(new_fd[0]); 1021 close(new_fd[0]);
1021 close(new_fd[1]); 1022 close(new_fd[1]);
@@ -1028,10 +1029,8 @@ process_mux_stdio_fwd(struct ssh *ssh, u_int rid,
1028 if (!ask_permission("Allow forward to %s:%u? ", 1029 if (!ask_permission("Allow forward to %s:%u? ",
1029 chost, cport)) { 1030 chost, cport)) {
1030 debug2("%s: stdio fwd refused by user", __func__); 1031 debug2("%s: stdio fwd refused by user", __func__);
1031 /* prepare reply */ 1032 reply_error(reply, MUX_S_PERMISSION_DENIED, rid,
1032 buffer_put_int(r, MUX_S_PERMISSION_DENIED); 1033 "Permission denied");
1033 buffer_put_int(r, rid);
1034 buffer_put_cstring(r, "Permission denied");
1035 goto cleanup; 1034 goto cleanup;
1036 } 1035 }
1037 } 1036 }
@@ -1043,6 +1042,7 @@ process_mux_stdio_fwd(struct ssh *ssh, u_int rid,
1043 set_nonblock(new_fd[1]); 1042 set_nonblock(new_fd[1]);
1044 1043
1045 nc = channel_connect_stdio_fwd(ssh, chost, cport, new_fd[0], new_fd[1]); 1044 nc = channel_connect_stdio_fwd(ssh, chost, cport, new_fd[0], new_fd[1]);
1045 free(chost);
1046 1046
1047 nc->ctl_chan = c->self; /* link session -> control channel */ 1047 nc->ctl_chan = c->self; /* link session -> control channel */
1048 c->remote_id = nc->self; /* link control -> session channel */ 1048 c->remote_id = nc->self; /* link control -> session channel */
@@ -1069,7 +1069,8 @@ mux_stdio_confirm(struct ssh *ssh, int id, int success, void *arg)
1069{ 1069{
1070 struct mux_stdio_confirm_ctx *cctx = arg; 1070 struct mux_stdio_confirm_ctx *cctx = arg;
1071 Channel *c, *cc; 1071 Channel *c, *cc;
1072 Buffer reply; 1072 struct sshbuf *reply;
1073 int r;
1073 1074
1074 if (cctx == NULL) 1075 if (cctx == NULL)
1075 fatal("%s: cctx == NULL", __func__); 1076 fatal("%s: cctx == NULL", __func__);
@@ -1078,28 +1079,29 @@ mux_stdio_confirm(struct ssh *ssh, int id, int success, void *arg)
1078 if ((cc = channel_by_id(ssh, c->ctl_chan)) == NULL) 1079 if ((cc = channel_by_id(ssh, c->ctl_chan)) == NULL)
1079 fatal("%s: channel %d lacks control channel %d", __func__, 1080 fatal("%s: channel %d lacks control channel %d", __func__,
1080 id, c->ctl_chan); 1081 id, c->ctl_chan);
1082 if ((reply = sshbuf_new()) == NULL)
1083 fatal("%s: sshbuf_new", __func__);
1081 1084
1082 if (!success) { 1085 if (!success) {
1083 debug3("%s: sending failure reply", __func__); 1086 debug3("%s: sending failure reply", __func__);
1087 reply_error(reply, MUX_S_FAILURE, cctx->rid,
1088 "Session open refused by peer");
1084 /* prepare reply */ 1089 /* prepare reply */
1085 buffer_init(&reply);
1086 buffer_put_int(&reply, MUX_S_FAILURE);
1087 buffer_put_int(&reply, cctx->rid);
1088 buffer_put_cstring(&reply, "Session open refused by peer");
1089 goto done; 1090 goto done;
1090 } 1091 }
1091 1092
1092 debug3("%s: sending success reply", __func__); 1093 debug3("%s: sending success reply", __func__);
1093 /* prepare reply */ 1094 /* prepare reply */
1094 buffer_init(&reply); 1095 if ((r = sshbuf_put_u32(reply, MUX_S_SESSION_OPENED)) != 0 ||
1095 buffer_put_int(&reply, MUX_S_SESSION_OPENED); 1096 (r = sshbuf_put_u32(reply, cctx->rid)) != 0 ||
1096 buffer_put_int(&reply, cctx->rid); 1097 (r = sshbuf_put_u32(reply, c->self)) != 0)
1097 buffer_put_int(&reply, c->self); 1098 fatal("%s: reply: %s", __func__, ssh_err(r));
1098 1099
1099 done: 1100 done:
1100 /* Send reply */ 1101 /* Send reply */
1101 buffer_put_string(cc->output, buffer_ptr(&reply), buffer_len(&reply)); 1102 if ((r = sshbuf_put_stringb(cc->output, reply)) != 0)
1102 buffer_free(&reply); 1103 fatal("%s: sshbuf_put_stringb: %s", __func__, ssh_err(r));
1104 sshbuf_free(reply);
1103 1105
1104 if (cc->mux_pause <= 0) 1106 if (cc->mux_pause <= 0)
1105 fatal("%s: mux_pause %d", __func__, cc->mux_pause); 1107 fatal("%s: mux_pause %d", __func__, cc->mux_pause);
@@ -1110,7 +1112,7 @@ mux_stdio_confirm(struct ssh *ssh, int id, int success, void *arg)
1110 1112
1111static int 1113static int
1112process_mux_stop_listening(struct ssh *ssh, u_int rid, 1114process_mux_stop_listening(struct ssh *ssh, u_int rid,
1113 Channel *c, Buffer *m, Buffer *r) 1115 Channel *c, struct sshbuf *m, struct sshbuf *reply)
1114{ 1116{
1115 debug("%s: channel %d: stop listening", __func__, c->self); 1117 debug("%s: channel %d: stop listening", __func__, c->self);
1116 1118
@@ -1119,9 +1121,8 @@ process_mux_stop_listening(struct ssh *ssh, u_int rid,
1119 if (!ask_permission("Disable further multiplexing on shared " 1121 if (!ask_permission("Disable further multiplexing on shared "
1120 "connection to %s? ", host)) { 1122 "connection to %s? ", host)) {
1121 debug2("%s: stop listen refused by user", __func__); 1123 debug2("%s: stop listen refused by user", __func__);
1122 buffer_put_int(r, MUX_S_PERMISSION_DENIED); 1124 reply_error(reply, MUX_S_PERMISSION_DENIED, rid,
1123 buffer_put_int(r, rid); 1125 "Permission denied");
1124 buffer_put_cstring(r, "Permission denied");
1125 return 0; 1126 return 0;
1126 } 1127 }
1127 } 1128 }
@@ -1135,22 +1136,22 @@ process_mux_stop_listening(struct ssh *ssh, u_int rid,
1135 muxserver_sock = -1; 1136 muxserver_sock = -1;
1136 } 1137 }
1137 1138
1138 /* prepare reply */ 1139 reply_ok(reply, rid);
1139 buffer_put_int(r, MUX_S_OK);
1140 buffer_put_int(r, rid);
1141
1142 return 0; 1140 return 0;
1143} 1141}
1144 1142
1145static int 1143static int
1146process_mux_proxy(struct ssh *ssh, u_int rid, 1144process_mux_proxy(struct ssh *ssh, u_int rid,
1147 Channel *c, Buffer *m, Buffer *r) 1145 Channel *c, struct sshbuf *m, struct sshbuf *reply)
1148{ 1146{
1147 int r;
1148
1149 debug("%s: channel %d: proxy request", __func__, c->self); 1149 debug("%s: channel %d: proxy request", __func__, c->self);
1150 1150
1151 c->mux_rcb = channel_proxy_downstream; 1151 c->mux_rcb = channel_proxy_downstream;
1152 buffer_put_int(r, MUX_S_PROXY); 1152 if ((r = sshbuf_put_u32(reply, MUX_S_PROXY)) != 0 ||
1153 buffer_put_int(r, rid); 1153 (r = sshbuf_put_u32(reply, rid)) != 0)
1154 fatal("%s: reply: %s", __func__, ssh_err(r));
1154 1155
1155 return 0; 1156 return 0;
1156} 1157}
@@ -1160,10 +1161,12 @@ static int
1160mux_master_read_cb(struct ssh *ssh, Channel *c) 1161mux_master_read_cb(struct ssh *ssh, Channel *c)
1161{ 1162{
1162 struct mux_master_state *state = (struct mux_master_state *)c->mux_ctx; 1163 struct mux_master_state *state = (struct mux_master_state *)c->mux_ctx;
1163 Buffer in, out; 1164 struct sshbuf *in = NULL, *out = NULL;
1164 const u_char *ptr; 1165 u_int type, rid, i;
1165 u_int type, rid, have, i; 1166 int r, ret = -1;
1166 int ret = -1; 1167
1168 if ((out = sshbuf_new()) == NULL)
1169 fatal("%s: sshbuf_new", __func__);
1167 1170
1168 /* Setup ctx and */ 1171 /* Setup ctx and */
1169 if (c->mux_ctx == NULL) { 1172 if (c->mux_ctx == NULL) {
@@ -1173,32 +1176,29 @@ mux_master_read_cb(struct ssh *ssh, Channel *c)
1173 mux_master_control_cleanup_cb, 0); 1176 mux_master_control_cleanup_cb, 0);
1174 1177
1175 /* Send hello */ 1178 /* Send hello */
1176 buffer_init(&out); 1179 if ((r = sshbuf_put_u32(out, MUX_MSG_HELLO)) != 0 ||
1177 buffer_put_int(&out, MUX_MSG_HELLO); 1180 (r = sshbuf_put_u32(out, SSHMUX_VER)) != 0)
1178 buffer_put_int(&out, SSHMUX_VER); 1181 fatal("%s: reply: %s", __func__, ssh_err(r));
1179 /* no extensions */ 1182 /* no extensions */
1180 buffer_put_string(c->output, buffer_ptr(&out), 1183 if ((r = sshbuf_put_stringb(c->output, out)) != 0)
1181 buffer_len(&out)); 1184 fatal("%s: sshbuf_put_stringb: %s",
1182 buffer_free(&out); 1185 __func__, ssh_err(r));
1183 debug3("%s: channel %d: hello sent", __func__, c->self); 1186 debug3("%s: channel %d: hello sent", __func__, c->self);
1184 return 0; 1187 ret = 0;
1188 goto out;
1185 } 1189 }
1186 1190
1187 buffer_init(&in);
1188 buffer_init(&out);
1189
1190 /* Channel code ensures that we receive whole packets */ 1191 /* Channel code ensures that we receive whole packets */
1191 if ((ptr = buffer_get_string_ptr_ret(c->input, &have)) == NULL) { 1192 if ((r = sshbuf_froms(c->input, &in)) != 0) {
1192 malf: 1193 malf:
1193 error("%s: malformed message", __func__); 1194 error("%s: malformed message", __func__);
1194 goto out; 1195 goto out;
1195 } 1196 }
1196 buffer_append(&in, ptr, have);
1197 1197
1198 if (buffer_get_int_ret(&type, &in) != 0) 1198 if ((r = sshbuf_get_u32(in, &type)) != 0)
1199 goto malf; 1199 goto malf;
1200 debug3("%s: channel %d packet type 0x%08x len %u", 1200 debug3("%s: channel %d packet type 0x%08x len %zu",
1201 __func__, c->self, type, buffer_len(&in)); 1201 __func__, c->self, type, sshbuf_len(in));
1202 1202
1203 if (type == MUX_MSG_HELLO) 1203 if (type == MUX_MSG_HELLO)
1204 rid = 0; 1204 rid = 0;
@@ -1208,40 +1208,40 @@ mux_master_read_cb(struct ssh *ssh, Channel *c)
1208 "received 0x%08x", __func__, MUX_MSG_HELLO, type); 1208 "received 0x%08x", __func__, MUX_MSG_HELLO, type);
1209 goto out; 1209 goto out;
1210 } 1210 }
1211 if (buffer_get_int_ret(&rid, &in) != 0) 1211 if ((r = sshbuf_get_u32(in, &rid)) != 0)
1212 goto malf; 1212 goto malf;
1213 } 1213 }
1214 1214
1215 for (i = 0; mux_master_handlers[i].handler != NULL; i++) { 1215 for (i = 0; mux_master_handlers[i].handler != NULL; i++) {
1216 if (type == mux_master_handlers[i].type) { 1216 if (type == mux_master_handlers[i].type) {
1217 ret = mux_master_handlers[i].handler(ssh, rid, 1217 ret = mux_master_handlers[i].handler(ssh, rid,
1218 c, &in, &out); 1218 c, in, out);
1219 break; 1219 break;
1220 } 1220 }
1221 } 1221 }
1222 if (mux_master_handlers[i].handler == NULL) { 1222 if (mux_master_handlers[i].handler == NULL) {
1223 error("%s: unsupported mux message 0x%08x", __func__, type); 1223 error("%s: unsupported mux message 0x%08x", __func__, type);
1224 buffer_put_int(&out, MUX_S_FAILURE); 1224 reply_error(out, MUX_S_FAILURE, rid, "unsupported request");
1225 buffer_put_int(&out, rid);
1226 buffer_put_cstring(&out, "unsupported request");
1227 ret = 0; 1225 ret = 0;
1228 } 1226 }
1229 /* Enqueue reply packet */ 1227 /* Enqueue reply packet */
1230 if (buffer_len(&out) != 0) { 1228 if (sshbuf_len(out) != 0) {
1231 buffer_put_string(c->output, buffer_ptr(&out), 1229 if ((r = sshbuf_put_stringb(c->output, out)) != 0)
1232 buffer_len(&out)); 1230 fatal("%s: sshbuf_put_stringb: %s",
1231 __func__, ssh_err(r));
1233 } 1232 }
1234 out: 1233 out:
1235 buffer_free(&in); 1234 sshbuf_free(in);
1236 buffer_free(&out); 1235 sshbuf_free(out);
1237 return ret; 1236 return ret;
1238} 1237}
1239 1238
1240void 1239void
1241mux_exit_message(struct ssh *ssh, Channel *c, int exitval) 1240mux_exit_message(struct ssh *ssh, Channel *c, int exitval)
1242{ 1241{
1243 Buffer m; 1242 struct sshbuf *m;
1244 Channel *mux_chan; 1243 Channel *mux_chan;
1244 int r;
1245 1245
1246 debug3("%s: channel %d: exit message, exitval %d", __func__, c->self, 1246 debug3("%s: channel %d: exit message, exitval %d", __func__, c->self,
1247 exitval); 1247 exitval);
@@ -1251,20 +1251,22 @@ mux_exit_message(struct ssh *ssh, Channel *c, int exitval)
1251 __func__, c->self, c->ctl_chan); 1251 __func__, c->self, c->ctl_chan);
1252 1252
1253 /* Append exit message packet to control socket output queue */ 1253 /* Append exit message packet to control socket output queue */
1254 buffer_init(&m); 1254 if ((m = sshbuf_new()) == NULL)
1255 buffer_put_int(&m, MUX_S_EXIT_MESSAGE); 1255 fatal("%s: sshbuf_new", __func__);
1256 buffer_put_int(&m, c->self); 1256 if ((r = sshbuf_put_u32(m, MUX_S_EXIT_MESSAGE)) != 0 ||
1257 buffer_put_int(&m, exitval); 1257 (r = sshbuf_put_u32(m, c->self)) != 0 ||
1258 1258 (r = sshbuf_put_u32(m, exitval)) != 0 ||
1259 buffer_put_string(mux_chan->output, buffer_ptr(&m), buffer_len(&m)); 1259 (r = sshbuf_put_stringb(mux_chan->output, m)) != 0)
1260 buffer_free(&m); 1260 fatal("%s: reply: %s", __func__, ssh_err(r));
1261 sshbuf_free(m);
1261} 1262}
1262 1263
1263void 1264void
1264mux_tty_alloc_failed(struct ssh *ssh, Channel *c) 1265mux_tty_alloc_failed(struct ssh *ssh, Channel *c)
1265{ 1266{
1266 Buffer m; 1267 struct sshbuf *m;
1267 Channel *mux_chan; 1268 Channel *mux_chan;
1269 int r;
1268 1270
1269 debug3("%s: channel %d: TTY alloc failed", __func__, c->self); 1271 debug3("%s: channel %d: TTY alloc failed", __func__, c->self);
1270 1272
@@ -1273,12 +1275,13 @@ mux_tty_alloc_failed(struct ssh *ssh, Channel *c)
1273 __func__, c->self, c->ctl_chan); 1275 __func__, c->self, c->ctl_chan);
1274 1276
1275 /* Append exit message packet to control socket output queue */ 1277 /* Append exit message packet to control socket output queue */
1276 buffer_init(&m); 1278 if ((m = sshbuf_new()) == NULL)
1277 buffer_put_int(&m, MUX_S_TTY_ALLOC_FAIL); 1279 fatal("%s: sshbuf_new", __func__);
1278 buffer_put_int(&m, c->self); 1280 if ((r = sshbuf_put_u32(m, MUX_S_TTY_ALLOC_FAIL)) != 0 ||
1279 1281 (r = sshbuf_put_u32(m, c->self)) != 0 ||
1280 buffer_put_string(mux_chan->output, buffer_ptr(&m), buffer_len(&m)); 1282 (r = sshbuf_put_stringb(mux_chan->output, m)) != 0)
1281 buffer_free(&m); 1283 fatal("%s: reply: %s", __func__, ssh_err(r));
1284 sshbuf_free(m);
1282} 1285}
1283 1286
1284/* Prepare a mux master to listen on a Unix domain socket. */ 1287/* Prepare a mux master to listen on a Unix domain socket. */
@@ -1372,8 +1375,8 @@ mux_session_confirm(struct ssh *ssh, int id, int success, void *arg)
1372 struct mux_session_confirm_ctx *cctx = arg; 1375 struct mux_session_confirm_ctx *cctx = arg;
1373 const char *display; 1376 const char *display;
1374 Channel *c, *cc; 1377 Channel *c, *cc;
1375 int i; 1378 int i, r;
1376 Buffer reply; 1379 struct sshbuf *reply;
1377 1380
1378 if (cctx == NULL) 1381 if (cctx == NULL)
1379 fatal("%s: cctx == NULL", __func__); 1382 fatal("%s: cctx == NULL", __func__);
@@ -1382,14 +1385,13 @@ mux_session_confirm(struct ssh *ssh, int id, int success, void *arg)
1382 if ((cc = channel_by_id(ssh, c->ctl_chan)) == NULL) 1385 if ((cc = channel_by_id(ssh, c->ctl_chan)) == NULL)
1383 fatal("%s: channel %d lacks control channel %d", __func__, 1386 fatal("%s: channel %d lacks control channel %d", __func__,
1384 id, c->ctl_chan); 1387 id, c->ctl_chan);
1388 if ((reply = sshbuf_new()) == NULL)
1389 fatal("%s: sshbuf_new", __func__);
1385 1390
1386 if (!success) { 1391 if (!success) {
1387 debug3("%s: sending failure reply", __func__); 1392 debug3("%s: sending failure reply", __func__);
1388 /* prepare reply */ 1393 reply_error(reply, MUX_S_FAILURE, cctx->rid,
1389 buffer_init(&reply); 1394 "Session open refused by peer");
1390 buffer_put_int(&reply, MUX_S_FAILURE);
1391 buffer_put_int(&reply, cctx->rid);
1392 buffer_put_cstring(&reply, "Session open refused by peer");
1393 goto done; 1395 goto done;
1394 } 1396 }
1395 1397
@@ -1419,25 +1421,26 @@ mux_session_confirm(struct ssh *ssh, int id, int success, void *arg)
1419 } 1421 }
1420 1422
1421 client_session2_setup(ssh, id, cctx->want_tty, cctx->want_subsys, 1423 client_session2_setup(ssh, id, cctx->want_tty, cctx->want_subsys,
1422 cctx->term, &cctx->tio, c->rfd, &cctx->cmd, cctx->env); 1424 cctx->term, &cctx->tio, c->rfd, cctx->cmd, cctx->env);
1423 1425
1424 debug3("%s: sending success reply", __func__); 1426 debug3("%s: sending success reply", __func__);
1425 /* prepare reply */ 1427 /* prepare reply */
1426 buffer_init(&reply); 1428 if ((r = sshbuf_put_u32(reply, MUX_S_SESSION_OPENED)) != 0 ||
1427 buffer_put_int(&reply, MUX_S_SESSION_OPENED); 1429 (r = sshbuf_put_u32(reply, cctx->rid)) != 0 ||
1428 buffer_put_int(&reply, cctx->rid); 1430 (r = sshbuf_put_u32(reply, c->self)) != 0)
1429 buffer_put_int(&reply, c->self); 1431 fatal("%s: reply: %s", __func__, ssh_err(r));
1430 1432
1431 done: 1433 done:
1432 /* Send reply */ 1434 /* Send reply */
1433 buffer_put_string(cc->output, buffer_ptr(&reply), buffer_len(&reply)); 1435 if ((r = sshbuf_put_stringb(cc->output, reply)) != 0)
1434 buffer_free(&reply); 1436 fatal("%s: sshbuf_put_stringb: %s", __func__, ssh_err(r));
1437 sshbuf_free(reply);
1435 1438
1436 if (cc->mux_pause <= 0) 1439 if (cc->mux_pause <= 0)
1437 fatal("%s: mux_pause %d", __func__, cc->mux_pause); 1440 fatal("%s: mux_pause %d", __func__, cc->mux_pause);
1438 cc->mux_pause = 0; /* start processing messages again */ 1441 cc->mux_pause = 0; /* start processing messages again */
1439 c->open_confirm_ctx = NULL; 1442 c->open_confirm_ctx = NULL;
1440 buffer_free(&cctx->cmd); 1443 sshbuf_free(cctx->cmd);
1441 free(cctx->term); 1444 free(cctx->term);
1442 if (cctx->env != NULL) { 1445 if (cctx->env != NULL) {
1443 for (i = 0; cctx->env[i] != NULL; i++) 1446 for (i = 0; cctx->env[i] != NULL; i++)
@@ -1472,16 +1475,18 @@ control_client_sigrelay(int signo)
1472} 1475}
1473 1476
1474static int 1477static int
1475mux_client_read(int fd, Buffer *b, u_int need) 1478mux_client_read(int fd, struct sshbuf *b, size_t need)
1476{ 1479{
1477 u_int have; 1480 size_t have;
1478 ssize_t len; 1481 ssize_t len;
1479 u_char *p; 1482 u_char *p;
1480 struct pollfd pfd; 1483 struct pollfd pfd;
1484 int r;
1481 1485
1482 pfd.fd = fd; 1486 pfd.fd = fd;
1483 pfd.events = POLLIN; 1487 pfd.events = POLLIN;
1484 p = buffer_append_space(b, need); 1488 if ((r = sshbuf_reserve(b, need, &p)) != 0)
1489 fatal("%s: reserve: %s", __func__, ssh_err(r));
1485 for (have = 0; have < need; ) { 1490 for (have = 0; have < need; ) {
1486 if (muxclient_terminate) { 1491 if (muxclient_terminate) {
1487 errno = EINTR; 1492 errno = EINTR;
@@ -1506,31 +1511,33 @@ mux_client_read(int fd, Buffer *b, u_int need)
1506 errno = EPIPE; 1511 errno = EPIPE;
1507 return -1; 1512 return -1;
1508 } 1513 }
1509 have += (u_int)len; 1514 have += (size_t)len;
1510 } 1515 }
1511 return 0; 1516 return 0;
1512} 1517}
1513 1518
1514static int 1519static int
1515mux_client_write_packet(int fd, Buffer *m) 1520mux_client_write_packet(int fd, struct sshbuf *m)
1516{ 1521{
1517 Buffer queue; 1522 struct sshbuf *queue;
1518 u_int have, need; 1523 u_int have, need;
1519 int oerrno, len; 1524 int r, oerrno, len;
1520 u_char *ptr; 1525 const u_char *ptr;
1521 struct pollfd pfd; 1526 struct pollfd pfd;
1522 1527
1523 pfd.fd = fd; 1528 pfd.fd = fd;
1524 pfd.events = POLLOUT; 1529 pfd.events = POLLOUT;
1525 buffer_init(&queue); 1530 if ((queue = sshbuf_new()) == NULL)
1526 buffer_put_string(&queue, buffer_ptr(m), buffer_len(m)); 1531 fatal("%s: sshbuf_new", __func__);
1532 if ((r = sshbuf_put_stringb(queue, m)) != 0)
1533 fatal("%s: sshbuf_put_stringb: %s", __func__, ssh_err(r));
1527 1534
1528 need = buffer_len(&queue); 1535 need = sshbuf_len(queue);
1529 ptr = buffer_ptr(&queue); 1536 ptr = sshbuf_ptr(queue);
1530 1537
1531 for (have = 0; have < need; ) { 1538 for (have = 0; have < need; ) {
1532 if (muxclient_terminate) { 1539 if (muxclient_terminate) {
1533 buffer_free(&queue); 1540 sshbuf_free(queue);
1534 errno = EINTR; 1541 errno = EINTR;
1535 return -1; 1542 return -1;
1536 } 1543 }
@@ -1547,85 +1554,91 @@ mux_client_write_packet(int fd, Buffer *m)
1547 continue; 1554 continue;
1548 default: 1555 default:
1549 oerrno = errno; 1556 oerrno = errno;
1550 buffer_free(&queue); 1557 sshbuf_free(queue);
1551 errno = oerrno; 1558 errno = oerrno;
1552 return -1; 1559 return -1;
1553 } 1560 }
1554 } 1561 }
1555 if (len == 0) { 1562 if (len == 0) {
1556 buffer_free(&queue); 1563 sshbuf_free(queue);
1557 errno = EPIPE; 1564 errno = EPIPE;
1558 return -1; 1565 return -1;
1559 } 1566 }
1560 have += (u_int)len; 1567 have += (u_int)len;
1561 } 1568 }
1562 buffer_free(&queue); 1569 sshbuf_free(queue);
1563 return 0; 1570 return 0;
1564} 1571}
1565 1572
1566static int 1573static int
1567mux_client_read_packet(int fd, Buffer *m) 1574mux_client_read_packet(int fd, struct sshbuf *m)
1568{ 1575{
1569 Buffer queue; 1576 struct sshbuf *queue;
1570 u_int need, have; 1577 size_t need, have;
1571 const u_char *ptr; 1578 const u_char *ptr;
1572 int oerrno; 1579 int r, oerrno;
1573 1580
1574 buffer_init(&queue); 1581 if ((queue = sshbuf_new()) == NULL)
1575 if (mux_client_read(fd, &queue, 4) != 0) { 1582 fatal("%s: sshbuf_new", __func__);
1583 if (mux_client_read(fd, queue, 4) != 0) {
1576 if ((oerrno = errno) == EPIPE) 1584 if ((oerrno = errno) == EPIPE)
1577 debug3("%s: read header failed: %s", __func__, 1585 debug3("%s: read header failed: %s", __func__,
1578 strerror(errno)); 1586 strerror(errno));
1579 buffer_free(&queue); 1587 sshbuf_free(queue);
1580 errno = oerrno; 1588 errno = oerrno;
1581 return -1; 1589 return -1;
1582 } 1590 }
1583 need = get_u32(buffer_ptr(&queue)); 1591 need = PEEK_U32(sshbuf_ptr(queue));
1584 if (mux_client_read(fd, &queue, need) != 0) { 1592 if (mux_client_read(fd, queue, need) != 0) {
1585 oerrno = errno; 1593 oerrno = errno;
1586 debug3("%s: read body failed: %s", __func__, strerror(errno)); 1594 debug3("%s: read body failed: %s", __func__, strerror(errno));
1587 buffer_free(&queue); 1595 sshbuf_free(queue);
1588 errno = oerrno; 1596 errno = oerrno;
1589 return -1; 1597 return -1;
1590 } 1598 }
1591 ptr = buffer_get_string_ptr(&queue, &have); 1599 if ((r = sshbuf_get_string_direct(queue, &ptr, &have)) != 0 ||
1592 buffer_append(m, ptr, have); 1600 (r = sshbuf_put(m, ptr, have)) != 0)
1593 buffer_free(&queue); 1601 fatal("%s: buffer error: %s", __func__, ssh_err(r));
1602 sshbuf_free(queue);
1594 return 0; 1603 return 0;
1595} 1604}
1596 1605
1597static int 1606static int
1598mux_client_hello_exchange(int fd) 1607mux_client_hello_exchange(int fd)
1599{ 1608{
1600 Buffer m; 1609 struct sshbuf *m;
1601 u_int type, ver; 1610 u_int type, ver;
1602 int ret = -1; 1611 int r, ret = -1;
1603 1612
1604 buffer_init(&m); 1613 if ((m = sshbuf_new()) == NULL)
1605 buffer_put_int(&m, MUX_MSG_HELLO); 1614 fatal("%s: sshbuf_new", __func__);
1606 buffer_put_int(&m, SSHMUX_VER); 1615 if ((r = sshbuf_put_u32(m, MUX_MSG_HELLO)) != 0 ||
1616 (r = sshbuf_put_u32(m, SSHMUX_VER)) != 0)
1617 fatal("%s: hello: %s", __func__, ssh_err(r));
1607 /* no extensions */ 1618 /* no extensions */
1608 1619
1609 if (mux_client_write_packet(fd, &m) != 0) { 1620 if (mux_client_write_packet(fd, m) != 0) {
1610 debug("%s: write packet: %s", __func__, strerror(errno)); 1621 debug("%s: write packet: %s", __func__, strerror(errno));
1611 goto out; 1622 goto out;
1612 } 1623 }
1613 1624
1614 buffer_clear(&m); 1625 sshbuf_reset(m);
1615 1626
1616 /* Read their HELLO */ 1627 /* Read their HELLO */
1617 if (mux_client_read_packet(fd, &m) != 0) { 1628 if (mux_client_read_packet(fd, m) != 0) {
1618 debug("%s: read packet failed", __func__); 1629 debug("%s: read packet failed", __func__);
1619 goto out; 1630 goto out;
1620 } 1631 }
1621 1632
1622 type = buffer_get_int(&m); 1633 if ((r = sshbuf_get_u32(m, &type)) != 0)
1634 fatal("%s: decode type: %s", __func__, ssh_err(r));
1623 if (type != MUX_MSG_HELLO) { 1635 if (type != MUX_MSG_HELLO) {
1624 error("%s: expected HELLO (%u) received %u", 1636 error("%s: expected HELLO (%u) received %u",
1625 __func__, MUX_MSG_HELLO, type); 1637 __func__, MUX_MSG_HELLO, type);
1626 goto out; 1638 goto out;
1627 } 1639 }
1628 ver = buffer_get_int(&m); 1640 if ((r = sshbuf_get_u32(m, &ver)) != 0)
1641 fatal("%s: decode version: %s", __func__, ssh_err(r));
1629 if (ver != SSHMUX_VER) { 1642 if (ver != SSHMUX_VER) {
1630 error("Unsupported multiplexing protocol version %d " 1643 error("Unsupported multiplexing protocol version %d "
1631 "(expected %d)", ver, SSHMUX_VER); 1644 "(expected %d)", ver, SSHMUX_VER);
@@ -1633,56 +1646,68 @@ mux_client_hello_exchange(int fd)
1633 } 1646 }
1634 debug2("%s: master version %u", __func__, ver); 1647 debug2("%s: master version %u", __func__, ver);
1635 /* No extensions are presently defined */ 1648 /* No extensions are presently defined */
1636 while (buffer_len(&m) > 0) { 1649 while (sshbuf_len(m) > 0) {
1637 char *name = buffer_get_string(&m, NULL); 1650 char *name = NULL;
1638 char *value = buffer_get_string(&m, NULL);
1639 1651
1652 if ((r = sshbuf_get_cstring(m, &name, NULL)) != 0 ||
1653 (r = sshbuf_skip_string(m)) != 0) { /* value */
1654 error("%s: malformed extension: %s",
1655 __func__, ssh_err(r));
1656 goto out;
1657 }
1640 debug2("Unrecognised master extension \"%s\"", name); 1658 debug2("Unrecognised master extension \"%s\"", name);
1641 free(name); 1659 free(name);
1642 free(value);
1643 } 1660 }
1644 /* success */ 1661 /* success */
1645 ret = 0; 1662 ret = 0;
1646 out: 1663 out:
1647 buffer_free(&m); 1664 sshbuf_free(m);
1648 return ret; 1665 return ret;
1649} 1666}
1650 1667
1651static u_int 1668static u_int
1652mux_client_request_alive(int fd) 1669mux_client_request_alive(int fd)
1653{ 1670{
1654 Buffer m; 1671 struct sshbuf *m;
1655 char *e; 1672 char *e;
1656 u_int pid, type, rid; 1673 u_int pid, type, rid;
1674 int r;
1657 1675
1658 debug3("%s: entering", __func__); 1676 debug3("%s: entering", __func__);
1659 1677
1660 buffer_init(&m); 1678 if ((m = sshbuf_new()) == NULL)
1661 buffer_put_int(&m, MUX_C_ALIVE_CHECK); 1679 fatal("%s: sshbuf_new", __func__);
1662 buffer_put_int(&m, muxclient_request_id); 1680 if ((r = sshbuf_put_u32(m, MUX_C_ALIVE_CHECK)) != 0 ||
1681 (r = sshbuf_put_u32(m, muxclient_request_id)) != 0)
1682 fatal("%s: request: %s", __func__, ssh_err(r));
1663 1683
1664 if (mux_client_write_packet(fd, &m) != 0) 1684 if (mux_client_write_packet(fd, m) != 0)
1665 fatal("%s: write packet: %s", __func__, strerror(errno)); 1685 fatal("%s: write packet: %s", __func__, strerror(errno));
1666 1686
1667 buffer_clear(&m); 1687 sshbuf_reset(m);
1668 1688
1669 /* Read their reply */ 1689 /* Read their reply */
1670 if (mux_client_read_packet(fd, &m) != 0) { 1690 if (mux_client_read_packet(fd, m) != 0) {
1671 buffer_free(&m); 1691 sshbuf_free(m);
1672 return 0; 1692 return 0;
1673 } 1693 }
1674 1694
1675 type = buffer_get_int(&m); 1695 if ((r = sshbuf_get_u32(m, &type)) != 0)
1696 fatal("%s: decode type: %s", __func__, ssh_err(r));
1676 if (type != MUX_S_ALIVE) { 1697 if (type != MUX_S_ALIVE) {
1677 e = buffer_get_string(&m, NULL); 1698 if ((r = sshbuf_get_cstring(m, &e, NULL)) != 0)
1699 fatal("%s: decode error: %s", __func__, ssh_err(r));
1678 fatal("%s: master returned error: %s", __func__, e); 1700 fatal("%s: master returned error: %s", __func__, e);
1679 } 1701 }
1680 1702
1681 if ((rid = buffer_get_int(&m)) != muxclient_request_id) 1703 if ((r = sshbuf_get_u32(m, &rid)) != 0)
1704 fatal("%s: decode remote ID: %s", __func__, ssh_err(r));
1705 if (rid != muxclient_request_id)
1682 fatal("%s: out of sequence reply: my id %u theirs %u", 1706 fatal("%s: out of sequence reply: my id %u theirs %u",
1683 __func__, muxclient_request_id, rid); 1707 __func__, muxclient_request_id, rid);
1684 pid = buffer_get_int(&m); 1708 if ((r = sshbuf_get_u32(m, &pid)) != 0)
1685 buffer_free(&m); 1709 fatal("%s: decode PID: %s", __func__, ssh_err(r));
1710 sshbuf_free(m);
1686 1711
1687 debug3("%s: done pid = %u", __func__, pid); 1712 debug3("%s: done pid = %u", __func__, pid);
1688 1713
@@ -1694,107 +1719,128 @@ mux_client_request_alive(int fd)
1694static void 1719static void
1695mux_client_request_terminate(int fd) 1720mux_client_request_terminate(int fd)
1696{ 1721{
1697 Buffer m; 1722 struct sshbuf *m;
1698 char *e; 1723 char *e;
1699 u_int type, rid; 1724 u_int type, rid;
1725 int r;
1700 1726
1701 debug3("%s: entering", __func__); 1727 debug3("%s: entering", __func__);
1702 1728
1703 buffer_init(&m); 1729 if ((m = sshbuf_new()) == NULL)
1704 buffer_put_int(&m, MUX_C_TERMINATE); 1730 fatal("%s: sshbuf_new", __func__);
1705 buffer_put_int(&m, muxclient_request_id); 1731 if ((r = sshbuf_put_u32(m, MUX_C_TERMINATE)) != 0 ||
1732 (r = sshbuf_put_u32(m, muxclient_request_id)) != 0)
1733 fatal("%s: request: %s", __func__, ssh_err(r));
1706 1734
1707 if (mux_client_write_packet(fd, &m) != 0) 1735 if (mux_client_write_packet(fd, m) != 0)
1708 fatal("%s: write packet: %s", __func__, strerror(errno)); 1736 fatal("%s: write packet: %s", __func__, strerror(errno));
1709 1737
1710 buffer_clear(&m); 1738 sshbuf_reset(m);
1711 1739
1712 /* Read their reply */ 1740 /* Read their reply */
1713 if (mux_client_read_packet(fd, &m) != 0) { 1741 if (mux_client_read_packet(fd, m) != 0) {
1714 /* Remote end exited already */ 1742 /* Remote end exited already */
1715 if (errno == EPIPE) { 1743 if (errno == EPIPE) {
1716 buffer_free(&m); 1744 sshbuf_free(m);
1717 return; 1745 return;
1718 } 1746 }
1719 fatal("%s: read from master failed: %s", 1747 fatal("%s: read from master failed: %s",
1720 __func__, strerror(errno)); 1748 __func__, strerror(errno));
1721 } 1749 }
1722 1750
1723 type = buffer_get_int(&m); 1751 if ((r = sshbuf_get_u32(m, &type)) != 0 ||
1724 if ((rid = buffer_get_int(&m)) != muxclient_request_id) 1752 (r = sshbuf_get_u32(m, &rid)) != 0)
1753 fatal("%s: decode: %s", __func__, ssh_err(r));
1754 if (rid != muxclient_request_id)
1725 fatal("%s: out of sequence reply: my id %u theirs %u", 1755 fatal("%s: out of sequence reply: my id %u theirs %u",
1726 __func__, muxclient_request_id, rid); 1756 __func__, muxclient_request_id, rid);
1727 switch (type) { 1757 switch (type) {
1728 case MUX_S_OK: 1758 case MUX_S_OK:
1729 break; 1759 break;
1730 case MUX_S_PERMISSION_DENIED: 1760 case MUX_S_PERMISSION_DENIED:
1731 e = buffer_get_string(&m, NULL); 1761 if ((r = sshbuf_get_cstring(m, &e, NULL)) != 0)
1762 fatal("%s: decode error: %s", __func__, ssh_err(r));
1732 fatal("Master refused termination request: %s", e); 1763 fatal("Master refused termination request: %s", e);
1733 case MUX_S_FAILURE: 1764 case MUX_S_FAILURE:
1734 e = buffer_get_string(&m, NULL); 1765 if ((r = sshbuf_get_cstring(m, &e, NULL)) != 0)
1766 fatal("%s: decode error: %s", __func__, ssh_err(r));
1735 fatal("%s: termination request failed: %s", __func__, e); 1767 fatal("%s: termination request failed: %s", __func__, e);
1736 default: 1768 default:
1737 fatal("%s: unexpected response from master 0x%08x", 1769 fatal("%s: unexpected response from master 0x%08x",
1738 __func__, type); 1770 __func__, type);
1739 } 1771 }
1740 buffer_free(&m); 1772 sshbuf_free(m);
1741 muxclient_request_id++; 1773 muxclient_request_id++;
1742} 1774}
1743 1775
1744static int 1776static int
1745mux_client_forward(int fd, int cancel_flag, u_int ftype, struct Forward *fwd) 1777mux_client_forward(int fd, int cancel_flag, u_int ftype, struct Forward *fwd)
1746{ 1778{
1747 Buffer m; 1779 struct sshbuf *m;
1748 char *e, *fwd_desc; 1780 char *e, *fwd_desc;
1781 const char *lhost, *chost;
1749 u_int type, rid; 1782 u_int type, rid;
1783 int r;
1750 1784
1751 fwd_desc = format_forward(ftype, fwd); 1785 fwd_desc = format_forward(ftype, fwd);
1752 debug("Requesting %s %s", 1786 debug("Requesting %s %s",
1753 cancel_flag ? "cancellation of" : "forwarding of", fwd_desc); 1787 cancel_flag ? "cancellation of" : "forwarding of", fwd_desc);
1754 free(fwd_desc); 1788 free(fwd_desc);
1755 1789
1756 buffer_init(&m); 1790 type = cancel_flag ? MUX_C_CLOSE_FWD : MUX_C_OPEN_FWD;
1757 buffer_put_int(&m, cancel_flag ? MUX_C_CLOSE_FWD : MUX_C_OPEN_FWD); 1791 if (fwd->listen_path != NULL)
1758 buffer_put_int(&m, muxclient_request_id); 1792 lhost = fwd->listen_path;
1759 buffer_put_int(&m, ftype); 1793 else if (fwd->listen_host == NULL)
1760 if (fwd->listen_path != NULL) { 1794 lhost = "";
1761 buffer_put_cstring(&m, fwd->listen_path); 1795 else if (*fwd->listen_host == '\0')
1762 } else { 1796 lhost = "*";
1763 buffer_put_cstring(&m, 1797 else
1764 fwd->listen_host == NULL ? "" : 1798 lhost = fwd->listen_host;
1765 (*fwd->listen_host == '\0' ? "*" : fwd->listen_host));
1766 }
1767 buffer_put_int(&m, fwd->listen_port);
1768 if (fwd->connect_path != NULL) {
1769 buffer_put_cstring(&m, fwd->connect_path);
1770 } else {
1771 buffer_put_cstring(&m,
1772 fwd->connect_host == NULL ? "" : fwd->connect_host);
1773 }
1774 buffer_put_int(&m, fwd->connect_port);
1775 1799
1776 if (mux_client_write_packet(fd, &m) != 0) 1800 if (fwd->connect_path != NULL)
1801 chost = fwd->connect_path;
1802 else if (fwd->connect_host == NULL)
1803 chost = "";
1804 else
1805 chost = fwd->connect_host;
1806
1807 if ((m = sshbuf_new()) == NULL)
1808 fatal("%s: sshbuf_new", __func__);
1809 if ((r = sshbuf_put_u32(m, type)) != 0 ||
1810 (r = sshbuf_put_u32(m, muxclient_request_id)) != 0 ||
1811 (r = sshbuf_put_u32(m, ftype)) != 0 ||
1812 (r = sshbuf_put_cstring(m, lhost)) != 0 ||
1813 (r = sshbuf_put_u32(m, fwd->listen_port)) != 0 ||
1814 (r = sshbuf_put_cstring(m, chost)) != 0 ||
1815 (r = sshbuf_put_u32(m, fwd->connect_port)) != 0)
1816 fatal("%s: request: %s", __func__, ssh_err(r));
1817
1818 if (mux_client_write_packet(fd, m) != 0)
1777 fatal("%s: write packet: %s", __func__, strerror(errno)); 1819 fatal("%s: write packet: %s", __func__, strerror(errno));
1778 1820
1779 buffer_clear(&m); 1821 sshbuf_reset(m);
1780 1822
1781 /* Read their reply */ 1823 /* Read their reply */
1782 if (mux_client_read_packet(fd, &m) != 0) { 1824 if (mux_client_read_packet(fd, m) != 0) {
1783 buffer_free(&m); 1825 sshbuf_free(m);
1784 return -1; 1826 return -1;
1785 } 1827 }
1786 1828
1787 type = buffer_get_int(&m); 1829 if ((r = sshbuf_get_u32(m, &type)) != 0 ||
1788 if ((rid = buffer_get_int(&m)) != muxclient_request_id) 1830 (r = sshbuf_get_u32(m, &rid)) != 0)
1831 fatal("%s: decode: %s", __func__, ssh_err(r));
1832 if (rid != muxclient_request_id)
1789 fatal("%s: out of sequence reply: my id %u theirs %u", 1833 fatal("%s: out of sequence reply: my id %u theirs %u",
1790 __func__, muxclient_request_id, rid); 1834 __func__, muxclient_request_id, rid);
1835
1791 switch (type) { 1836 switch (type) {
1792 case MUX_S_OK: 1837 case MUX_S_OK:
1793 break; 1838 break;
1794 case MUX_S_REMOTE_PORT: 1839 case MUX_S_REMOTE_PORT:
1795 if (cancel_flag) 1840 if (cancel_flag)
1796 fatal("%s: got MUX_S_REMOTE_PORT for cancel", __func__); 1841 fatal("%s: got MUX_S_REMOTE_PORT for cancel", __func__);
1797 fwd->allocated_port = buffer_get_int(&m); 1842 if ((r = sshbuf_get_u32(m, &fwd->allocated_port)) != 0)
1843 fatal("%s: decode port: %s", __func__, ssh_err(r));
1798 verbose("Allocated port %u for remote forward to %s:%d", 1844 verbose("Allocated port %u for remote forward to %s:%d",
1799 fwd->allocated_port, 1845 fwd->allocated_port,
1800 fwd->connect_host ? fwd->connect_host : "", 1846 fwd->connect_host ? fwd->connect_host : "",
@@ -1803,20 +1849,22 @@ mux_client_forward(int fd, int cancel_flag, u_int ftype, struct Forward *fwd)
1803 fprintf(stdout, "%i\n", fwd->allocated_port); 1849 fprintf(stdout, "%i\n", fwd->allocated_port);
1804 break; 1850 break;
1805 case MUX_S_PERMISSION_DENIED: 1851 case MUX_S_PERMISSION_DENIED:
1806 e = buffer_get_string(&m, NULL); 1852 if ((r = sshbuf_get_cstring(m, &e, NULL)) != 0)
1807 buffer_free(&m); 1853 fatal("%s: decode error: %s", __func__, ssh_err(r));
1854 sshbuf_free(m);
1808 error("Master refused forwarding request: %s", e); 1855 error("Master refused forwarding request: %s", e);
1809 return -1; 1856 return -1;
1810 case MUX_S_FAILURE: 1857 case MUX_S_FAILURE:
1811 e = buffer_get_string(&m, NULL); 1858 if ((r = sshbuf_get_cstring(m, &e, NULL)) != 0)
1812 buffer_free(&m); 1859 fatal("%s: decode error: %s", __func__, ssh_err(r));
1860 sshbuf_free(m);
1813 error("%s: forwarding request failed: %s", __func__, e); 1861 error("%s: forwarding request failed: %s", __func__, e);
1814 return -1; 1862 return -1;
1815 default: 1863 default:
1816 fatal("%s: unexpected response from master 0x%08x", 1864 fatal("%s: unexpected response from master 0x%08x",
1817 __func__, type); 1865 __func__, type);
1818 } 1866 }
1819 buffer_free(&m); 1867 sshbuf_free(m);
1820 1868
1821 muxclient_request_id++; 1869 muxclient_request_id++;
1822 return 0; 1870 return 0;
@@ -1850,11 +1898,12 @@ mux_client_forwards(int fd, int cancel_flag)
1850static int 1898static int
1851mux_client_request_session(int fd) 1899mux_client_request_session(int fd)
1852{ 1900{
1853 Buffer m; 1901 struct sshbuf *m;
1854 char *e, *term; 1902 char *e;
1855 u_int i, rid, sid, esid, exitval, type, exitval_seen; 1903 const char *term;
1904 u_int echar, rid, sid, esid, exitval, type, exitval_seen;
1856 extern char **environ; 1905 extern char **environ;
1857 int devnull, rawmode; 1906 int r, i, devnull, rawmode;
1858 1907
1859 debug3("%s: entering", __func__); 1908 debug3("%s: entering", __func__);
1860 1909
@@ -1874,31 +1923,41 @@ mux_client_request_session(int fd)
1874 close(devnull); 1923 close(devnull);
1875 } 1924 }
1876 1925
1877 term = getenv("TERM"); 1926 if ((term = getenv("TERM")) == NULL)
1878 1927 term = "";
1879 buffer_init(&m); 1928 echar = 0xffffffff;
1880 buffer_put_int(&m, MUX_C_NEW_SESSION); 1929 if (options.escape_char != SSH_ESCAPECHAR_NONE)
1881 buffer_put_int(&m, muxclient_request_id); 1930 echar = (u_int)options.escape_char;
1882 buffer_put_cstring(&m, ""); /* reserved */ 1931
1883 buffer_put_int(&m, tty_flag); 1932 if ((m = sshbuf_new()) == NULL)
1884 buffer_put_int(&m, options.forward_x11); 1933 fatal("%s: sshbuf_new", __func__);
1885 buffer_put_int(&m, options.forward_agent); 1934 if ((r = sshbuf_put_u32(m, MUX_C_NEW_SESSION)) != 0 ||
1886 buffer_put_int(&m, subsystem_flag); 1935 (r = sshbuf_put_u32(m, muxclient_request_id)) != 0 ||
1887 buffer_put_int(&m, options.escape_char == SSH_ESCAPECHAR_NONE ? 1936 (r = sshbuf_put_string(m, NULL, 0)) != 0 || /* reserved */
1888 0xffffffff : (u_int)options.escape_char); 1937 (r = sshbuf_put_u32(m, tty_flag)) != 0 ||
1889 buffer_put_cstring(&m, term == NULL ? "" : term); 1938 (r = sshbuf_put_u32(m, options.forward_x11)) != 0 ||
1890 buffer_put_string(&m, buffer_ptr(&command), buffer_len(&command)); 1939 (r = sshbuf_put_u32(m, options.forward_agent)) != 0 ||
1891 1940 (r = sshbuf_put_u32(m, subsystem_flag)) != 0 ||
1941 (r = sshbuf_put_u32(m, echar)) != 0 ||
1942 (r = sshbuf_put_cstring(m, term)) != 0 ||
1943 (r = sshbuf_put_stringb(m, command)) != 0)
1944 fatal("%s: request: %s", __func__, ssh_err(r));
1945
1946 /* Pass environment */
1892 if (options.num_send_env > 0 && environ != NULL) { 1947 if (options.num_send_env > 0 && environ != NULL) {
1893 /* Pass environment */
1894 for (i = 0; environ[i] != NULL; i++) { 1948 for (i = 0; environ[i] != NULL; i++) {
1895 if (env_permitted(environ[i])) { 1949 if (!env_permitted(environ[i]))
1896 buffer_put_cstring(&m, environ[i]); 1950 continue;
1897 } 1951 if ((r = sshbuf_put_cstring(m, environ[i])) != 0)
1952 fatal("%s: request: %s", __func__, ssh_err(r));
1898 } 1953 }
1899 } 1954 }
1955 for (i = 0; i < options.num_setenv; i++) {
1956 if ((r = sshbuf_put_cstring(m, options.setenv[i])) != 0)
1957 fatal("%s: request: %s", __func__, ssh_err(r));
1958 }
1900 1959
1901 if (mux_client_write_packet(fd, &m) != 0) 1960 if (mux_client_write_packet(fd, m) != 0)
1902 fatal("%s: write packet: %s", __func__, strerror(errno)); 1961 fatal("%s: write packet: %s", __func__, strerror(errno));
1903 1962
1904 /* Send the stdio file descriptors */ 1963 /* Send the stdio file descriptors */
@@ -1910,35 +1969,40 @@ mux_client_request_session(int fd)
1910 debug3("%s: session request sent", __func__); 1969 debug3("%s: session request sent", __func__);
1911 1970
1912 /* Read their reply */ 1971 /* Read their reply */
1913 buffer_clear(&m); 1972 sshbuf_reset(m);
1914 if (mux_client_read_packet(fd, &m) != 0) { 1973 if (mux_client_read_packet(fd, m) != 0) {
1915 error("%s: read from master failed: %s", 1974 error("%s: read from master failed: %s",
1916 __func__, strerror(errno)); 1975 __func__, strerror(errno));
1917 buffer_free(&m); 1976 sshbuf_free(m);
1918 return -1; 1977 return -1;
1919 } 1978 }
1920 1979
1921 type = buffer_get_int(&m); 1980 if ((r = sshbuf_get_u32(m, &type)) != 0 ||
1922 if ((rid = buffer_get_int(&m)) != muxclient_request_id) 1981 (r = sshbuf_get_u32(m, &rid)) != 0)
1982 fatal("%s: decode: %s", __func__, ssh_err(r));
1983 if (rid != muxclient_request_id)
1923 fatal("%s: out of sequence reply: my id %u theirs %u", 1984 fatal("%s: out of sequence reply: my id %u theirs %u",
1924 __func__, muxclient_request_id, rid); 1985 __func__, muxclient_request_id, rid);
1986
1925 switch (type) { 1987 switch (type) {
1926 case MUX_S_SESSION_OPENED: 1988 case MUX_S_SESSION_OPENED:
1927 sid = buffer_get_int(&m); 1989 if ((r = sshbuf_get_u32(m, &sid)) != 0)
1928 debug("%s: master session id: %u", __func__, sid); 1990 fatal("%s: decode ID: %s", __func__, ssh_err(r));
1929 break; 1991 break;
1930 case MUX_S_PERMISSION_DENIED: 1992 case MUX_S_PERMISSION_DENIED:
1931 e = buffer_get_string(&m, NULL); 1993 if ((r = sshbuf_get_cstring(m, &e, NULL)) != 0)
1932 buffer_free(&m); 1994 fatal("%s: decode error: %s", __func__, ssh_err(r));
1933 error("Master refused session request: %s", e); 1995 error("Master refused session request: %s", e);
1996 sshbuf_free(m);
1934 return -1; 1997 return -1;
1935 case MUX_S_FAILURE: 1998 case MUX_S_FAILURE:
1936 e = buffer_get_string(&m, NULL); 1999 if ((r = sshbuf_get_cstring(m, &e, NULL)) != 0)
1937 buffer_free(&m); 2000 fatal("%s: decode error: %s", __func__, ssh_err(r));
1938 error("%s: session request failed: %s", __func__, e); 2001 error("%s: session request failed: %s", __func__, e);
2002 sshbuf_free(m);
1939 return -1; 2003 return -1;
1940 default: 2004 default:
1941 buffer_free(&m); 2005 sshbuf_free(m);
1942 error("%s: unexpected response from master 0x%08x", 2006 error("%s: unexpected response from master 0x%08x",
1943 __func__, type); 2007 __func__, type);
1944 return -1; 2008 return -1;
@@ -1966,13 +2030,17 @@ mux_client_request_session(int fd)
1966 * terminate early too (possibly losing data). 2030 * terminate early too (possibly losing data).
1967 */ 2031 */
1968 for (exitval = 255, exitval_seen = 0;;) { 2032 for (exitval = 255, exitval_seen = 0;;) {
1969 buffer_clear(&m); 2033 sshbuf_reset(m);
1970 if (mux_client_read_packet(fd, &m) != 0) 2034 if (mux_client_read_packet(fd, m) != 0)
1971 break; 2035 break;
1972 type = buffer_get_int(&m); 2036 if ((r = sshbuf_get_u32(m, &type)) != 0)
2037 fatal("%s: decode type: %s", __func__, ssh_err(r));
1973 switch (type) { 2038 switch (type) {
1974 case MUX_S_TTY_ALLOC_FAIL: 2039 case MUX_S_TTY_ALLOC_FAIL:
1975 if ((esid = buffer_get_int(&m)) != sid) 2040 if ((r = sshbuf_get_u32(m, &esid)) != 0)
2041 fatal("%s: decode ID: %s",
2042 __func__, ssh_err(r));
2043 if (esid != sid)
1976 fatal("%s: tty alloc fail on unknown session: " 2044 fatal("%s: tty alloc fail on unknown session: "
1977 "my id %u theirs %u", 2045 "my id %u theirs %u",
1978 __func__, sid, esid); 2046 __func__, sid, esid);
@@ -1981,17 +2049,24 @@ mux_client_request_session(int fd)
1981 rawmode = 0; 2049 rawmode = 0;
1982 continue; 2050 continue;
1983 case MUX_S_EXIT_MESSAGE: 2051 case MUX_S_EXIT_MESSAGE:
1984 if ((esid = buffer_get_int(&m)) != sid) 2052 if ((r = sshbuf_get_u32(m, &esid)) != 0)
2053 fatal("%s: decode ID: %s",
2054 __func__, ssh_err(r));
2055 if (esid != sid)
1985 fatal("%s: exit on unknown session: " 2056 fatal("%s: exit on unknown session: "
1986 "my id %u theirs %u", 2057 "my id %u theirs %u",
1987 __func__, sid, esid); 2058 __func__, sid, esid);
1988 if (exitval_seen) 2059 if (exitval_seen)
1989 fatal("%s: exitval sent twice", __func__); 2060 fatal("%s: exitval sent twice", __func__);
1990 exitval = buffer_get_int(&m); 2061 if ((r = sshbuf_get_u32(m, &exitval)) != 0)
2062 fatal("%s: decode exit value: %s",
2063 __func__, ssh_err(r));
1991 exitval_seen = 1; 2064 exitval_seen = 1;
1992 continue; 2065 continue;
1993 default: 2066 default:
1994 e = buffer_get_string(&m, NULL); 2067 if ((r = sshbuf_get_cstring(m, &e, NULL)) != 0)
2068 fatal("%s: decode error: %s",
2069 __func__, ssh_err(r));
1995 fatal("%s: master returned error: %s", __func__, e); 2070 fatal("%s: master returned error: %s", __func__, e);
1996 } 2071 }
1997 } 2072 }
@@ -2018,32 +2093,38 @@ mux_client_request_session(int fd)
2018static int 2093static int
2019mux_client_proxy(int fd) 2094mux_client_proxy(int fd)
2020{ 2095{
2021 Buffer m; 2096 struct sshbuf *m;
2022 char *e; 2097 char *e;
2023 u_int type, rid; 2098 u_int type, rid;
2024 2099 int r;
2025 buffer_init(&m); 2100
2026 buffer_put_int(&m, MUX_C_PROXY); 2101 if ((m = sshbuf_new()) == NULL)
2027 buffer_put_int(&m, muxclient_request_id); 2102 fatal("%s: sshbuf_new", __func__);
2028 if (mux_client_write_packet(fd, &m) != 0) 2103 if ((r = sshbuf_put_u32(m, MUX_C_PROXY)) != 0 ||
2104 (r = sshbuf_put_u32(m, muxclient_request_id)) != 0)
2105 fatal("%s: request: %s", __func__, ssh_err(r));
2106 if (mux_client_write_packet(fd, m) != 0)
2029 fatal("%s: write packet: %s", __func__, strerror(errno)); 2107 fatal("%s: write packet: %s", __func__, strerror(errno));
2030 2108
2031 buffer_clear(&m); 2109 sshbuf_reset(m);
2032 2110
2033 /* Read their reply */ 2111 /* Read their reply */
2034 if (mux_client_read_packet(fd, &m) != 0) { 2112 if (mux_client_read_packet(fd, m) != 0) {
2035 buffer_free(&m); 2113 sshbuf_free(m);
2036 return 0; 2114 return 0;
2037 } 2115 }
2038 type = buffer_get_int(&m); 2116 if ((r = sshbuf_get_u32(m, &type)) != 0 ||
2117 (r = sshbuf_get_u32(m, &rid)) != 0)
2118 fatal("%s: decode: %s", __func__, ssh_err(r));
2119 if (rid != muxclient_request_id)
2120 fatal("%s: out of sequence reply: my id %u theirs %u",
2121 __func__, muxclient_request_id, rid);
2039 if (type != MUX_S_PROXY) { 2122 if (type != MUX_S_PROXY) {
2040 e = buffer_get_string(&m, NULL); 2123 if ((r = sshbuf_get_cstring(m, &e, NULL)) != 0)
2124 fatal("%s: decode error: %s", __func__, ssh_err(r));
2041 fatal("%s: master returned error: %s", __func__, e); 2125 fatal("%s: master returned error: %s", __func__, e);
2042 } 2126 }
2043 if ((rid = buffer_get_int(&m)) != muxclient_request_id) 2127 sshbuf_free(m);
2044 fatal("%s: out of sequence reply: my id %u theirs %u",
2045 __func__, muxclient_request_id, rid);
2046 buffer_free(&m);
2047 2128
2048 debug3("%s: done", __func__); 2129 debug3("%s: done", __func__);
2049 muxclient_request_id++; 2130 muxclient_request_id++;
@@ -2053,10 +2134,10 @@ mux_client_proxy(int fd)
2053static int 2134static int
2054mux_client_request_stdio_fwd(int fd) 2135mux_client_request_stdio_fwd(int fd)
2055{ 2136{
2056 Buffer m; 2137 struct sshbuf *m;
2057 char *e; 2138 char *e;
2058 u_int type, rid, sid; 2139 u_int type, rid, sid;
2059 int devnull; 2140 int r, devnull;
2060 2141
2061 debug3("%s: entering", __func__); 2142 debug3("%s: entering", __func__);
2062 2143
@@ -2076,14 +2157,16 @@ mux_client_request_stdio_fwd(int fd)
2076 close(devnull); 2157 close(devnull);
2077 } 2158 }
2078 2159
2079 buffer_init(&m); 2160 if ((m = sshbuf_new()) == NULL)
2080 buffer_put_int(&m, MUX_C_NEW_STDIO_FWD); 2161 fatal("%s: sshbuf_new", __func__);
2081 buffer_put_int(&m, muxclient_request_id); 2162 if ((r = sshbuf_put_u32(m, MUX_C_NEW_STDIO_FWD)) != 0 ||
2082 buffer_put_cstring(&m, ""); /* reserved */ 2163 (r = sshbuf_put_u32(m, muxclient_request_id)) != 0 ||
2083 buffer_put_cstring(&m, options.stdio_forward_host); 2164 (r = sshbuf_put_string(m, NULL, 0)) != 0 || /* reserved */
2084 buffer_put_int(&m, options.stdio_forward_port); 2165 (r = sshbuf_put_cstring(m, options.stdio_forward_host)) != 0 ||
2166 (r = sshbuf_put_u32(m, options.stdio_forward_port)) != 0)
2167 fatal("%s: request: %s", __func__, ssh_err(r));
2085 2168
2086 if (mux_client_write_packet(fd, &m) != 0) 2169 if (mux_client_write_packet(fd, m) != 0)
2087 fatal("%s: write packet: %s", __func__, strerror(errno)); 2170 fatal("%s: write packet: %s", __func__, strerror(errno));
2088 2171
2089 /* Send the stdio file descriptors */ 2172 /* Send the stdio file descriptors */
@@ -2098,34 +2181,39 @@ mux_client_request_stdio_fwd(int fd)
2098 debug3("%s: stdio forward request sent", __func__); 2181 debug3("%s: stdio forward request sent", __func__);
2099 2182
2100 /* Read their reply */ 2183 /* Read their reply */
2101 buffer_clear(&m); 2184 sshbuf_reset(m);
2102 2185
2103 if (mux_client_read_packet(fd, &m) != 0) { 2186 if (mux_client_read_packet(fd, m) != 0) {
2104 error("%s: read from master failed: %s", 2187 error("%s: read from master failed: %s",
2105 __func__, strerror(errno)); 2188 __func__, strerror(errno));
2106 buffer_free(&m); 2189 sshbuf_free(m);
2107 return -1; 2190 return -1;
2108 } 2191 }
2109 2192
2110 type = buffer_get_int(&m); 2193 if ((r = sshbuf_get_u32(m, &type)) != 0 ||
2111 if ((rid = buffer_get_int(&m)) != muxclient_request_id) 2194 (r = sshbuf_get_u32(m, &rid)) != 0)
2195 fatal("%s: decode: %s", __func__, ssh_err(r));
2196 if (rid != muxclient_request_id)
2112 fatal("%s: out of sequence reply: my id %u theirs %u", 2197 fatal("%s: out of sequence reply: my id %u theirs %u",
2113 __func__, muxclient_request_id, rid); 2198 __func__, muxclient_request_id, rid);
2114 switch (type) { 2199 switch (type) {
2115 case MUX_S_SESSION_OPENED: 2200 case MUX_S_SESSION_OPENED:
2116 sid = buffer_get_int(&m); 2201 if ((r = sshbuf_get_u32(m, &sid)) != 0)
2202 fatal("%s: decode ID: %s", __func__, ssh_err(r));
2117 debug("%s: master session id: %u", __func__, sid); 2203 debug("%s: master session id: %u", __func__, sid);
2118 break; 2204 break;
2119 case MUX_S_PERMISSION_DENIED: 2205 case MUX_S_PERMISSION_DENIED:
2120 e = buffer_get_string(&m, NULL); 2206 if ((r = sshbuf_get_cstring(m, &e, NULL)) != 0)
2121 buffer_free(&m); 2207 fatal("%s: decode error: %s", __func__, ssh_err(r));
2208 sshbuf_free(m);
2122 fatal("Master refused stdio forwarding request: %s", e); 2209 fatal("Master refused stdio forwarding request: %s", e);
2123 case MUX_S_FAILURE: 2210 case MUX_S_FAILURE:
2124 e = buffer_get_string(&m, NULL); 2211 if ((r = sshbuf_get_cstring(m, &e, NULL)) != 0)
2125 buffer_free(&m); 2212 fatal("%s: decode error: %s", __func__, ssh_err(r));
2213 sshbuf_free(m);
2126 fatal("Stdio forwarding request failed: %s", e); 2214 fatal("Stdio forwarding request failed: %s", e);
2127 default: 2215 default:
2128 buffer_free(&m); 2216 sshbuf_free(m);
2129 error("%s: unexpected response from master 0x%08x", 2217 error("%s: unexpected response from master 0x%08x",
2130 __func__, type); 2218 __func__, type);
2131 return -1; 2219 return -1;
@@ -2140,8 +2228,8 @@ mux_client_request_stdio_fwd(int fd)
2140 /* 2228 /*
2141 * Stick around until the controlee closes the client_fd. 2229 * Stick around until the controlee closes the client_fd.
2142 */ 2230 */
2143 buffer_clear(&m); 2231 sshbuf_reset(m);
2144 if (mux_client_read_packet(fd, &m) != 0) { 2232 if (mux_client_read_packet(fd, m) != 0) {
2145 if (errno == EPIPE || 2233 if (errno == EPIPE ||
2146 (errno == EINTR && muxclient_terminate != 0)) 2234 (errno == EINTR && muxclient_terminate != 0))
2147 return 0; 2235 return 0;
@@ -2154,44 +2242,52 @@ mux_client_request_stdio_fwd(int fd)
2154static void 2242static void
2155mux_client_request_stop_listening(int fd) 2243mux_client_request_stop_listening(int fd)
2156{ 2244{
2157 Buffer m; 2245 struct sshbuf *m;
2158 char *e; 2246 char *e;
2159 u_int type, rid; 2247 u_int type, rid;
2248 int r;
2160 2249
2161 debug3("%s: entering", __func__); 2250 debug3("%s: entering", __func__);
2162 2251
2163 buffer_init(&m); 2252 if ((m = sshbuf_new()) == NULL)
2164 buffer_put_int(&m, MUX_C_STOP_LISTENING); 2253 fatal("%s: sshbuf_new", __func__);
2165 buffer_put_int(&m, muxclient_request_id); 2254 if ((r = sshbuf_put_u32(m, MUX_C_STOP_LISTENING)) != 0 ||
2255 (r = sshbuf_put_u32(m, muxclient_request_id)) != 0)
2256 fatal("%s: request: %s", __func__, ssh_err(r));
2166 2257
2167 if (mux_client_write_packet(fd, &m) != 0) 2258 if (mux_client_write_packet(fd, m) != 0)
2168 fatal("%s: write packet: %s", __func__, strerror(errno)); 2259 fatal("%s: write packet: %s", __func__, strerror(errno));
2169 2260
2170 buffer_clear(&m); 2261 sshbuf_reset(m);
2171 2262
2172 /* Read their reply */ 2263 /* Read their reply */
2173 if (mux_client_read_packet(fd, &m) != 0) 2264 if (mux_client_read_packet(fd, m) != 0)
2174 fatal("%s: read from master failed: %s", 2265 fatal("%s: read from master failed: %s",
2175 __func__, strerror(errno)); 2266 __func__, strerror(errno));
2176 2267
2177 type = buffer_get_int(&m); 2268 if ((r = sshbuf_get_u32(m, &type)) != 0 ||
2178 if ((rid = buffer_get_int(&m)) != muxclient_request_id) 2269 (r = sshbuf_get_u32(m, &rid)) != 0)
2270 fatal("%s: decode: %s", __func__, ssh_err(r));
2271 if (rid != muxclient_request_id)
2179 fatal("%s: out of sequence reply: my id %u theirs %u", 2272 fatal("%s: out of sequence reply: my id %u theirs %u",
2180 __func__, muxclient_request_id, rid); 2273 __func__, muxclient_request_id, rid);
2274
2181 switch (type) { 2275 switch (type) {
2182 case MUX_S_OK: 2276 case MUX_S_OK:
2183 break; 2277 break;
2184 case MUX_S_PERMISSION_DENIED: 2278 case MUX_S_PERMISSION_DENIED:
2185 e = buffer_get_string(&m, NULL); 2279 if ((r = sshbuf_get_cstring(m, &e, NULL)) != 0)
2280 fatal("%s: decode error: %s", __func__, ssh_err(r));
2186 fatal("Master refused stop listening request: %s", e); 2281 fatal("Master refused stop listening request: %s", e);
2187 case MUX_S_FAILURE: 2282 case MUX_S_FAILURE:
2188 e = buffer_get_string(&m, NULL); 2283 if ((r = sshbuf_get_cstring(m, &e, NULL)) != 0)
2284 fatal("%s: decode error: %s", __func__, ssh_err(r));
2189 fatal("%s: stop listening request failed: %s", __func__, e); 2285 fatal("%s: stop listening request failed: %s", __func__, e);
2190 default: 2286 default:
2191 fatal("%s: unexpected response from master 0x%08x", 2287 fatal("%s: unexpected response from master 0x%08x",
2192 __func__, type); 2288 __func__, type);
2193 } 2289 }
2194 buffer_free(&m); 2290 sshbuf_free(m);
2195 muxclient_request_id++; 2291 muxclient_request_id++;
2196} 2292}
2197 2293
diff --git a/myproposal.h b/myproposal.h
index c255147aa..08782dd30 100644
--- a/myproposal.h
+++ b/myproposal.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: myproposal.h,v 1.55 2017/05/07 23:13:42 djm Exp $ */ 1/* $OpenBSD: myproposal.h,v 1.56 2018/07/03 11:39:54 djm Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2000 Markus Friedl. All rights reserved. 4 * Copyright (c) 2000 Markus Friedl. All rights reserved.
@@ -107,6 +107,8 @@
107#define KEX_DEFAULT_PK_ALG \ 107#define KEX_DEFAULT_PK_ALG \
108 HOSTKEY_ECDSA_CERT_METHODS \ 108 HOSTKEY_ECDSA_CERT_METHODS \
109 "ssh-ed25519-cert-v01@openssh.com," \ 109 "ssh-ed25519-cert-v01@openssh.com," \
110 "rsa-sha2-512-cert-v01@openssh.com," \
111 "rsa-sha2-256-cert-v01@openssh.com," \
110 "ssh-rsa-cert-v01@openssh.com," \ 112 "ssh-rsa-cert-v01@openssh.com," \
111 HOSTKEY_ECDSA_METHODS \ 113 HOSTKEY_ECDSA_METHODS \
112 "ssh-ed25519," \ 114 "ssh-ed25519," \
diff --git a/opacket.c b/opacket.c
index fca48e5f5..e637d7a71 100644
--- a/opacket.c
+++ b/opacket.c
@@ -3,6 +3,8 @@
3 3
4#include "includes.h" 4#include "includes.h"
5 5
6#include <stdarg.h>
7
6#include "ssherr.h" 8#include "ssherr.h"
7#include "packet.h" 9#include "packet.h"
8#include "log.h" 10#include "log.h"
diff --git a/opacket.h b/opacket.h
index b2c2e7f6a..f92fe586e 100644
--- a/opacket.h
+++ b/opacket.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: opacket.h,v 1.12 2017/10/20 01:56:39 djm Exp $ */ 1/* $OpenBSD: opacket.h,v 1.13 2018/07/06 09:03:02 sf Exp $ */
2#ifndef _OPACKET_H 2#ifndef _OPACKET_H
3/* Written by Markus Friedl. Placed in the public domain. */ 3/* Written by Markus Friedl. Placed in the public domain. */
4 4
@@ -59,8 +59,6 @@ void packet_read_expect(int expected_type);
59 ssh_packet_set_protocol_flags(active_state, (protocol_flags)) 59 ssh_packet_set_protocol_flags(active_state, (protocol_flags))
60#define packet_get_protocol_flags() \ 60#define packet_get_protocol_flags() \
61 ssh_packet_get_protocol_flags(active_state) 61 ssh_packet_get_protocol_flags(active_state)
62#define packet_start_compression(level) \
63 ssh_packet_start_compression(active_state, (level))
64#define packet_start(type) \ 62#define packet_start(type) \
65 ssh_packet_start(active_state, (type)) 63 ssh_packet_start(active_state, (type))
66#define packet_put_char(value) \ 64#define packet_put_char(value) \
diff --git a/openbsd-compat/Makefile.in b/openbsd-compat/Makefile.in
index 8e3b42991..2fd9b952b 100644
--- a/openbsd-compat/Makefile.in
+++ b/openbsd-compat/Makefile.in
@@ -68,6 +68,7 @@ COMPAT= arc4random.o \
68 bsd-cygwin_util.o \ 68 bsd-cygwin_util.o \
69 bsd-err.o \ 69 bsd-err.o \
70 bsd-flock.o \ 70 bsd-flock.o \
71 bsd-getline.o \
71 bsd-getpagesize.o \ 72 bsd-getpagesize.o \
72 bsd-getpeereid.o \ 73 bsd-getpeereid.o \
73 bsd-malloc.o \ 74 bsd-malloc.o \
diff --git a/openbsd-compat/arc4random.c b/openbsd-compat/arc4random.c
index b6256b4f8..578f69f4f 100644
--- a/openbsd-compat/arc4random.c
+++ b/openbsd-compat/arc4random.c
@@ -33,6 +33,10 @@
33#include <string.h> 33#include <string.h>
34#include <unistd.h> 34#include <unistd.h>
35 35
36#ifdef HAVE_SYS_RANDOM_H
37# include <sys/random.h>
38#endif
39
36#ifndef HAVE_ARC4RANDOM 40#ifndef HAVE_ARC4RANDOM
37 41
38#ifdef WITH_OPENSSL 42#ifdef WITH_OPENSSL
@@ -78,8 +82,9 @@ _rs_init(u_char *buf, size_t n)
78} 82}
79 83
80#ifndef WITH_OPENSSL 84#ifndef WITH_OPENSSL
81#define SSH_RANDOM_DEV "/dev/urandom" 85# ifndef SSH_RANDOM_DEV
82/* XXX use getrandom() if supported on Linux */ 86# define SSH_RANDOM_DEV "/dev/urandom"
87# endif /* SSH_RANDOM_DEV */
83static void 88static void
84getrnd(u_char *s, size_t len) 89getrnd(u_char *s, size_t len)
85{ 90{
@@ -87,6 +92,11 @@ getrnd(u_char *s, size_t len)
87 ssize_t r; 92 ssize_t r;
88 size_t o = 0; 93 size_t o = 0;
89 94
95#ifdef HAVE_GETRANDOM
96 if ((r = getrandom(s, len, 0)) > 0 && (size_t)r == len)
97 return;
98#endif /* HAVE_GETRANDOM */
99
90 if ((fd = open(SSH_RANDOM_DEV, O_RDONLY)) == -1) 100 if ((fd = open(SSH_RANDOM_DEV, O_RDONLY)) == -1)
91 fatal("Couldn't open %s: %s", SSH_RANDOM_DEV, strerror(errno)); 101 fatal("Couldn't open %s: %s", SSH_RANDOM_DEV, strerror(errno));
92 while (o < len) { 102 while (o < len) {
@@ -101,7 +111,7 @@ getrnd(u_char *s, size_t len)
101 } 111 }
102 close(fd); 112 close(fd);
103} 113}
104#endif 114#endif /* WITH_OPENSSL */
105 115
106static void 116static void
107_rs_stir(void) 117_rs_stir(void)
diff --git a/openbsd-compat/bcrypt_pbkdf.c b/openbsd-compat/bcrypt_pbkdf.c
index 0a07f9a0f..785234563 100644
--- a/openbsd-compat/bcrypt_pbkdf.c
+++ b/openbsd-compat/bcrypt_pbkdf.c
@@ -46,7 +46,7 @@
46 * function with the following modifications: 46 * function with the following modifications:
47 * 1. The input password and salt are preprocessed with SHA512. 47 * 1. The input password and salt are preprocessed with SHA512.
48 * 2. The output length is expanded to 256 bits. 48 * 2. The output length is expanded to 256 bits.
49 * 3. Subsequently the magic string to be encrypted is lengthened and modifed 49 * 3. Subsequently the magic string to be encrypted is lengthened and modified
50 * to "OxychromaticBlowfishSwatDynamite" 50 * to "OxychromaticBlowfishSwatDynamite"
51 * 4. The hash function is defined to perform 64 rounds of initial state 51 * 4. The hash function is defined to perform 64 rounds of initial state
52 * expansion. (More rounds are performed by iterating the hash.) 52 * expansion. (More rounds are performed by iterating the hash.)
diff --git a/openbsd-compat/bsd-closefrom.c b/openbsd-compat/bsd-closefrom.c
index 9380b33a7..b56476a2d 100644
--- a/openbsd-compat/bsd-closefrom.c
+++ b/openbsd-compat/bsd-closefrom.c
@@ -77,7 +77,7 @@ closefrom(int lowfd)
77 77
78 /* Check for a /proc/$$/fd directory. */ 78 /* Check for a /proc/$$/fd directory. */
79 len = snprintf(fdpath, sizeof(fdpath), "/proc/%ld/fd", (long)getpid()); 79 len = snprintf(fdpath, sizeof(fdpath), "/proc/%ld/fd", (long)getpid());
80 if (len > 0 && (size_t)len <= sizeof(fdpath) && (dirp = opendir(fdpath))) { 80 if (len > 0 && (size_t)len < sizeof(fdpath) && (dirp = opendir(fdpath))) {
81 while ((dent = readdir(dirp)) != NULL) { 81 while ((dent = readdir(dirp)) != NULL) {
82 fd = strtol(dent->d_name, &endp, 10); 82 fd = strtol(dent->d_name, &endp, 10);
83 if (dent->d_name != endp && *endp == '\0' && 83 if (dent->d_name != endp && *endp == '\0' &&
diff --git a/openbsd-compat/bsd-cygwin_util.c b/openbsd-compat/bsd-cygwin_util.c
index 398a5f617..fb49e30f5 100644
--- a/openbsd-compat/bsd-cygwin_util.c
+++ b/openbsd-compat/bsd-cygwin_util.c
@@ -36,6 +36,7 @@
36#include <fcntl.h> 36#include <fcntl.h>
37#include <string.h> 37#include <string.h>
38#include <unistd.h> 38#include <unistd.h>
39#include <stdarg.h>
39 40
40#include "xmalloc.h" 41#include "xmalloc.h"
41 42
diff --git a/openbsd-compat/bsd-cygwin_util.h b/openbsd-compat/bsd-cygwin_util.h
index 9cef694b9..202c055db 100644
--- a/openbsd-compat/bsd-cygwin_util.h
+++ b/openbsd-compat/bsd-cygwin_util.h
@@ -41,7 +41,7 @@ typedef void *HANDLE;
41#define UNLEN 256 41#define UNLEN 256
42 42
43/* Cygwin functions for which declarations are only available when including 43/* Cygwin functions for which declarations are only available when including
44 windows headers, so we have to define them here explicitely. */ 44 windows headers, so we have to define them here explicitly. */
45extern HANDLE cygwin_logon_user (const struct passwd *, const char *); 45extern HANDLE cygwin_logon_user (const struct passwd *, const char *);
46extern void cygwin_set_impersonation_token (const HANDLE); 46extern void cygwin_set_impersonation_token (const HANDLE);
47 47
diff --git a/openbsd-compat/bsd-getline.c b/openbsd-compat/bsd-getline.c
new file mode 100644
index 000000000..d676f4cef
--- /dev/null
+++ b/openbsd-compat/bsd-getline.c
@@ -0,0 +1,113 @@
1/* $NetBSD: getline.c,v 1.1.1.6 2015/01/02 20:34:27 christos Exp $ */
2
3/* NetBSD: getline.c,v 1.2 2014/09/16 17:23:50 christos Exp */
4
5/*-
6 * Copyright (c) 2011 The NetBSD Foundation, Inc.
7 * All rights reserved.
8 *
9 * This code is derived from software contributed to The NetBSD Foundation
10 * by Christos Zoulas.
11 *
12 * Redistribution and use in source and binary forms, with or without
13 * modification, are permitted provided that the following conditions
14 * are met:
15 * 1. Redistributions of source code must retain the above copyright
16 * notice, this list of conditions and the following disclaimer.
17 * 2. Redistributions in binary form must reproduce the above copyright
18 * notice, this list of conditions and the following disclaimer in the
19 * documentation and/or other materials provided with the distribution.
20 *
21 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
22 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
23 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
24 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
25 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
26 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
27 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
28 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
29 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
30 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
31 * POSSIBILITY OF SUCH DAMAGE.
32 */
33
34/* NETBSD ORIGINAL: external/bsd/file/dist/src/getline.c */
35
36#include "includes.h"
37
38#if 0
39#include "file.h"
40#endif
41
42#if !HAVE_GETLINE
43#include <stdlib.h>
44#include <stdio.h>
45#include <unistd.h>
46#include <errno.h>
47#include <string.h>
48
49static ssize_t
50getdelim(char **buf, size_t *bufsiz, int delimiter, FILE *fp)
51{
52 char *ptr, *eptr;
53
54
55 if (*buf == NULL || *bufsiz == 0) {
56 if ((*buf = malloc(BUFSIZ)) == NULL)
57 return -1;
58 *bufsiz = BUFSIZ;
59 }
60
61 for (ptr = *buf, eptr = *buf + *bufsiz;;) {
62 int c = fgetc(fp);
63 if (c == -1) {
64 if (feof(fp)) {
65 ssize_t diff = (ssize_t)(ptr - *buf);
66 if (diff != 0) {
67 *ptr = '\0';
68 return diff;
69 }
70 }
71 return -1;
72 }
73 *ptr++ = c;
74 if (c == delimiter) {
75 *ptr = '\0';
76 return ptr - *buf;
77 }
78 if (ptr + 2 >= eptr) {
79 char *nbuf;
80 size_t nbufsiz = *bufsiz * 2;
81 ssize_t d = ptr - *buf;
82 if ((nbuf = realloc(*buf, nbufsiz)) == NULL)
83 return -1;
84 *buf = nbuf;
85 *bufsiz = nbufsiz;
86 eptr = nbuf + nbufsiz;
87 ptr = nbuf + d;
88 }
89 }
90}
91
92ssize_t
93getline(char **buf, size_t *bufsiz, FILE *fp)
94{
95 return getdelim(buf, bufsiz, '\n', fp);
96}
97
98#endif
99
100#ifdef TEST
101int
102main(int argc, char *argv[])
103{
104 char *p = NULL;
105 ssize_t len;
106 size_t n = 0;
107
108 while ((len = getline(&p, &n, stdin)) != -1)
109 (void)printf("%" SIZE_T_FORMAT "d %s", len, p);
110 free(p);
111 return 0;
112}
113#endif
diff --git a/openbsd-compat/bsd-misc.c b/openbsd-compat/bsd-misc.c
index 3daf61071..b6893e171 100644
--- a/openbsd-compat/bsd-misc.c
+++ b/openbsd-compat/bsd-misc.c
@@ -28,6 +28,7 @@
28#include <string.h> 28#include <string.h>
29#include <signal.h> 29#include <signal.h>
30#include <stdlib.h> 30#include <stdlib.h>
31#include <stdio.h>
31#include <time.h> 32#include <time.h>
32#include <unistd.h> 33#include <unistd.h>
33 34
diff --git a/openbsd-compat/bsd-nextstep.h b/openbsd-compat/bsd-nextstep.h
index 610f9e381..4a45b15af 100644
--- a/openbsd-compat/bsd-nextstep.h
+++ b/openbsd-compat/bsd-nextstep.h
@@ -36,7 +36,7 @@
36/* NeXT's readdir() is BSD (struct direct) not POSIX (struct dirent) */ 36/* NeXT's readdir() is BSD (struct direct) not POSIX (struct dirent) */
37#define dirent direct 37#define dirent direct
38 38
39/* Swap out NeXT's BSD wait() for a more POSIX complient one */ 39/* Swap out NeXT's BSD wait() for a more POSIX compliant one */
40pid_t posix_wait(int *); 40pid_t posix_wait(int *);
41#define wait(a) posix_wait(a) 41#define wait(a) posix_wait(a)
42 42
diff --git a/openbsd-compat/bsd-snprintf.c b/openbsd-compat/bsd-snprintf.c
index d95b6a401..f27b9d808 100644
--- a/openbsd-compat/bsd-snprintf.c
+++ b/openbsd-compat/bsd-snprintf.c
@@ -30,7 +30,7 @@
30 * probably requires libm on most operating systems. Don't yet 30 * probably requires libm on most operating systems. Don't yet
31 * support the exponent (e,E) and sigfig (g,G). Also, fmtint() 31 * support the exponent (e,E) and sigfig (g,G). Also, fmtint()
32 * was pretty badly broken, it just wasn't being exercised in ways 32 * was pretty badly broken, it just wasn't being exercised in ways
33 * which showed it, so that's been fixed. Also, formated the code 33 * which showed it, so that's been fixed. Also, formatted the code
34 * to mutt conventions, and removed dead code left over from the 34 * to mutt conventions, and removed dead code left over from the
35 * original. Also, there is now a builtin-test, just compile with: 35 * original. Also, there is now a builtin-test, just compile with:
36 * gcc -DTEST_SNPRINTF -o snprintf snprintf.c -lm 36 * gcc -DTEST_SNPRINTF -o snprintf snprintf.c -lm
diff --git a/openbsd-compat/bsd-waitpid.h b/openbsd-compat/bsd-waitpid.h
index 5ce3ee4b5..b551268ab 100644
--- a/openbsd-compat/bsd-waitpid.h
+++ b/openbsd-compat/bsd-waitpid.h
@@ -27,7 +27,7 @@
27#define _BSD_WAITPID_H 27#define _BSD_WAITPID_H
28 28
29#ifndef HAVE_WAITPID 29#ifndef HAVE_WAITPID
30/* Clean out any potental issues */ 30/* Clean out any potential issues */
31#undef WIFEXITED 31#undef WIFEXITED
32#undef WIFSTOPPED 32#undef WIFSTOPPED
33#undef WIFSIGNALED 33#undef WIFSIGNALED
diff --git a/openbsd-compat/explicit_bzero.c b/openbsd-compat/explicit_bzero.c
index 53a003472..6ef9825a9 100644
--- a/openbsd-compat/explicit_bzero.c
+++ b/openbsd-compat/explicit_bzero.c
@@ -41,7 +41,7 @@ explicit_bzero(void *p, size_t n)
41 /* 41 /*
42 * clang -fsanitize=memory needs to intercept memset-like functions 42 * clang -fsanitize=memory needs to intercept memset-like functions
43 * to correctly detect memory initialisation. Make sure one is called 43 * to correctly detect memory initialisation. Make sure one is called
44 * directly since our indirection trick above sucessfully confuses it. 44 * directly since our indirection trick above successfully confuses it.
45 */ 45 */
46#if defined(__has_feature) 46#if defined(__has_feature)
47# if __has_feature(memory_sanitizer) 47# if __has_feature(memory_sanitizer)
diff --git a/openbsd-compat/fmt_scaled.c b/openbsd-compat/fmt_scaled.c
index 7c5193e26..2f76ef931 100644
--- a/openbsd-compat/fmt_scaled.c
+++ b/openbsd-compat/fmt_scaled.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: fmt_scaled.c,v 1.16 2017/03/16 02:40:46 dtucker Exp $ */ 1/* $OpenBSD: fmt_scaled.c,v 1.17 2018/05/14 04:39:04 djm Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2001, 2002, 2003 Ian F. Darwin. All rights reserved. 4 * Copyright (c) 2001, 2002, 2003 Ian F. Darwin. All rights reserved.
@@ -188,7 +188,7 @@ scan_scaled(char *scaled, long long *result)
188 /* scale whole part */ 188 /* scale whole part */
189 whole *= scale_fact; 189 whole *= scale_fact;
190 190
191 /* truncate fpart so it does't overflow. 191 /* truncate fpart so it doesn't overflow.
192 * then scale fractional part. 192 * then scale fractional part.
193 */ 193 */
194 while (fpart >= LLONG_MAX / scale_fact) { 194 while (fpart >= LLONG_MAX / scale_fact) {
@@ -246,12 +246,15 @@ fmt_scaled(long long number, char *result)
246 246
247 fract = (10 * fract + 512) / 1024; 247 fract = (10 * fract + 512) / 1024;
248 /* if the result would be >= 10, round main number */ 248 /* if the result would be >= 10, round main number */
249 if (fract == 10) { 249 if (fract >= 10) {
250 if (number >= 0) 250 if (number >= 0)
251 number++; 251 number++;
252 else 252 else
253 number--; 253 number--;
254 fract = 0; 254 fract = 0;
255 } else if (fract < 0) {
256 /* shouldn't happen */
257 fract = 0;
255 } 258 }
256 259
257 if (number == 0) 260 if (number == 0)
diff --git a/openbsd-compat/freezero.c b/openbsd-compat/freezero.c
index 90b9d3813..bad018ff0 100644
--- a/openbsd-compat/freezero.c
+++ b/openbsd-compat/freezero.c
@@ -16,6 +16,7 @@
16 16
17#include "includes.h" 17#include "includes.h"
18 18
19#include <stdlib.h>
19#include <string.h> 20#include <string.h>
20 21
21#ifndef HAVE_FREEZERO 22#ifndef HAVE_FREEZERO
diff --git a/openbsd-compat/openbsd-compat.h b/openbsd-compat/openbsd-compat.h
index b48fb9342..f5c833bf2 100644
--- a/openbsd-compat/openbsd-compat.h
+++ b/openbsd-compat/openbsd-compat.h
@@ -60,6 +60,10 @@ int bindresvport_sa(int sd, struct sockaddr *sa);
60void closefrom(int); 60void closefrom(int);
61#endif 61#endif
62 62
63#ifndef HAVE_GETLINE
64ssize_t getline(char **, size_t *, FILE *);
65#endif
66
63#ifndef HAVE_GETPAGESIZE 67#ifndef HAVE_GETPAGESIZE
64int getpagesize(void); 68int getpagesize(void);
65#endif 69#endif
diff --git a/openbsd-compat/port-aix.c b/openbsd-compat/port-aix.c
index 79c868966..943177c70 100644
--- a/openbsd-compat/port-aix.c
+++ b/openbsd-compat/port-aix.c
@@ -27,8 +27,9 @@
27#include "includes.h" 27#include "includes.h"
28 28
29#include "xmalloc.h" 29#include "xmalloc.h"
30#include "buffer.h" 30#include "sshbuf.h"
31#include "key.h" 31#include "ssherr.h"
32#include "sshkey.h"
32#include "hostfile.h" 33#include "hostfile.h"
33#include "auth.h" 34#include "auth.h"
34#include "ssh.h" 35#include "ssh.h"
@@ -176,7 +177,7 @@ sys_auth_passwd(struct ssh *ssh, const char *password)
176{ 177{
177 Authctxt *ctxt = ssh->authctxt; 178 Authctxt *ctxt = ssh->authctxt;
178 char *authmsg = NULL, *msg = NULL, *name = ctxt->pw->pw_name; 179 char *authmsg = NULL, *msg = NULL, *name = ctxt->pw->pw_name;
179 int authsuccess = 0, expired, reenter, result; 180 int r, authsuccess = 0, expired, reenter, result;
180 181
181 do { 182 do {
182 result = authenticate((char *)name, (char *)password, &reenter, 183 result = authenticate((char *)name, (char *)password, &reenter,
@@ -203,7 +204,10 @@ sys_auth_passwd(struct ssh *ssh, const char *password)
203 */ 204 */
204 expired = passwdexpired(name, &msg); 205 expired = passwdexpired(name, &msg);
205 if (msg && *msg) { 206 if (msg && *msg) {
206 buffer_append(ctxt->loginmsg, msg, strlen(msg)); 207 if ((r = sshbuf_put(ctxt->loginmsg,
208 msg, strlen(msg))) != 0)
209 fatal("%s: buffer error: %s",
210 __func__, ssh_err(r));
207 aix_remove_embedded_newlines(msg); 211 aix_remove_embedded_newlines(msg);
208 } 212 }
209 debug3("AIX/passwdexpired returned %d msg %.100s", expired, msg); 213 debug3("AIX/passwdexpired returned %d msg %.100s", expired, msg);
@@ -234,10 +238,10 @@ sys_auth_passwd(struct ssh *ssh, const char *password)
234 * Returns 1 if login is allowed, 0 if not allowed. 238 * Returns 1 if login is allowed, 0 if not allowed.
235 */ 239 */
236int 240int
237sys_auth_allowed_user(struct passwd *pw, Buffer *loginmsg) 241sys_auth_allowed_user(struct passwd *pw, struct sshbuf *loginmsg)
238{ 242{
239 char *msg = NULL; 243 char *msg = NULL;
240 int result, permitted = 0; 244 int r, result, permitted = 0;
241 struct stat st; 245 struct stat st;
242 246
243 /* 247 /*
@@ -260,8 +264,10 @@ sys_auth_allowed_user(struct passwd *pw, Buffer *loginmsg)
260 */ 264 */
261 if (result == -1 && errno == EPERM && stat(_PATH_NOLOGIN, &st) == 0) 265 if (result == -1 && errno == EPERM && stat(_PATH_NOLOGIN, &st) == 0)
262 permitted = 1; 266 permitted = 1;
263 else if (msg != NULL) 267 else if (msg != NULL) {
264 buffer_append(loginmsg, msg, strlen(msg)); 268 if ((r = sshbuf_put(loginmsg, msg, strlen(msg))) != 0)
269 fatal("%s: buffer error: %s", __func__, ssh_err(r));
270 }
265 if (msg == NULL) 271 if (msg == NULL)
266 msg = xstrdup("(none)"); 272 msg = xstrdup("(none)");
267 aix_remove_embedded_newlines(msg); 273 aix_remove_embedded_newlines(msg);
@@ -275,7 +281,7 @@ sys_auth_allowed_user(struct passwd *pw, Buffer *loginmsg)
275 281
276int 282int
277sys_auth_record_login(const char *user, const char *host, const char *ttynm, 283sys_auth_record_login(const char *user, const char *host, const char *ttynm,
278 Buffer *loginmsg) 284 struct sshbuf *loginmsg)
279{ 285{
280 char *msg = NULL; 286 char *msg = NULL;
281 int success = 0; 287 int success = 0;
diff --git a/openbsd-compat/port-aix.h b/openbsd-compat/port-aix.h
index 9c0a4dd3e..748c0e4e3 100644
--- a/openbsd-compat/port-aix.h
+++ b/openbsd-compat/port-aix.h
@@ -30,7 +30,7 @@
30# include <sys/socket.h> 30# include <sys/socket.h>
31#endif 31#endif
32 32
33#include "buffer.h" 33struct sshbuf;
34 34
35/* These should be in the system headers but are not. */ 35/* These should be in the system headers but are not. */
36int usrinfo(int, char *, int); 36int usrinfo(int, char *, int);
@@ -87,9 +87,10 @@ void aix_usrinfo(struct passwd *);
87#ifdef WITH_AIXAUTHENTICATE 87#ifdef WITH_AIXAUTHENTICATE
88# define CUSTOM_SYS_AUTH_PASSWD 1 88# define CUSTOM_SYS_AUTH_PASSWD 1
89# define CUSTOM_SYS_AUTH_ALLOWED_USER 1 89# define CUSTOM_SYS_AUTH_ALLOWED_USER 1
90int sys_auth_allowed_user(struct passwd *, Buffer *); 90int sys_auth_allowed_user(struct passwd *, struct sshbuf *);
91# define CUSTOM_SYS_AUTH_RECORD_LOGIN 1 91# define CUSTOM_SYS_AUTH_RECORD_LOGIN 1
92int sys_auth_record_login(const char *, const char *, const char *, Buffer *); 92int sys_auth_record_login(const char *, const char *,
93 const char *, struct sshbuf *);
93# define CUSTOM_SYS_AUTH_GET_LASTLOGIN_MSG 94# define CUSTOM_SYS_AUTH_GET_LASTLOGIN_MSG
94char *sys_auth_get_lastlogin_msg(const char *, uid_t); 95char *sys_auth_get_lastlogin_msg(const char *, uid_t);
95# define CUSTOM_FAILED_LOGIN 1 96# define CUSTOM_FAILED_LOGIN 1
diff --git a/openbsd-compat/port-linux.c b/openbsd-compat/port-linux.c
index 8a3e5c68d..9fdda664f 100644
--- a/openbsd-compat/port-linux.c
+++ b/openbsd-compat/port-linux.c
@@ -27,12 +27,6 @@
27#include <string.h> 27#include <string.h>
28#include <stdio.h> 28#include <stdio.h>
29 29
30#ifdef WITH_SELINUX
31#include "key.h"
32#include "hostfile.h"
33#include "auth.h"
34#endif
35
36#include "log.h" 30#include "log.h"
37#include "xmalloc.h" 31#include "xmalloc.h"
38#include "port-linux.h" 32#include "port-linux.h"
diff --git a/openbsd-compat/port-net.c b/openbsd-compat/port-net.c
index 7050629c3..bb535626f 100644
--- a/openbsd-compat/port-net.c
+++ b/openbsd-compat/port-net.c
@@ -185,7 +185,7 @@ sys_tun_open(int tun, int mode, char **ifname)
185 else 185 else
186 debug("%s: %s mode %d fd %d", __func__, ifr.ifr_name, mode, fd); 186 debug("%s: %s mode %d fd %d", __func__, ifr.ifr_name, mode, fd);
187 187
188 if (ifname != NULL && (*ifname = strdup(ifr.ifr_name))) 188 if (ifname != NULL && (*ifname = strdup(ifr.ifr_name)) == NULL)
189 goto failed; 189 goto failed;
190 190
191 return (fd); 191 return (fd);
@@ -272,7 +272,7 @@ sys_tun_open(int tun, int mode, char **ifname)
272 goto failed; 272 goto failed;
273 } 273 }
274 274
275 if (ifname != NULL && (*ifname = strdup(ifr.ifr_name))) 275 if (ifname != NULL && (*ifname = strdup(ifr.ifr_name)) == NULL)
276 goto failed; 276 goto failed;
277 277
278 close(sock); 278 close(sock);
diff --git a/openbsd-compat/port-uw.c b/openbsd-compat/port-uw.c
index 014cac264..9edb1b481 100644
--- a/openbsd-compat/port-uw.c
+++ b/openbsd-compat/port-uw.c
@@ -38,8 +38,6 @@
38 38
39#include "xmalloc.h" 39#include "xmalloc.h"
40#include "packet.h" 40#include "packet.h"
41#include "buffer.h"
42#include "key.h"
43#include "auth-options.h" 41#include "auth-options.h"
44#include "log.h" 42#include "log.h"
45#include "misc.h" /* servconf.h needs misc.h for struct ForwardOptions */ 43#include "misc.h" /* servconf.h needs misc.h for struct ForwardOptions */
@@ -99,7 +97,7 @@ nischeck(char *namep)
99 97
100 if ((fd = fopen (password_file, "r")) == NULL) { 98 if ((fd = fopen (password_file, "r")) == NULL) {
101 /* 99 /*
102 * If the passwd file has dissapeared we are in a bad state. 100 * If the passwd file has disappeared we are in a bad state.
103 * However, returning 0 will send us back through the 101 * However, returning 0 will send us back through the
104 * authentication scheme that has checked the ia database for 102 * authentication scheme that has checked the ia database for
105 * passwords earlier. 103 * passwords earlier.
diff --git a/openbsd-compat/sha2.c b/openbsd-compat/sha2.c
index a22099bbe..b55ea30ac 100644
--- a/openbsd-compat/sha2.c
+++ b/openbsd-compat/sha2.c
@@ -72,7 +72,7 @@
72 * Please make sure that your system defines BYTE_ORDER. If your 72 * Please make sure that your system defines BYTE_ORDER. If your
73 * architecture is little-endian, make sure it also defines 73 * architecture is little-endian, make sure it also defines
74 * LITTLE_ENDIAN and that the two (BYTE_ORDER and LITTLE_ENDIAN) are 74 * LITTLE_ENDIAN and that the two (BYTE_ORDER and LITTLE_ENDIAN) are
75 * equivilent. 75 * equivalent.
76 * 76 *
77 * If your system does not define the above, then you can do so by 77 * If your system does not define the above, then you can do so by
78 * hand like this: 78 * hand like this:
diff --git a/openbsd-compat/strndup.c b/openbsd-compat/strndup.c
index ebb4eccfb..30ac6f046 100644
--- a/openbsd-compat/strndup.c
+++ b/openbsd-compat/strndup.c
@@ -16,7 +16,7 @@
16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17 */ 17 */
18 18
19#include "config.h" 19#include "includes.h"
20#if !defined(HAVE_STRNDUP) || defined(BROKEN_STRNDUP) 20#if !defined(HAVE_STRNDUP) || defined(BROKEN_STRNDUP)
21#include <sys/types.h> 21#include <sys/types.h>
22 22
diff --git a/openbsd-compat/strnlen.c b/openbsd-compat/strnlen.c
index 8cc6b96b5..7ad3573a6 100644
--- a/openbsd-compat/strnlen.c
+++ b/openbsd-compat/strnlen.c
@@ -18,7 +18,7 @@
18 18
19/* OPENBSD ORIGINAL: lib/libc/string/strnlen.c */ 19/* OPENBSD ORIGINAL: lib/libc/string/strnlen.c */
20 20
21#include "config.h" 21#include "includes.h"
22#if !defined(HAVE_STRNLEN) || defined(BROKEN_STRNLEN) 22#if !defined(HAVE_STRNLEN) || defined(BROKEN_STRNLEN)
23#include <sys/types.h> 23#include <sys/types.h>
24 24
diff --git a/openbsd-compat/sys-queue.h b/openbsd-compat/sys-queue.h
index 28aaaa37a..af93d6814 100644
--- a/openbsd-compat/sys-queue.h
+++ b/openbsd-compat/sys-queue.h
@@ -45,6 +45,7 @@
45#undef SLIST_HEAD_INITIALIZER 45#undef SLIST_HEAD_INITIALIZER
46#undef SLIST_ENTRY 46#undef SLIST_ENTRY
47#undef SLIST_FOREACH_PREVPTR 47#undef SLIST_FOREACH_PREVPTR
48#undef SLIST_FOREACH_SAFE
48#undef SLIST_FIRST 49#undef SLIST_FIRST
49#undef SLIST_END 50#undef SLIST_END
50#undef SLIST_EMPTY 51#undef SLIST_EMPTY
@@ -54,6 +55,7 @@
54#undef SLIST_INSERT_AFTER 55#undef SLIST_INSERT_AFTER
55#undef SLIST_INSERT_HEAD 56#undef SLIST_INSERT_HEAD
56#undef SLIST_REMOVE_HEAD 57#undef SLIST_REMOVE_HEAD
58#undef SLIST_REMOVE_AFTER
57#undef SLIST_REMOVE 59#undef SLIST_REMOVE
58#undef SLIST_REMOVE_NEXT 60#undef SLIST_REMOVE_NEXT
59#undef LIST_HEAD 61#undef LIST_HEAD
@@ -64,6 +66,7 @@
64#undef LIST_EMPTY 66#undef LIST_EMPTY
65#undef LIST_NEXT 67#undef LIST_NEXT
66#undef LIST_FOREACH 68#undef LIST_FOREACH
69#undef LIST_FOREACH_SAFE
67#undef LIST_INIT 70#undef LIST_INIT
68#undef LIST_INSERT_AFTER 71#undef LIST_INSERT_AFTER
69#undef LIST_INSERT_BEFORE 72#undef LIST_INSERT_BEFORE
@@ -94,6 +97,8 @@
94#undef TAILQ_EMPTY 97#undef TAILQ_EMPTY
95#undef TAILQ_FOREACH 98#undef TAILQ_FOREACH
96#undef TAILQ_FOREACH_REVERSE 99#undef TAILQ_FOREACH_REVERSE
100#undef TAILQ_FOREACH_SAFE
101#undef TAILQ_FOREACH_REVERSE_SAFE
97#undef TAILQ_INIT 102#undef TAILQ_INIT
98#undef TAILQ_INSERT_HEAD 103#undef TAILQ_INSERT_HEAD
99#undef TAILQ_INSERT_TAIL 104#undef TAILQ_INSERT_TAIL
diff --git a/packet.c b/packet.c
index 4bfb50726..dcf35e6e6 100644
--- a/packet.c
+++ b/packet.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: packet.c,v 1.269 2017/12/18 23:13:42 djm Exp $ */ 1/* $OpenBSD: packet.c,v 1.277 2018/07/16 03:09:13 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -61,10 +61,19 @@
61#include <signal.h> 61#include <signal.h>
62#include <time.h> 62#include <time.h>
63 63
64#include <zlib.h> 64/*
65 * Explicitly include OpenSSL before zlib as some versions of OpenSSL have
66 * "free_func" in their headers, which zlib typedefs.
67 */
68#ifdef WITH_OPENSSL
69# include <openssl/bn.h>
70# include <openssl/evp.h>
71# ifdef OPENSSL_HAS_ECC
72# include <openssl/ec.h>
73# endif
74#endif
65 75
66#include "buffer.h" /* typedefs XXX */ 76#include <zlib.h>
67#include "key.h" /* typedefs XXX */
68 77
69#include "xmalloc.h" 78#include "xmalloc.h"
70#include "crc32.h" 79#include "crc32.h"
@@ -147,12 +156,6 @@ struct session_state {
147 int compression_in_failures; 156 int compression_in_failures;
148 int compression_out_failures; 157 int compression_out_failures;
149 158
150 /*
151 * Flag indicating whether packet compression/decompression is
152 * enabled.
153 */
154 int packet_compression;
155
156 /* default maximum packet size */ 159 /* default maximum packet size */
157 u_int max_packet_size; 160 u_int max_packet_size;
158 161
@@ -418,13 +421,16 @@ ssh_packet_start_discard(struct ssh *ssh, struct sshenc *enc,
418int 421int
419ssh_packet_connection_is_on_socket(struct ssh *ssh) 422ssh_packet_connection_is_on_socket(struct ssh *ssh)
420{ 423{
421 struct session_state *state = ssh->state; 424 struct session_state *state;
422 struct sockaddr_storage from, to; 425 struct sockaddr_storage from, to;
423 socklen_t fromlen, tolen; 426 socklen_t fromlen, tolen;
424 427
425 if (state->connection_in == -1 || state->connection_out == -1) 428 if (ssh == NULL || ssh->state == NULL)
426 return 0; 429 return 0;
427 430
431 state = ssh->state;
432 if (state->connection_in == -1 || state->connection_out == -1)
433 return 0;
428 /* filedescriptors in and out are the same, so it's a socket */ 434 /* filedescriptors in and out are the same, so it's a socket */
429 if (state->connection_in == state->connection_out) 435 if (state->connection_in == state->connection_out)
430 return 1; 436 return 1;
@@ -508,11 +514,12 @@ ssh_packet_get_connection_out(struct ssh *ssh)
508const char * 514const char *
509ssh_remote_ipaddr(struct ssh *ssh) 515ssh_remote_ipaddr(struct ssh *ssh)
510{ 516{
511 const int sock = ssh->state->connection_in; 517 int sock;
512 518
513 /* Check whether we have cached the ipaddr. */ 519 /* Check whether we have cached the ipaddr. */
514 if (ssh->remote_ipaddr == NULL) { 520 if (ssh->remote_ipaddr == NULL) {
515 if (ssh_packet_connection_is_on_socket(ssh)) { 521 if (ssh_packet_connection_is_on_socket(ssh)) {
522 sock = ssh->state->connection_in;
516 ssh->remote_ipaddr = get_peer_ipaddr(sock); 523 ssh->remote_ipaddr = get_peer_ipaddr(sock);
517 ssh->remote_port = get_peer_port(sock); 524 ssh->remote_port = get_peer_port(sock);
518 ssh->local_ipaddr = get_local_ipaddr(sock); 525 ssh->local_ipaddr = get_local_ipaddr(sock);
@@ -597,7 +604,7 @@ ssh_packet_close_internal(struct ssh *ssh, int do_close)
597 state->newkeys[mode] = NULL; 604 state->newkeys[mode] = NULL;
598 ssh_clear_newkeys(ssh, mode); /* next keys */ 605 ssh_clear_newkeys(ssh, mode); /* next keys */
599 } 606 }
600 /* comression state is in shared mem, so we can only release it once */ 607 /* compression state is in shared mem, so we can only release it once */
601 if (do_close && state->compression_buffer) { 608 if (do_close && state->compression_buffer) {
602 sshbuf_free(state->compression_buffer); 609 sshbuf_free(state->compression_buffer);
603 if (state->compression_out_started) { 610 if (state->compression_out_started) {
@@ -627,6 +634,8 @@ ssh_packet_close_internal(struct ssh *ssh, int do_close)
627 cipher_free(state->receive_context); 634 cipher_free(state->receive_context);
628 state->send_context = state->receive_context = NULL; 635 state->send_context = state->receive_context = NULL;
629 if (do_close) { 636 if (do_close) {
637 free(ssh->local_ipaddr);
638 ssh->local_ipaddr = NULL;
630 free(ssh->remote_ipaddr); 639 free(ssh->remote_ipaddr);
631 ssh->remote_ipaddr = NULL; 640 ssh->remote_ipaddr = NULL;
632 free(ssh->state); 641 free(ssh->state);
@@ -713,21 +722,6 @@ start_compression_in(struct ssh *ssh)
713 return 0; 722 return 0;
714} 723}
715 724
716int
717ssh_packet_start_compression(struct ssh *ssh, int level)
718{
719 int r;
720
721 if (ssh->state->packet_compression)
722 return SSH_ERR_INTERNAL_ERROR;
723 ssh->state->packet_compression = 1;
724 if ((r = ssh_packet_init_compression(ssh)) != 0 ||
725 (r = start_compression_in(ssh)) != 0 ||
726 (r = start_compression_out(ssh, level)) != 0)
727 return r;
728 return 0;
729}
730
731/* XXX remove need for separate compression buffer */ 725/* XXX remove need for separate compression buffer */
732static int 726static int
733compress_buffer(struct ssh *ssh, struct sshbuf *in, struct sshbuf *out) 727compress_buffer(struct ssh *ssh, struct sshbuf *in, struct sshbuf *out)
@@ -965,7 +959,7 @@ ssh_packet_need_rekeying(struct ssh *ssh, u_int outbound_packet_len)
965 state->p_read.packets > MAX_PACKETS) 959 state->p_read.packets > MAX_PACKETS)
966 return 1; 960 return 1;
967 961
968 /* Rekey after (cipher-specific) maxiumum blocks */ 962 /* Rekey after (cipher-specific) maximum blocks */
969 out_blocks = ROUNDUP(outbound_packet_len, 963 out_blocks = ROUNDUP(outbound_packet_len,
970 state->newkeys[MODE_OUT]->enc.block_size); 964 state->newkeys[MODE_OUT]->enc.block_size);
971 return (state->max_blocks_out && 965 return (state->max_blocks_out &&
@@ -1338,8 +1332,10 @@ ssh_packet_read_seqnr(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
1338 NULL, NULL, timeoutp)) >= 0) 1332 NULL, NULL, timeoutp)) >= 0)
1339 break; 1333 break;
1340 if (errno != EAGAIN && errno != EINTR && 1334 if (errno != EAGAIN && errno != EINTR &&
1341 errno != EWOULDBLOCK) 1335 errno != EWOULDBLOCK) {
1342 break; 1336 r = SSH_ERR_SYSTEM_ERROR;
1337 goto out;
1338 }
1343 if (state->packet_timeout_ms == -1) 1339 if (state->packet_timeout_ms == -1)
1344 continue; 1340 continue;
1345 ms_subtract_diff(&start, &ms_remain); 1341 ms_subtract_diff(&start, &ms_remain);
diff --git a/packet.h b/packet.h
index a2ece6786..170203cab 100644
--- a/packet.h
+++ b/packet.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: packet.h,v 1.84 2017/12/10 05:55:29 dtucker Exp $ */ 1/* $OpenBSD: packet.h,v 1.86 2018/07/09 21:20:26 markus Exp $ */
2 2
3/* 3/*
4 * Author: Tatu Ylonen <ylo@cs.hut.fi> 4 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -107,7 +107,6 @@ void ssh_clear_newkeys(struct ssh *, int);
107int ssh_packet_is_rekeying(struct ssh *); 107int ssh_packet_is_rekeying(struct ssh *);
108void ssh_packet_set_protocol_flags(struct ssh *, u_int); 108void ssh_packet_set_protocol_flags(struct ssh *, u_int);
109u_int ssh_packet_get_protocol_flags(struct ssh *); 109u_int ssh_packet_get_protocol_flags(struct ssh *);
110int ssh_packet_start_compression(struct ssh *, int);
111void ssh_packet_set_tos(struct ssh *, int); 110void ssh_packet_set_tos(struct ssh *, int);
112void ssh_packet_set_interactive(struct ssh *, int, int, int); 111void ssh_packet_set_interactive(struct ssh *, int, int, int);
113int ssh_packet_is_interactive(struct ssh *); 112int ssh_packet_is_interactive(struct ssh *);
@@ -148,8 +147,8 @@ int ssh_packet_not_very_much_data_to_write(struct ssh *);
148int ssh_packet_connection_is_on_socket(struct ssh *); 147int ssh_packet_connection_is_on_socket(struct ssh *);
149int ssh_packet_remaining(struct ssh *); 148int ssh_packet_remaining(struct ssh *);
150 149
151void tty_make_modes(int, struct termios *); 150void ssh_tty_make_modes(struct ssh *, int, struct termios *);
152void tty_parse_modes(int, int *); 151void ssh_tty_parse_modes(struct ssh *, int);
153 152
154void ssh_packet_set_alive_timeouts(struct ssh *, int); 153void ssh_packet_set_alive_timeouts(struct ssh *, int);
155int ssh_packet_inc_alive_timeouts(struct ssh *); 154int ssh_packet_inc_alive_timeouts(struct ssh *);
diff --git a/platform.c b/platform.c
index 380ee3a41..35654ea51 100644
--- a/platform.c
+++ b/platform.c
@@ -20,10 +20,9 @@
20#include <unistd.h> 20#include <unistd.h>
21 21
22#include "log.h" 22#include "log.h"
23#include "buffer.h"
24#include "misc.h" 23#include "misc.h"
25#include "servconf.h" 24#include "servconf.h"
26#include "key.h" 25#include "sshkey.h"
27#include "hostfile.h" 26#include "hostfile.h"
28#include "auth.h" 27#include "auth.h"
29#include "auth-pam.h" 28#include "auth-pam.h"
diff --git a/readconf.c b/readconf.c
index efcf2d628..a3d42f2ae 100644
--- a/readconf.c
+++ b/readconf.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: readconf.c,v 1.283 2018/02/23 15:58:37 markus Exp $ */ 1/* $OpenBSD: readconf.c,v 1.297 2018/08/12 20:19:13 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -53,6 +53,7 @@
53 53
54#include "xmalloc.h" 54#include "xmalloc.h"
55#include "ssh.h" 55#include "ssh.h"
56#include "ssherr.h"
56#include "compat.h" 57#include "compat.h"
57#include "cipher.h" 58#include "cipher.h"
58#include "pathnames.h" 59#include "pathnames.h"
@@ -163,7 +164,7 @@ typedef enum {
163 oGssTrustDns, oGssKeyEx, oGssClientIdentity, oGssRenewalRekey, 164 oGssTrustDns, oGssKeyEx, oGssClientIdentity, oGssRenewalRekey,
164 oGssServerIdentity, 165 oGssServerIdentity,
165 oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly, 166 oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly,
166 oSendEnv, oControlPath, oControlMaster, oControlPersist, 167 oSendEnv, oSetEnv, oControlPath, oControlMaster, oControlPersist,
167 oHashKnownHosts, 168 oHashKnownHosts,
168 oTunnel, oTunnelDevice, 169 oTunnel, oTunnelDevice,
169 oLocalCommand, oPermitLocalCommand, oRemoteCommand, 170 oLocalCommand, oPermitLocalCommand, oRemoteCommand,
@@ -194,6 +195,7 @@ static struct {
194 { "userknownhostsfile2", oDeprecated }, 195 { "userknownhostsfile2", oDeprecated },
195 { "useroaming", oDeprecated }, 196 { "useroaming", oDeprecated },
196 { "usersh", oDeprecated }, 197 { "usersh", oDeprecated },
198 { "useprivilegedport", oDeprecated },
197 199
198 /* Unsupported options */ 200 /* Unsupported options */
199 { "afstokenpassing", oUnsupported }, 201 { "afstokenpassing", oUnsupported },
@@ -236,7 +238,6 @@ static struct {
236 { "exitonforwardfailure", oExitOnForwardFailure }, 238 { "exitonforwardfailure", oExitOnForwardFailure },
237 { "xauthlocation", oXAuthLocation }, 239 { "xauthlocation", oXAuthLocation },
238 { "gatewayports", oGatewayPorts }, 240 { "gatewayports", oGatewayPorts },
239 { "useprivilegedport", oUsePrivilegedPort },
240 { "passwordauthentication", oPasswordAuthentication }, 241 { "passwordauthentication", oPasswordAuthentication },
241 { "kbdinteractiveauthentication", oKbdInteractiveAuthentication }, 242 { "kbdinteractiveauthentication", oKbdInteractiveAuthentication },
242 { "kbdinteractivedevices", oKbdInteractiveDevices }, 243 { "kbdinteractivedevices", oKbdInteractiveDevices },
@@ -244,7 +245,7 @@ static struct {
244 { "dsaauthentication", oPubkeyAuthentication }, /* alias */ 245 { "dsaauthentication", oPubkeyAuthentication }, /* alias */
245 { "hostbasedauthentication", oHostbasedAuthentication }, 246 { "hostbasedauthentication", oHostbasedAuthentication },
246 { "challengeresponseauthentication", oChallengeResponseAuthentication }, 247 { "challengeresponseauthentication", oChallengeResponseAuthentication },
247 { "skeyauthentication", oChallengeResponseAuthentication }, /* alias */ 248 { "skeyauthentication", oUnsupported },
248 { "tisauthentication", oChallengeResponseAuthentication }, /* alias */ 249 { "tisauthentication", oChallengeResponseAuthentication }, /* alias */
249 { "identityfile", oIdentityFile }, 250 { "identityfile", oIdentityFile },
250 { "identityfile2", oIdentityFile }, /* obsolete */ 251 { "identityfile2", oIdentityFile }, /* obsolete */
@@ -291,6 +292,7 @@ static struct {
291 { "serveraliveinterval", oServerAliveInterval }, 292 { "serveraliveinterval", oServerAliveInterval },
292 { "serveralivecountmax", oServerAliveCountMax }, 293 { "serveralivecountmax", oServerAliveCountMax },
293 { "sendenv", oSendEnv }, 294 { "sendenv", oSendEnv },
295 { "setenv", oSetEnv },
294 { "controlpath", oControlPath }, 296 { "controlpath", oControlPath },
295 { "controlmaster", oControlMaster }, 297 { "controlmaster", oControlMaster },
296 { "controlpersist", oControlPersist }, 298 { "controlpersist", oControlPersist },
@@ -335,12 +337,8 @@ void
335add_local_forward(Options *options, const struct Forward *newfwd) 337add_local_forward(Options *options, const struct Forward *newfwd)
336{ 338{
337 struct Forward *fwd; 339 struct Forward *fwd;
338 extern uid_t original_real_uid;
339 int i; 340 int i;
340 341
341 if (!bind_permitted(newfwd->listen_port, original_real_uid) &&
342 newfwd->listen_path == NULL)
343 fatal("Privileged ports can only be forwarded by root.");
344 /* Don't add duplicates */ 342 /* Don't add duplicates */
345 for (i = 0; i < options->num_local_forwards; i++) { 343 for (i = 0; i < options->num_local_forwards; i++) {
346 if (forward_equals(newfwd, options->local_forwards + i)) 344 if (forward_equals(newfwd, options->local_forwards + i))
@@ -498,7 +496,6 @@ execute_in_shell(const char *cmd)
498 char *shell; 496 char *shell;
499 pid_t pid; 497 pid_t pid;
500 int devnull, status; 498 int devnull, status;
501 extern uid_t original_real_uid;
502 499
503 if ((shell = getenv("SHELL")) == NULL) 500 if ((shell = getenv("SHELL")) == NULL)
504 shell = _PATH_BSHELL; 501 shell = _PATH_BSHELL;
@@ -513,9 +510,6 @@ execute_in_shell(const char *cmd)
513 if ((pid = fork()) == 0) { 510 if ((pid = fork()) == 0) {
514 char *argv[4]; 511 char *argv[4];
515 512
516 /* Child. Permanently give up superuser privileges. */
517 permanently_drop_suid(original_real_uid);
518
519 /* Redirect child stdin and stdout. Leave stderr */ 513 /* Redirect child stdin and stdout. Leave stderr */
520 if (dup2(devnull, STDIN_FILENO) == -1) 514 if (dup2(devnull, STDIN_FILENO) == -1)
521 fatal("dup2: %s", strerror(errno)); 515 fatal("dup2: %s", strerror(errno));
@@ -567,6 +561,7 @@ match_cfg_line(Options *options, char **condition, struct passwd *pw,
567 const char *ruser; 561 const char *ruser;
568 int r, port, this_result, result = 1, attributes = 0, negate; 562 int r, port, this_result, result = 1, attributes = 0, negate;
569 char thishost[NI_MAXHOST], shorthost[NI_MAXHOST], portstr[NI_MAXSERV]; 563 char thishost[NI_MAXHOST], shorthost[NI_MAXHOST], portstr[NI_MAXSERV];
564 char uidstr[32];
570 565
571 /* 566 /*
572 * Configuration is likely to be incomplete at this point so we 567 * Configuration is likely to be incomplete at this point so we
@@ -647,6 +642,8 @@ match_cfg_line(Options *options, char **condition, struct passwd *pw,
647 strlcpy(shorthost, thishost, sizeof(shorthost)); 642 strlcpy(shorthost, thishost, sizeof(shorthost));
648 shorthost[strcspn(thishost, ".")] = '\0'; 643 shorthost[strcspn(thishost, ".")] = '\0';
649 snprintf(portstr, sizeof(portstr), "%d", port); 644 snprintf(portstr, sizeof(portstr), "%d", port);
645 snprintf(uidstr, sizeof(uidstr), "%llu",
646 (unsigned long long)pw->pw_uid);
650 647
651 cmd = percent_expand(arg, 648 cmd = percent_expand(arg,
652 "L", shorthost, 649 "L", shorthost,
@@ -657,6 +654,7 @@ match_cfg_line(Options *options, char **condition, struct passwd *pw,
657 "p", portstr, 654 "p", portstr,
658 "r", ruser, 655 "r", ruser,
659 "u", pw->pw_name, 656 "u", pw->pw_name,
657 "i", uidstr,
660 (char *)NULL); 658 (char *)NULL);
661 if (result != 1) { 659 if (result != 1) {
662 /* skip execution if prior predicate failed */ 660 /* skip execution if prior predicate failed */
@@ -700,6 +698,35 @@ match_cfg_line(Options *options, char **condition, struct passwd *pw,
700 return result; 698 return result;
701} 699}
702 700
701/* Remove environment variable by pattern */
702static void
703rm_env(Options *options, const char *arg, const char *filename, int linenum)
704{
705 int i, j;
706 char *cp;
707
708 /* Remove an environment variable */
709 for (i = 0; i < options->num_send_env; ) {
710 cp = xstrdup(options->send_env[i]);
711 if (!match_pattern(cp, arg + 1)) {
712 free(cp);
713 i++;
714 continue;
715 }
716 debug3("%s line %d: removing environment %s",
717 filename, linenum, cp);
718 free(cp);
719 free(options->send_env[i]);
720 options->send_env[i] = NULL;
721 for (j = i; j < options->num_send_env - 1; j++) {
722 options->send_env[j] = options->send_env[j + 1];
723 options->send_env[j + 1] = NULL;
724 }
725 options->num_send_env--;
726 /* NB. don't increment i */
727 }
728}
729
703/* 730/*
704 * Returns the number of the token pointed to by cp or oBadOption. 731 * Returns the number of the token pointed to by cp or oBadOption.
705 */ 732 */
@@ -934,10 +961,6 @@ parse_time:
934 intptr = &options->exit_on_forward_failure; 961 intptr = &options->exit_on_forward_failure;
935 goto parse_flag; 962 goto parse_flag;
936 963
937 case oUsePrivilegedPort:
938 intptr = &options->use_privileged_port;
939 goto parse_flag;
940
941 case oPasswordAuthentication: 964 case oPasswordAuthentication:
942 intptr = &options->password_authentication; 965 intptr = &options->password_authentication;
943 goto parse_flag; 966 goto parse_flag;
@@ -1397,11 +1420,41 @@ parse_keytypes:
1397 filename, linenum); 1420 filename, linenum);
1398 if (!*activep) 1421 if (!*activep)
1399 continue; 1422 continue;
1400 if (options->num_send_env >= MAX_SEND_ENV) 1423 if (*arg == '-') {
1401 fatal("%s line %d: too many send env.", 1424 /* Removing an env var */
1425 rm_env(options, arg, filename, linenum);
1426 continue;
1427 } else {
1428 /* Adding an env var */
1429 if (options->num_send_env >= INT_MAX)
1430 fatal("%s line %d: too many send env.",
1431 filename, linenum);
1432 options->send_env = xrecallocarray(
1433 options->send_env, options->num_send_env,
1434 options->num_send_env + 1,
1435 sizeof(*options->send_env));
1436 options->send_env[options->num_send_env++] =
1437 xstrdup(arg);
1438 }
1439 }
1440 break;
1441
1442 case oSetEnv:
1443 value = options->num_setenv;
1444 while ((arg = strdelimw(&s)) != NULL && *arg != '\0') {
1445 if (strchr(arg, '=') == NULL)
1446 fatal("%s line %d: Invalid SetEnv.",
1447 filename, linenum);
1448 if (!*activep || value != 0)
1449 continue;
1450 /* Adding a setenv var */
1451 if (options->num_setenv >= INT_MAX)
1452 fatal("%s line %d: too many SetEnv.",
1402 filename, linenum); 1453 filename, linenum);
1403 options->send_env[options->num_send_env++] = 1454 options->setenv = xrecallocarray(
1404 xstrdup(arg); 1455 options->setenv, options->num_setenv,
1456 options->num_setenv + 1, sizeof(*options->setenv));
1457 options->setenv[options->num_setenv++] = xstrdup(arg);
1405 } 1458 }
1406 break; 1459 break;
1407 1460
@@ -1726,7 +1779,8 @@ read_config_file_depth(const char *filename, struct passwd *pw,
1726 int flags, int *activep, int depth) 1779 int flags, int *activep, int depth)
1727{ 1780{
1728 FILE *f; 1781 FILE *f;
1729 char line[4096]; 1782 char *line = NULL;
1783 size_t linesize = 0;
1730 int linenum; 1784 int linenum;
1731 int bad_options = 0; 1785 int bad_options = 0;
1732 1786
@@ -1752,15 +1806,14 @@ read_config_file_depth(const char *filename, struct passwd *pw,
1752 * on/off by Host specifications. 1806 * on/off by Host specifications.
1753 */ 1807 */
1754 linenum = 0; 1808 linenum = 0;
1755 while (fgets(line, sizeof(line), f)) { 1809 while (getline(&line, &linesize, f) != -1) {
1756 /* Update line number counter. */ 1810 /* Update line number counter. */
1757 linenum++; 1811 linenum++;
1758 if (strlen(line) == sizeof(line) - 1)
1759 fatal("%s line %d too long", filename, linenum);
1760 if (process_config_line_depth(options, pw, host, original_host, 1812 if (process_config_line_depth(options, pw, host, original_host,
1761 line, filename, linenum, activep, flags, depth) != 0) 1813 line, filename, linenum, activep, flags, depth) != 0)
1762 bad_options++; 1814 bad_options++;
1763 } 1815 }
1816 free(line);
1764 fclose(f); 1817 fclose(f);
1765 if (bad_options > 0) 1818 if (bad_options > 0)
1766 fatal("%s: terminating, %d bad configuration options", 1819 fatal("%s: terminating, %d bad configuration options",
@@ -1798,7 +1851,6 @@ initialize_options(Options * options)
1798 options->fwd_opts.gateway_ports = -1; 1851 options->fwd_opts.gateway_ports = -1;
1799 options->fwd_opts.streamlocal_bind_mask = (mode_t)-1; 1852 options->fwd_opts.streamlocal_bind_mask = (mode_t)-1;
1800 options->fwd_opts.streamlocal_bind_unlink = -1; 1853 options->fwd_opts.streamlocal_bind_unlink = -1;
1801 options->use_privileged_port = -1;
1802 options->pubkey_authentication = -1; 1854 options->pubkey_authentication = -1;
1803 options->challenge_response_authentication = -1; 1855 options->challenge_response_authentication = -1;
1804 options->gss_authentication = -1; 1856 options->gss_authentication = -1;
@@ -1857,7 +1909,10 @@ initialize_options(Options * options)
1857 options->verify_host_key_dns = -1; 1909 options->verify_host_key_dns = -1;
1858 options->server_alive_interval = -1; 1910 options->server_alive_interval = -1;
1859 options->server_alive_count_max = -1; 1911 options->server_alive_count_max = -1;
1912 options->send_env = NULL;
1860 options->num_send_env = 0; 1913 options->num_send_env = 0;
1914 options->setenv = NULL;
1915 options->num_setenv = 0;
1861 options->control_path = NULL; 1916 options->control_path = NULL;
1862 options->control_master = -1; 1917 options->control_master = -1;
1863 options->control_persist = -1; 1918 options->control_persist = -1;
@@ -1911,6 +1966,9 @@ fill_default_options_for_canonicalization(Options *options)
1911void 1966void
1912fill_default_options(Options * options) 1967fill_default_options(Options * options)
1913{ 1968{
1969 char *all_cipher, *all_mac, *all_kex, *all_key;
1970 int r;
1971
1914 if (options->forward_agent == -1) 1972 if (options->forward_agent == -1)
1915 options->forward_agent = 0; 1973 options->forward_agent = 0;
1916 if (options->forward_x11 == -1) 1974 if (options->forward_x11 == -1)
@@ -1940,8 +1998,6 @@ fill_default_options(Options * options)
1940 options->fwd_opts.streamlocal_bind_mask = 0177; 1998 options->fwd_opts.streamlocal_bind_mask = 0177;
1941 if (options->fwd_opts.streamlocal_bind_unlink == -1) 1999 if (options->fwd_opts.streamlocal_bind_unlink == -1)
1942 options->fwd_opts.streamlocal_bind_unlink = 0; 2000 options->fwd_opts.streamlocal_bind_unlink = 0;
1943 if (options->use_privileged_port == -1)
1944 options->use_privileged_port = 0;
1945 if (options->pubkey_authentication == -1) 2001 if (options->pubkey_authentication == -1)
1946 options->pubkey_authentication = 1; 2002 options->pubkey_authentication = 1;
1947 if (options->challenge_response_authentication == -1) 2003 if (options->challenge_response_authentication == -1)
@@ -2051,9 +2107,9 @@ fill_default_options(Options * options)
2051 if (options->visual_host_key == -1) 2107 if (options->visual_host_key == -1)
2052 options->visual_host_key = 0; 2108 options->visual_host_key = 0;
2053 if (options->ip_qos_interactive == -1) 2109 if (options->ip_qos_interactive == -1)
2054 options->ip_qos_interactive = IPTOS_LOWDELAY; 2110 options->ip_qos_interactive = IPTOS_DSCP_AF21;
2055 if (options->ip_qos_bulk == -1) 2111 if (options->ip_qos_bulk == -1)
2056 options->ip_qos_bulk = IPTOS_THROUGHPUT; 2112 options->ip_qos_bulk = IPTOS_DSCP_CS1;
2057 if (options->request_tty == -1) 2113 if (options->request_tty == -1)
2058 options->request_tty = REQUEST_TTY_AUTO; 2114 options->request_tty = REQUEST_TTY_AUTO;
2059 if (options->proxy_use_fdpass == -1) 2115 if (options->proxy_use_fdpass == -1)
@@ -2068,14 +2124,28 @@ fill_default_options(Options * options)
2068 options->fingerprint_hash = SSH_FP_HASH_DEFAULT; 2124 options->fingerprint_hash = SSH_FP_HASH_DEFAULT;
2069 if (options->update_hostkeys == -1) 2125 if (options->update_hostkeys == -1)
2070 options->update_hostkeys = 0; 2126 options->update_hostkeys = 0;
2071 if (kex_assemble_names(KEX_CLIENT_ENCRYPT, &options->ciphers) != 0 || 2127
2072 kex_assemble_names(KEX_CLIENT_MAC, &options->macs) != 0 || 2128 /* Expand KEX name lists */
2073 kex_assemble_names(KEX_CLIENT_KEX, &options->kex_algorithms) != 0 || 2129 all_cipher = cipher_alg_list(',', 0);
2074 kex_assemble_names(KEX_DEFAULT_PK_ALG, 2130 all_mac = mac_alg_list(',');
2075 &options->hostbased_key_types) != 0 || 2131 all_kex = kex_alg_list(',');
2076 kex_assemble_names(KEX_DEFAULT_PK_ALG, 2132 all_key = sshkey_alg_list(0, 0, 1, ',');
2077 &options->pubkey_key_types) != 0) 2133#define ASSEMBLE(what, defaults, all) \
2078 fatal("%s: kex_assemble_names failed", __func__); 2134 do { \
2135 if ((r = kex_assemble_names(&options->what, \
2136 defaults, all)) != 0) \
2137 fatal("%s: %s: %s", __func__, #what, ssh_err(r)); \
2138 } while (0)
2139 ASSEMBLE(ciphers, KEX_SERVER_ENCRYPT, all_cipher);
2140 ASSEMBLE(macs, KEX_SERVER_MAC, all_mac);
2141 ASSEMBLE(kex_algorithms, KEX_SERVER_KEX, all_kex);
2142 ASSEMBLE(hostbased_key_types, KEX_DEFAULT_PK_ALG, all_key);
2143 ASSEMBLE(pubkey_key_types, KEX_DEFAULT_PK_ALG, all_key);
2144#undef ASSEMBLE
2145 free(all_cipher);
2146 free(all_mac);
2147 free(all_kex);
2148 free(all_key);
2079 2149
2080#define CLEAR_ON_NONE(v) \ 2150#define CLEAR_ON_NONE(v) \
2081 do { \ 2151 do { \
@@ -2089,6 +2159,12 @@ fill_default_options(Options * options)
2089 CLEAR_ON_NONE(options->proxy_command); 2159 CLEAR_ON_NONE(options->proxy_command);
2090 CLEAR_ON_NONE(options->control_path); 2160 CLEAR_ON_NONE(options->control_path);
2091 CLEAR_ON_NONE(options->revoked_host_keys); 2161 CLEAR_ON_NONE(options->revoked_host_keys);
2162 if (options->jump_host != NULL &&
2163 strcmp(options->jump_host, "none") == 0 &&
2164 options->jump_port == 0 && options->jump_user == NULL) {
2165 free(options->jump_host);
2166 options->jump_host = NULL;
2167 }
2092 /* options->identity_agent distinguishes NULL from 'none' */ 2168 /* options->identity_agent distinguishes NULL from 'none' */
2093 /* options->user will be set in the main program if appropriate */ 2169 /* options->user will be set in the main program if appropriate */
2094 /* options->hostname will be set in the main program if appropriate */ 2170 /* options->hostname will be set in the main program if appropriate */
@@ -2317,6 +2393,8 @@ parse_jump(const char *s, Options *o, int active)
2317 orig = sdup = xstrdup(s); 2393 orig = sdup = xstrdup(s);
2318 first = active; 2394 first = active;
2319 do { 2395 do {
2396 if (strcasecmp(s, "none") == 0)
2397 break;
2320 if ((cp = strrchr(sdup, ',')) == NULL) 2398 if ((cp = strrchr(sdup, ',')) == NULL)
2321 cp = sdup; /* last */ 2399 cp = sdup; /* last */
2322 else 2400 else
@@ -2337,14 +2415,19 @@ parse_jump(const char *s, Options *o, int active)
2337 } while (cp != sdup); 2415 } while (cp != sdup);
2338 /* success */ 2416 /* success */
2339 if (active) { 2417 if (active) {
2340 o->jump_user = user; 2418 if (strcasecmp(s, "none") == 0) {
2341 o->jump_host = host; 2419 o->jump_host = xstrdup("none");
2342 o->jump_port = port; 2420 o->jump_port = 0;
2343 o->proxy_command = xstrdup("none"); 2421 } else {
2344 user = host = NULL; 2422 o->jump_user = user;
2345 if ((cp = strrchr(s, ',')) != NULL && cp != s) { 2423 o->jump_host = host;
2346 o->jump_extra = xstrdup(s); 2424 o->jump_port = port;
2347 o->jump_extra[cp - s] = '\0'; 2425 o->proxy_command = xstrdup("none");
2426 user = host = NULL;
2427 if ((cp = strrchr(s, ',')) != NULL && cp != s) {
2428 o->jump_extra = xstrdup(s);
2429 o->jump_extra[cp - s] = '\0';
2430 }
2348 } 2431 }
2349 } 2432 }
2350 ret = 0; 2433 ret = 0;
@@ -2401,6 +2484,8 @@ fmt_intarg(OpCodes code, int val)
2401 return fmt_multistate_int(val, multistate_requesttty); 2484 return fmt_multistate_int(val, multistate_requesttty);
2402 case oCanonicalizeHostname: 2485 case oCanonicalizeHostname:
2403 return fmt_multistate_int(val, multistate_canonicalizehostname); 2486 return fmt_multistate_int(val, multistate_canonicalizehostname);
2487 case oAddKeysToAgent:
2488 return fmt_multistate_int(val, multistate_yesnoaskconfirm);
2404 case oFingerprintHash: 2489 case oFingerprintHash:
2405 return ssh_digest_alg_name(val); 2490 return ssh_digest_alg_name(val);
2406 default: 2491 default:
@@ -2508,11 +2593,14 @@ void
2508dump_client_config(Options *o, const char *host) 2593dump_client_config(Options *o, const char *host)
2509{ 2594{
2510 int i; 2595 int i;
2511 char buf[8]; 2596 char buf[8], *all_key;
2512 2597
2513 /* This is normally prepared in ssh_kex2 */ 2598 /* This is normally prepared in ssh_kex2 */
2514 if (kex_assemble_names(KEX_DEFAULT_PK_ALG, &o->hostkeyalgorithms) != 0) 2599 all_key = sshkey_alg_list(0, 0, 1, ',');
2600 if (kex_assemble_names( &o->hostkeyalgorithms,
2601 KEX_DEFAULT_PK_ALG, all_key) != 0)
2515 fatal("%s: kex_assemble_names failed", __func__); 2602 fatal("%s: kex_assemble_names failed", __func__);
2603 free(all_key);
2516 2604
2517 /* Most interesting options first: user, host, port */ 2605 /* Most interesting options first: user, host, port */
2518 dump_cfg_string(oUser, o->user); 2606 dump_cfg_string(oUser, o->user);
@@ -2520,6 +2608,7 @@ dump_client_config(Options *o, const char *host)
2520 dump_cfg_int(oPort, o->port); 2608 dump_cfg_int(oPort, o->port);
2521 2609
2522 /* Flag options */ 2610 /* Flag options */
2611 dump_cfg_fmtint(oAddKeysToAgent, o->add_keys_to_agent);
2523 dump_cfg_fmtint(oAddressFamily, o->address_family); 2612 dump_cfg_fmtint(oAddressFamily, o->address_family);
2524 dump_cfg_fmtint(oBatchMode, o->batch_mode); 2613 dump_cfg_fmtint(oBatchMode, o->batch_mode);
2525 dump_cfg_fmtint(oCanonicalizeFallbackLocal, o->canonicalize_fallback_local); 2614 dump_cfg_fmtint(oCanonicalizeFallbackLocal, o->canonicalize_fallback_local);
@@ -2554,7 +2643,6 @@ dump_client_config(Options *o, const char *host)
2554 dump_cfg_fmtint(oStrictHostKeyChecking, o->strict_host_key_checking); 2643 dump_cfg_fmtint(oStrictHostKeyChecking, o->strict_host_key_checking);
2555 dump_cfg_fmtint(oTCPKeepAlive, o->tcp_keep_alive); 2644 dump_cfg_fmtint(oTCPKeepAlive, o->tcp_keep_alive);
2556 dump_cfg_fmtint(oTunnel, o->tun_open); 2645 dump_cfg_fmtint(oTunnel, o->tun_open);
2557 dump_cfg_fmtint(oUsePrivilegedPort, o->use_privileged_port);
2558 dump_cfg_fmtint(oVerifyHostKeyDNS, o->verify_host_key_dns); 2646 dump_cfg_fmtint(oVerifyHostKeyDNS, o->verify_host_key_dns);
2559 dump_cfg_fmtint(oVisualHostKey, o->visual_host_key); 2647 dump_cfg_fmtint(oVisualHostKey, o->visual_host_key);
2560 dump_cfg_fmtint(oUpdateHostkeys, o->update_hostkeys); 2648 dump_cfg_fmtint(oUpdateHostkeys, o->update_hostkeys);
@@ -2576,6 +2664,7 @@ dump_client_config(Options *o, const char *host)
2576 dump_cfg_string(oHostKeyAlias, o->host_key_alias); 2664 dump_cfg_string(oHostKeyAlias, o->host_key_alias);
2577 dump_cfg_string(oHostbasedKeyTypes, o->hostbased_key_types); 2665 dump_cfg_string(oHostbasedKeyTypes, o->hostbased_key_types);
2578 dump_cfg_string(oIdentityAgent, o->identity_agent); 2666 dump_cfg_string(oIdentityAgent, o->identity_agent);
2667 dump_cfg_string(oIgnoreUnknown, o->ignored_unknown);
2579 dump_cfg_string(oKbdInteractiveDevices, o->kbd_interactive_devices); 2668 dump_cfg_string(oKbdInteractiveDevices, o->kbd_interactive_devices);
2580 dump_cfg_string(oKexAlgorithms, o->kex_algorithms ? o->kex_algorithms : KEX_CLIENT_KEX); 2669 dump_cfg_string(oKexAlgorithms, o->kex_algorithms ? o->kex_algorithms : KEX_CLIENT_KEX);
2581 dump_cfg_string(oLocalCommand, o->local_command); 2670 dump_cfg_string(oLocalCommand, o->local_command);
@@ -2598,9 +2687,11 @@ dump_client_config(Options *o, const char *host)
2598 /* String array options */ 2687 /* String array options */
2599 dump_cfg_strarray(oIdentityFile, o->num_identity_files, o->identity_files); 2688 dump_cfg_strarray(oIdentityFile, o->num_identity_files, o->identity_files);
2600 dump_cfg_strarray_oneline(oCanonicalDomains, o->num_canonical_domains, o->canonical_domains); 2689 dump_cfg_strarray_oneline(oCanonicalDomains, o->num_canonical_domains, o->canonical_domains);
2690 dump_cfg_strarray(oCertificateFile, o->num_certificate_files, o->certificate_files);
2601 dump_cfg_strarray_oneline(oGlobalKnownHostsFile, o->num_system_hostfiles, o->system_hostfiles); 2691 dump_cfg_strarray_oneline(oGlobalKnownHostsFile, o->num_system_hostfiles, o->system_hostfiles);
2602 dump_cfg_strarray_oneline(oUserKnownHostsFile, o->num_user_hostfiles, o->user_hostfiles); 2692 dump_cfg_strarray_oneline(oUserKnownHostsFile, o->num_user_hostfiles, o->user_hostfiles);
2603 dump_cfg_strarray(oSendEnv, o->num_send_env, o->send_env); 2693 dump_cfg_strarray(oSendEnv, o->num_send_env, o->send_env);
2694 dump_cfg_strarray(oSetEnv, o->num_setenv, o->setenv);
2604 2695
2605 /* Special cases */ 2696 /* Special cases */
2606 2697
@@ -2658,6 +2749,9 @@ dump_client_config(Options *o, const char *host)
2658 printf("streamlocalbindmask 0%o\n", 2749 printf("streamlocalbindmask 0%o\n",
2659 o->fwd_opts.streamlocal_bind_mask); 2750 o->fwd_opts.streamlocal_bind_mask);
2660 2751
2752 /* oLogFacility */
2753 printf("syslogfacility %s\n", log_facility_name(o->log_facility));
2754
2661 /* oProxyCommand / oProxyJump */ 2755 /* oProxyCommand / oProxyJump */
2662 if (o->jump_host == NULL) 2756 if (o->jump_host == NULL)
2663 dump_cfg_string(oProxyCommand, o->proxy_command); 2757 dump_cfg_string(oProxyCommand, o->proxy_command);
diff --git a/readconf.h b/readconf.h
index f469daaff..5ea0c296b 100644
--- a/readconf.h
+++ b/readconf.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: readconf.h,v 1.125 2018/02/23 02:34:33 djm Exp $ */ 1/* $OpenBSD: readconf.h,v 1.127 2018/07/19 10:28:47 dtucker Exp $ */
2 2
3/* 3/*
4 * Author: Tatu Ylonen <ylo@cs.hut.fi> 4 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -18,7 +18,6 @@
18 18
19/* Data structure for representing option data. */ 19/* Data structure for representing option data. */
20 20
21#define MAX_SEND_ENV 256
22#define SSH_MAX_HOSTS_FILES 32 21#define SSH_MAX_HOSTS_FILES 32
23#define MAX_CANON_DOMAINS 32 22#define MAX_CANON_DOMAINS 32
24#define PATH_MAX_SUN (sizeof((struct sockaddr_un *)0)->sun_path) 23#define PATH_MAX_SUN (sizeof((struct sockaddr_un *)0)->sun_path)
@@ -36,7 +35,6 @@ typedef struct {
36 int exit_on_forward_failure; /* Exit if bind(2) fails for -L/-R */ 35 int exit_on_forward_failure; /* Exit if bind(2) fails for -L/-R */
37 char *xauth_location; /* Location for xauth program */ 36 char *xauth_location; /* Location for xauth program */
38 struct ForwardOptions fwd_opts; /* forwarding options */ 37 struct ForwardOptions fwd_opts; /* forwarding options */
39 int use_privileged_port; /* Don't use privileged port if false. */
40 int pubkey_authentication; /* Try ssh2 pubkey authentication. */ 38 int pubkey_authentication; /* Try ssh2 pubkey authentication. */
41 int hostbased_authentication; /* ssh2's rhosts_rsa */ 39 int hostbased_authentication; /* ssh2's rhosts_rsa */
42 int challenge_response_authentication; 40 int challenge_response_authentication;
@@ -125,7 +123,9 @@ typedef struct {
125 int server_alive_count_max; 123 int server_alive_count_max;
126 124
127 int num_send_env; 125 int num_send_env;
128 char *send_env[MAX_SEND_ENV]; 126 char **send_env;
127 int num_setenv;
128 char **setenv;
129 129
130 char *control_path; 130 char *control_path;
131 int control_master; 131 int control_master;
diff --git a/readpass.c b/readpass.c
index 05c8cac1c..f160f866b 100644
--- a/readpass.c
+++ b/readpass.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: readpass.c,v 1.51 2015/12/11 00:20:04 mmcc Exp $ */ 1/* $OpenBSD: readpass.c,v 1.52 2018/07/18 11:34:04 dtucker Exp $ */
2/* 2/*
3 * Copyright (c) 2001 Markus Friedl. All rights reserved. 3 * Copyright (c) 2001 Markus Friedl. All rights reserved.
4 * 4 *
@@ -72,7 +72,6 @@ ssh_askpass(char *askpass, const char *msg)
72 return NULL; 72 return NULL;
73 } 73 }
74 if (pid == 0) { 74 if (pid == 0) {
75 permanently_drop_suid(getuid());
76 close(p[0]); 75 close(p[0]);
77 if (dup2(p[1], STDOUT_FILENO) < 0) 76 if (dup2(p[1], STDOUT_FILENO) < 0)
78 fatal("ssh_askpass: dup2: %s", strerror(errno)); 77 fatal("ssh_askpass: dup2: %s", strerror(errno));
diff --git a/regress/Makefile b/regress/Makefile
index d15898ad0..647b4a049 100644
--- a/regress/Makefile
+++ b/regress/Makefile
@@ -1,4 +1,4 @@
1# $OpenBSD: Makefile,v 1.96 2017/10/24 19:33:32 millert Exp $ 1# $OpenBSD: Makefile,v 1.97 2018/06/07 04:46:34 djm Exp $
2 2
3REGRESS_TARGETS= unit t1 t2 t3 t4 t5 t6 t7 t8 t9 t10 t11 t12 t-exec 3REGRESS_TARGETS= unit t1 t2 t3 t4 t5 t6 t7 t8 t9 t10 t11 t12 t-exec
4tests: prep $(REGRESS_TARGETS) 4tests: prep $(REGRESS_TARGETS)
@@ -61,6 +61,7 @@ LTESTS= connect \
61 sshcfgparse \ 61 sshcfgparse \
62 cfgparse \ 62 cfgparse \
63 cfgmatch \ 63 cfgmatch \
64 cfgmatchlisten \
64 addrmatch \ 65 addrmatch \
65 localcommand \ 66 localcommand \
66 forcecommand \ 67 forcecommand \
diff --git a/regress/allow-deny-users.sh b/regress/allow-deny-users.sh
index 4165111e0..5c3895122 100644
--- a/regress/allow-deny-users.sh
+++ b/regress/allow-deny-users.sh
@@ -1,6 +1,6 @@
1# Public Domain 1# Public Domain
2# Zev Weiss, 2016 2# Zev Weiss, 2016
3# $OpenBSD: allow-deny-users.sh,v 1.4 2017/10/20 02:13:41 djm Exp $ 3# $OpenBSD: allow-deny-users.sh,v 1.5 2018/07/13 02:13:50 djm Exp $
4 4
5tid="AllowUsers/DenyUsers" 5tid="AllowUsers/DenyUsers"
6 6
@@ -10,6 +10,8 @@ if [ "x$me" = "x" ]; then
10fi 10fi
11other="nobody" 11other="nobody"
12 12
13cp $OBJ/sshd_proxy $OBJ/sshd_proxy.orig
14
13test_auth() 15test_auth()
14{ 16{
15 deny="$1" 17 deny="$1"
@@ -17,17 +19,19 @@ test_auth()
17 should_succeed="$3" 19 should_succeed="$3"
18 failmsg="$4" 20 failmsg="$4"
19 21
22 cp $OBJ/sshd_proxy.orig $OBJ/sshd_proxy
23 echo DenyUsers="$deny" >> $OBJ/sshd_proxy
24 echo AllowUsers="$allow" >> $OBJ/sshd_proxy
25
20 start_sshd -oDenyUsers="$deny" -oAllowUsers="$allow" 26 start_sshd -oDenyUsers="$deny" -oAllowUsers="$allow"
21 27
22 ${SSH} -F $OBJ/ssh_config "$me@somehost" true 28 ${SSH} -F $OBJ/ssh_proxy "$me@somehost" true
23 status=$? 29 status=$?
24 30
25 if (test $status -eq 0 && ! $should_succeed) \ 31 if (test $status -eq 0 && ! $should_succeed) \
26 || (test $status -ne 0 && $should_succeed); then 32 || (test $status -ne 0 && $should_succeed); then
27 fail "$failmsg" 33 fail "$failmsg"
28 fi 34 fi
29
30 stop_sshd
31} 35}
32 36
33# DenyUsers AllowUsers should_succeed failure_message 37# DenyUsers AllowUsers should_succeed failure_message
diff --git a/regress/authinfo.sh b/regress/authinfo.sh
index 3caf89478..693424afa 100644
--- a/regress/authinfo.sh
+++ b/regress/authinfo.sh
@@ -1,4 +1,4 @@
1# $OpenBSD: authinfo.sh,v 1.2 2017/10/25 20:08:36 millert Exp $ 1# $OpenBSD: authinfo.sh,v 1.3 2018/04/10 00:13:27 djm Exp $
2# Placed in the Public Domain. 2# Placed in the Public Domain.
3 3
4tid="authinfo" 4tid="authinfo"
diff --git a/regress/cert-file.sh b/regress/cert-file.sh
index 8fd62c773..1157a3582 100644
--- a/regress/cert-file.sh
+++ b/regress/cert-file.sh
@@ -1,4 +1,4 @@
1# $OpenBSD: cert-file.sh,v 1.6 2017/04/30 23:34:55 djm Exp $ 1# $OpenBSD: cert-file.sh,v 1.7 2018/04/10 00:14:10 djm Exp $
2# Placed in the Public Domain. 2# Placed in the Public Domain.
3 3
4tid="ssh with certificates" 4tid="ssh with certificates"
@@ -52,7 +52,7 @@ echo "cert-authority $(cat $OBJ/user_ca_key1.pub)" > $OBJ/authorized_keys_$USER
52cat $OBJ/ssh_proxy | grep -v IdentityFile > $OBJ/no_identity_config 52cat $OBJ/ssh_proxy | grep -v IdentityFile > $OBJ/no_identity_config
53 53
54# XXX: verify that certificate used was what we expect. Needs exposure of 54# XXX: verify that certificate used was what we expect. Needs exposure of
55# keys via enviornment variable or similar. 55# keys via environment variable or similar.
56 56
57 # Key with no .pub should work - finding the equivalent *-cert.pub. 57 # Key with no .pub should work - finding the equivalent *-cert.pub.
58verbose "identity cert with no plain public file" 58verbose "identity cert with no plain public file"
@@ -138,7 +138,7 @@ fi
138 138
139# try ssh with the agent and certificates 139# try ssh with the agent and certificates
140opts="-F $OBJ/ssh_proxy" 140opts="-F $OBJ/ssh_proxy"
141# with no certificates, shoud fail 141# with no certificates, should fail
142${SSH} $opts somehost exit 52 142${SSH} $opts somehost exit 52
143if [ $? -eq 52 ]; then 143if [ $? -eq 52 ]; then
144 fail "ssh connect with agent in succeeded with no cert" 144 fail "ssh connect with agent in succeeded with no cert"
diff --git a/regress/cert-hostkey.sh b/regress/cert-hostkey.sh
index 3d5732a5d..d2ecd318b 100644
--- a/regress/cert-hostkey.sh
+++ b/regress/cert-hostkey.sh
@@ -1,4 +1,4 @@
1# $OpenBSD: cert-hostkey.sh,v 1.15 2017/04/30 23:34:55 djm Exp $ 1# $OpenBSD: cert-hostkey.sh,v 1.16 2018/07/03 11:43:49 djm Exp $
2# Placed in the Public Domain. 2# Placed in the Public Domain.
3 3
4tid="certified host keys" 4tid="certified host keys"
@@ -14,6 +14,13 @@ for i in `$SSH -Q key`; do
14 continue 14 continue
15 fi 15 fi
16 case "$i" in 16 case "$i" in
17 # Special treatment for RSA keys.
18 *rsa*cert*)
19 types="rsa-sha2-256-cert-v01@openssh.com,$i,$types"
20 types="rsa-sha2-512-cert-v01@openssh.com,$types";;
21 *rsa*)
22 types="$types,rsa-sha2-512,rsa-sha2-256,$i";;
23 # Prefer certificate to plain keys.
17 *cert*) types="$i,$types";; 24 *cert*) types="$i,$types";;
18 *) types="$types,$i";; 25 *) types="$types,$i";;
19 esac 26 esac
diff --git a/regress/cfgmatchlisten.sh b/regress/cfgmatchlisten.sh
new file mode 100644
index 000000000..a4fd66b32
--- /dev/null
+++ b/regress/cfgmatchlisten.sh
@@ -0,0 +1,202 @@
1# $OpenBSD: cfgmatchlisten.sh,v 1.3 2018/07/02 14:13:30 dtucker Exp $
2# Placed in the Public Domain.
3
4tid="sshd_config matchlisten"
5
6pidfile=$OBJ/remote_pid
7fwdport=3301
8fwdspec="localhost:${fwdport}"
9fwd="-R $fwdport:127.0.0.1:$PORT"
10
11echo "ExitOnForwardFailure=yes" >> $OBJ/ssh_config
12echo "ExitOnForwardFailure=yes" >> $OBJ/ssh_proxy
13
14start_client()
15{
16 rm -f $pidfile
17 ${SSH} -vvv $fwd "$@" somehost true >>$TEST_REGRESS_LOGFILE 2>&1
18 r=$?
19 if [ $r -ne 0 ]; then
20 return $r
21 fi
22 ${SSH} -vvv $fwd "$@" somehost \
23 exec sh -c \'"echo \$\$ > $pidfile; exec sleep 100"\' \
24 >>$TEST_REGRESS_LOGFILE 2>&1 &
25 client_pid=$!
26 # Wait for remote end
27 n=0
28 while test ! -f $pidfile ; do
29 sleep 1
30 n=`expr $n + 1`
31 if test $n -gt 60; then
32 kill $client_pid
33 fatal "timeout waiting for background ssh"
34 fi
35 done
36 return $r
37}
38
39expect_client_ok()
40{
41 start_client "$@" ||
42 fail "client did not start"
43}
44
45expect_client_fail()
46{
47 local failmsg="$1"
48 shift
49 start_client "$@" &&
50 fail $failmsg
51}
52
53stop_client()
54{
55 pid=`cat $pidfile`
56 if [ ! -z "$pid" ]; then
57 kill $pid
58 fi
59 wait
60}
61
62cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak
63echo "PermitListen 127.0.0.1:1" >>$OBJ/sshd_config
64echo "Match Address 127.0.0.1" >>$OBJ/sshd_config
65echo "PermitListen 127.0.0.1:2 127.0.0.1:3 $fwdspec" >>$OBJ/sshd_config
66
67grep -v AuthorizedKeysFile $OBJ/sshd_proxy_bak > $OBJ/sshd_proxy
68echo "AuthorizedKeysFile /dev/null" >>$OBJ/sshd_proxy
69echo "PermitListen 127.0.0.1:1" >>$OBJ/sshd_proxy
70echo "Match user $USER" >>$OBJ/sshd_proxy
71echo "AuthorizedKeysFile /dev/null $OBJ/authorized_keys_%u" >>$OBJ/sshd_proxy
72echo "Match Address 127.0.0.1" >>$OBJ/sshd_proxy
73echo "PermitListen 127.0.0.1:2 127.0.0.1:3 $fwdspec" >>$OBJ/sshd_proxy
74
75start_sshd
76
77#set -x
78
79# Test Match + PermitListen in sshd_config. This should be permitted
80trace "match permitlisten localhost"
81expect_client_ok -F $OBJ/ssh_config
82${SSH} -q -p $fwdport -F $OBJ/ssh_config somehost true || \
83 fail "match permitlisten permit"
84stop_client
85
86# Same but from different source. This should not be permitted
87trace "match permitlisten proxy"
88expect_client_fail "match permitlisten deny" \
89 -F $OBJ/ssh_proxy
90
91# Retry previous with key option, should also be denied.
92cp /dev/null $OBJ/authorized_keys_$USER
93for t in ${SSH_KEYTYPES}; do
94 printf 'permitlisten="'$fwdspec'" ' >> $OBJ/authorized_keys_$USER
95 cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER
96done
97trace "match permitlisten proxy w/key opts"
98expect_client_fail "match permitlisten deny w/key opt"\
99 -F $OBJ/ssh_proxy
100
101# Test both sshd_config and key options permitting the same dst/port pair.
102# Should be permitted.
103trace "match permitlisten localhost"
104expect_client_ok -F $OBJ/ssh_config
105${SSH} -q -p $fwdport -F $OBJ/ssh_config somehost true || \
106 fail "match permitlisten permit"
107stop_client
108
109# Test that a bare port number is accepted in PermitListen
110cp $OBJ/sshd_proxy_bak $OBJ/sshd_proxy
111echo "PermitListen 127.0.0.1:1 $fwdport 127.0.0.2:2" >>$OBJ/sshd_proxy
112trace "match permitlisten bare"
113expect_client_ok -F $OBJ/ssh_config
114${SSH} -q -p $fwdport -F $OBJ/ssh_config somehost true || \
115 fail "match permitlisten bare"
116stop_client
117
118# Test that an incorrect bare port number is denied as expected
119cp $OBJ/sshd_proxy_bak $OBJ/sshd_proxy
120echo "PermitListen 1 2 99" >>$OBJ/sshd_proxy
121trace "match permitlisten bare"
122expect_client_fail -F $OBJ/ssh_config
123
124cp $OBJ/sshd_proxy_bak $OBJ/sshd_proxy
125echo "PermitListen 127.0.0.1:1 $fwdspec 127.0.0.2:2" >>$OBJ/sshd_proxy
126echo "Match User $USER" >>$OBJ/sshd_proxy
127echo "PermitListen 127.0.0.1:1 127.0.0.1:2" >>$OBJ/sshd_proxy
128
129# Test that a Match overrides a PermitListen in the global section
130trace "match permitlisten proxy w/key opts"
131expect_client_fail "match override permitlisten" \
132 -F $OBJ/ssh_proxy
133
134cp $OBJ/sshd_proxy_bak $OBJ/sshd_proxy
135echo "PermitListen 127.0.0.1:1 $fwdspec 127.0.0.2:2" >>$OBJ/sshd_proxy
136echo "Match User NoSuchUser" >>$OBJ/sshd_proxy
137echo "PermitListen 127.0.0.1:1 127.0.0.1:2" >>$OBJ/sshd_proxy
138
139# Test that a rule that doesn't match doesn't override, plus test a
140# PermitListen entry that's not at the start of the list
141trace "nomatch permitlisten proxy w/key opts"
142expect_client_ok -F $OBJ/ssh_proxy
143${SSH} -q -p $fwdport -F $OBJ/ssh_config somehost true || \
144 fail "nomatch override permitlisten"
145stop_client
146
147# bind to 127.0.0.1 instead of default localhost
148fwdspec2="127.0.0.1:${fwdport}"
149fwd="-R ${fwdspec2}:127.0.0.1:$PORT"
150
151# first try w/ old fwdspec both in server config and key opts
152cp $OBJ/sshd_proxy_bak $OBJ/sshd_proxy
153echo "PermitListen 127.0.0.1:1 $fwdspec 127.0.0.2:2" >>$OBJ/sshd_proxy
154cp /dev/null $OBJ/authorized_keys_$USER
155for t in ${SSH_KEYTYPES}; do
156 printf 'permitlisten="'$fwdspec'" ' >> $OBJ/authorized_keys_$USER
157 cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER
158done
159trace "nomatch permitlisten 127.0.0.1 server config and userkey"
160expect_client_fail "nomatch 127.0.0.1 server config and userkey" \
161 -F $OBJ/ssh_config
162
163# correct server config, denied by key opts
164cp $OBJ/sshd_proxy_bak $OBJ/sshd_proxy
165echo "PermitListen 127.0.0.1:1 ${fwdspec2} 127.0.0.2:2" >>$OBJ/sshd_proxy
166trace "nomatch permitlisten 127.0.0.1 w/key opts"
167expect_client_fail "nomatch 127.0.0.1 w/key opts" \
168 -F $OBJ/ssh_config
169
170# fix key opts
171cp /dev/null $OBJ/authorized_keys_$USER
172for t in ${SSH_KEYTYPES}; do
173 printf 'permitlisten="'$fwdspec2'" ' >> $OBJ/authorized_keys_$USER
174 cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER
175done
176trace "match permitlisten 127.0.0.1 server config w/key opts"
177expect_client_ok -F $OBJ/ssh_proxy
178${SSH} -q -p $fwdport -F $OBJ/ssh_config somehost true || \
179 fail "match 127.0.0.1 server config w/key opts"
180stop_client
181
182# key opts with bare port number
183cp /dev/null $OBJ/authorized_keys_$USER
184for t in ${SSH_KEYTYPES}; do
185 printf 'permitlisten="'$fwdport'" ' >> $OBJ/authorized_keys_$USER
186 cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER
187done
188trace "match permitlisten 127.0.0.1 server config w/key opts (bare)"
189expect_client_ok -F $OBJ/ssh_proxy
190${SSH} -q -p $fwdport -F $OBJ/ssh_config somehost true || \
191 fail "match 127.0.0.1 server config w/key opts (bare)"
192stop_client
193
194# key opts with incorrect bare port number
195cp /dev/null $OBJ/authorized_keys_$USER
196for t in ${SSH_KEYTYPES}; do
197 printf 'permitlisten="99" ' >> $OBJ/authorized_keys_$USER
198 cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER
199done
200trace "match permitlisten 127.0.0.1 server config w/key opts (wrong bare)"
201expect_client_fail "nomatch 127.0.0.1 w/key opts (wrong bare)" \
202 -F $OBJ/ssh_config
diff --git a/regress/cfgparse.sh b/regress/cfgparse.sh
index ccf511f6b..a9e5c6b09 100644
--- a/regress/cfgparse.sh
+++ b/regress/cfgparse.sh
@@ -1,4 +1,4 @@
1# $OpenBSD: cfgparse.sh,v 1.6 2016/06/03 03:47:59 dtucker Exp $ 1# $OpenBSD: cfgparse.sh,v 1.7 2018/05/11 03:51:06 dtucker Exp $
2# Placed in the Public Domain. 2# Placed in the Public Domain.
3 3
4tid="sshd config parse" 4tid="sshd config parse"
@@ -10,8 +10,8 @@ fi
10 10
11# We need to use the keys generated for the regression test because sshd -T 11# We need to use the keys generated for the regression test because sshd -T
12# will fail if we're not running with SUDO (no permissions for real keys) or 12# will fail if we're not running with SUDO (no permissions for real keys) or
13# if we are # running tests on a system that has never had sshd installed 13# if we are running tests on a system that has never had sshd installed
14# (keys won't exist). 14# because the keys won't exist.
15 15
16grep "HostKey " $OBJ/sshd_config > $OBJ/sshd_config_minimal 16grep "HostKey " $OBJ/sshd_config > $OBJ/sshd_config_minimal
17SSHD_KEYS="`cat $OBJ/sshd_config_minimal`" 17SSHD_KEYS="`cat $OBJ/sshd_config_minimal`"
diff --git a/regress/forward-control.sh b/regress/forward-control.sh
index 93d05cf63..3b1f69a71 100644
--- a/regress/forward-control.sh
+++ b/regress/forward-control.sh
@@ -1,4 +1,4 @@
1# $OpenBSD: forward-control.sh,v 1.5 2018/03/02 02:51:55 djm Exp $ 1# $OpenBSD: forward-control.sh,v 1.7 2018/06/07 14:29:43 djm Exp $
2# Placed in the Public Domain. 2# Placed in the Public Domain.
3 3
4tid="sshd control of local and remote forwarding" 4tid="sshd control of local and remote forwarding"
@@ -67,7 +67,7 @@ check_rfwd() {
67 _message=$2 67 _message=$2
68 rm -f $READY 68 rm -f $READY
69 ${SSH} -F $OBJ/ssh_proxy \ 69 ${SSH} -F $OBJ/ssh_proxy \
70 -R$RFWD_PORT:127.0.0.1:$PORT \ 70 -R127.0.0.1:$RFWD_PORT:127.0.0.1:$PORT \
71 -o ExitOnForwardFailure=yes \ 71 -o ExitOnForwardFailure=yes \
72 -n host exec sh -c \'"sleep 60 & echo \$! > $READY ; wait "\' \ 72 -n host exec sh -c \'"sleep 60 & echo \$! > $READY ; wait "\' \
73 >/dev/null 2>&1 & 73 >/dev/null 2>&1 &
@@ -100,8 +100,8 @@ cp ${OBJ}/authorized_keys_${USER} ${OBJ}/authorized_keys_${USER}.bak
100check_lfwd Y "default configuration" 100check_lfwd Y "default configuration"
101check_rfwd Y "default configuration" 101check_rfwd Y "default configuration"
102 102
103# Usage: all_tests yes|local|remote|no Y|N Y|N Y|N Y|N Y|N Y|N 103# Usage: lperm_tests yes|local|remote|no Y|N Y|N Y|N Y|N Y|N Y|N
104all_tests() { 104lperm_tests() {
105 _tcpfwd=$1 105 _tcpfwd=$1
106 _plain_lfwd=$2 106 _plain_lfwd=$2
107 _plain_rfwd=$3 107 _plain_rfwd=$3
@@ -109,32 +109,39 @@ all_tests() {
109 _nopermit_rfwd=$5 109 _nopermit_rfwd=$5
110 _permit_lfwd=$6 110 _permit_lfwd=$6
111 _permit_rfwd=$7 111 _permit_rfwd=$7
112 _badfwd=127.0.0.1:22 112 _badfwd1=127.0.0.1:22
113 _badfwd2=127.0.0.2:22
113 _goodfwd=127.0.0.1:${PORT} 114 _goodfwd=127.0.0.1:${PORT}
114 cp ${OBJ}/authorized_keys_${USER}.bak ${OBJ}/authorized_keys_${USER} 115 cp ${OBJ}/authorized_keys_${USER}.bak ${OBJ}/authorized_keys_${USER}
115 _prefix="AllowTcpForwarding=$_tcpfwd" 116 _prefix="AllowTcpForwarding=$_tcpfwd"
117
116 # No PermitOpen 118 # No PermitOpen
117 ( cat ${OBJ}/sshd_proxy.bak ; 119 ( cat ${OBJ}/sshd_proxy.bak ;
118 echo "AllowTcpForwarding $_tcpfwd" ) \ 120 echo "AllowTcpForwarding $_tcpfwd" ) \
119 > ${OBJ}/sshd_proxy 121 > ${OBJ}/sshd_proxy
120 check_lfwd $_plain_lfwd "$_prefix" 122 check_lfwd $_plain_lfwd "$_prefix"
121 check_rfwd $_plain_rfwd "$_prefix" 123 check_rfwd $_plain_rfwd "$_prefix"
124
122 # PermitOpen via sshd_config that doesn't match 125 # PermitOpen via sshd_config that doesn't match
123 ( cat ${OBJ}/sshd_proxy.bak ; 126 ( cat ${OBJ}/sshd_proxy.bak ;
124 echo "AllowTcpForwarding $_tcpfwd" ; 127 echo "AllowTcpForwarding $_tcpfwd" ;
125 echo "PermitOpen $_badfwd" ) \ 128 echo "PermitOpen $_badfwd1 $_badfwd2" ) \
126 > ${OBJ}/sshd_proxy 129 > ${OBJ}/sshd_proxy
127 check_lfwd $_nopermit_lfwd "$_prefix, !PermitOpen" 130 check_lfwd $_nopermit_lfwd "$_prefix, !PermitOpen"
128 check_rfwd $_nopermit_rfwd "$_prefix, !PermitOpen" 131 check_rfwd $_nopermit_rfwd "$_prefix, !PermitOpen"
129 # PermitOpen via sshd_config that does match 132 # PermitOpen via sshd_config that does match
130 ( cat ${OBJ}/sshd_proxy.bak ; 133 ( cat ${OBJ}/sshd_proxy.bak ;
131 echo "AllowTcpForwarding $_tcpfwd" ; 134 echo "AllowTcpForwarding $_tcpfwd" ;
132 echo "PermitOpen $_badfwd $_goodfwd" ) \ 135 echo "PermitOpen $_badfwd1 $_goodfwd $_badfwd2" ) \
133 > ${OBJ}/sshd_proxy 136 > ${OBJ}/sshd_proxy
137 check_lfwd $_plain_lfwd "$_prefix, PermitOpen"
138 check_rfwd $_plain_rfwd "$_prefix, PermitOpen"
139
140 # permitopen keys option.
134 # NB. permitopen via authorized_keys should have same 141 # NB. permitopen via authorized_keys should have same
135 # success/fail as via sshd_config 142 # success/fail as via sshd_config
136 # permitopen via authorized_keys that doesn't match 143 # permitopen via authorized_keys that doesn't match
137 sed "s/^/permitopen=\"$_badfwd\" /" \ 144 sed "s/^/permitopen=\"$_badfwd1\",permitopen=\"$_badfwd2\" /" \
138 < ${OBJ}/authorized_keys_${USER}.bak \ 145 < ${OBJ}/authorized_keys_${USER}.bak \
139 > ${OBJ}/authorized_keys_${USER} || fatal "sed 1 fail" 146 > ${OBJ}/authorized_keys_${USER} || fatal "sed 1 fail"
140 ( cat ${OBJ}/sshd_proxy.bak ; 147 ( cat ${OBJ}/sshd_proxy.bak ;
@@ -143,7 +150,7 @@ all_tests() {
143 check_lfwd $_nopermit_lfwd "$_prefix, !permitopen" 150 check_lfwd $_nopermit_lfwd "$_prefix, !permitopen"
144 check_rfwd $_nopermit_rfwd "$_prefix, !permitopen" 151 check_rfwd $_nopermit_rfwd "$_prefix, !permitopen"
145 # permitopen via authorized_keys that does match 152 # permitopen via authorized_keys that does match
146 sed "s/^/permitopen=\"$_badfwd\",permitopen=\"$_goodfwd\" /" \ 153 sed "s/^/permitopen=\"$_badfwd1\",permitopen=\"$_goodfwd\" /" \
147 < ${OBJ}/authorized_keys_${USER}.bak \ 154 < ${OBJ}/authorized_keys_${USER}.bak \
148 > ${OBJ}/authorized_keys_${USER} || fatal "sed 2 fail" 155 > ${OBJ}/authorized_keys_${USER} || fatal "sed 2 fail"
149 ( cat ${OBJ}/sshd_proxy.bak ; 156 ( cat ${OBJ}/sshd_proxy.bak ;
@@ -151,6 +158,7 @@ all_tests() {
151 > ${OBJ}/sshd_proxy 158 > ${OBJ}/sshd_proxy
152 check_lfwd $_permit_lfwd "$_prefix, permitopen" 159 check_lfwd $_permit_lfwd "$_prefix, permitopen"
153 check_rfwd $_permit_rfwd "$_prefix, permitopen" 160 check_rfwd $_permit_rfwd "$_prefix, permitopen"
161
154 # Check port-forwarding flags in authorized_keys. 162 # Check port-forwarding flags in authorized_keys.
155 # These two should refuse all. 163 # These two should refuse all.
156 sed "s/^/no-port-forwarding /" \ 164 sed "s/^/no-port-forwarding /" \
@@ -180,9 +188,48 @@ all_tests() {
180 check_rfwd $_plain_rfwd "$_prefix, restrict,port-forwarding" 188 check_rfwd $_plain_rfwd "$_prefix, restrict,port-forwarding"
181} 189}
182 190
183# no-permitopen mismatch-permitopen match-permitopen 191# permit-open none mismatch match
184# AllowTcpForwarding local remote local remote local remote 192# AllowTcpForwarding local remote local remote local remote
185all_tests yes Y Y N Y Y Y 193lperm_tests yes Y Y N Y Y Y
186all_tests local Y N N N Y N 194lperm_tests local Y N N N Y N
187all_tests remote N Y N Y N Y 195lperm_tests remote N Y N Y N Y
188all_tests no N N N N N N 196lperm_tests no N N N N N N
197
198# Usage: rperm_tests yes|local|remote|no Y|N Y|N Y|N Y|N Y|N Y|N
199rperm_tests() {
200 _tcpfwd=$1
201 _plain_lfwd=$2
202 _plain_rfwd=$3
203 _nopermit_lfwd=$4
204 _nopermit_rfwd=$5
205 _permit_lfwd=$6
206 _permit_rfwd=$7
207 _badfwd1=127.0.0.1:22
208 _badfwd2=127.0.0.2:${RFWD_PORT}
209 _goodfwd=127.0.0.1:${RFWD_PORT}
210 cp ${OBJ}/authorized_keys_${USER}.bak ${OBJ}/authorized_keys_${USER}
211 _prefix="AllowTcpForwarding=$_tcpfwd"
212
213 # PermitListen via sshd_config that doesn't match
214 ( cat ${OBJ}/sshd_proxy.bak ;
215 echo "AllowTcpForwarding $_tcpfwd" ;
216 echo "PermitListen $_badfwd1 $_badfwd2" ) \
217 > ${OBJ}/sshd_proxy
218 check_lfwd $_nopermit_lfwd "$_prefix, !PermitListen"
219 check_rfwd $_nopermit_rfwd "$_prefix, !PermitListen"
220 # PermitListen via sshd_config that does match
221 ( cat ${OBJ}/sshd_proxy.bak ;
222 echo "AllowTcpForwarding $_tcpfwd" ;
223 echo "PermitListen $_badfwd1 $_goodfwd $_badfwd2" ) \
224 > ${OBJ}/sshd_proxy
225 check_lfwd $_plain_lfwd "$_prefix, PermitListen"
226 check_rfwd $_plain_rfwd "$_prefix, PermitListen"
227}
228
229# permit-remote-open none mismatch match
230# AllowTcpForwarding local remote local remote local remote
231rperm_tests yes Y Y Y N Y Y
232rperm_tests local Y N Y N Y N
233rperm_tests remote N Y N N N Y
234rperm_tests no N N N N N N
235
diff --git a/regress/forwarding.sh b/regress/forwarding.sh
index 39fccba73..7d0fae114 100644
--- a/regress/forwarding.sh
+++ b/regress/forwarding.sh
@@ -10,7 +10,8 @@ start_sshd
10base=33 10base=33
11last=$PORT 11last=$PORT
12fwd="" 12fwd=""
13CTL=/tmp/openssh.regress.ctl-sock.$$ 13make_tmpdir
14CTL=${SSH_REGRESS_TMP}/ctl-sock
14 15
15for j in 0 1 2; do 16for j in 0 1 2; do
16 for i in 0 1 2; do 17 for i in 0 1 2; do
diff --git a/regress/key-options.sh b/regress/key-options.sh
index d680737c1..112c9bd8e 100644
--- a/regress/key-options.sh
+++ b/regress/key-options.sh
@@ -1,4 +1,4 @@
1# $OpenBSD: key-options.sh,v 1.8 2018/03/14 05:35:40 djm Exp $ 1# $OpenBSD: key-options.sh,v 1.9 2018/07/03 13:53:26 djm Exp $
2# Placed in the Public Domain. 2# Placed in the Public Domain.
3 3
4tid="key options" 4tid="key options"
@@ -27,6 +27,7 @@ expect_pty_succeed() {
27 rm -f $OBJ/data 27 rm -f $OBJ/data
28 sed "s/.*/$opts &/" $origkeys >$authkeys 28 sed "s/.*/$opts &/" $origkeys >$authkeys
29 verbose "key option pty $which" 29 verbose "key option pty $which"
30 config_defined HAVE_OPENPTY || verbose "skipped for no openpty(3)"
30 ${SSH} -ttq -F $OBJ/ssh_proxy somehost "tty > $OBJ/data; exit 0" 31 ${SSH} -ttq -F $OBJ/ssh_proxy somehost "tty > $OBJ/data; exit 0"
31 if [ $? -ne 0 ] ; then 32 if [ $? -ne 0 ] ; then
32 fail "key option failed $which" 33 fail "key option failed $which"
@@ -44,6 +45,7 @@ expect_pty_fail() {
44 rm -f $OBJ/data 45 rm -f $OBJ/data
45 sed "s/.*/$opts &/" $origkeys >$authkeys 46 sed "s/.*/$opts &/" $origkeys >$authkeys
46 verbose "key option pty $which" 47 verbose "key option pty $which"
48 config_defined HAVE_OPENPTY || verbose "skipped for no openpty(3)"
47 ${SSH} -ttq -F $OBJ/ssh_proxy somehost "tty > $OBJ/data; exit 0" 49 ${SSH} -ttq -F $OBJ/ssh_proxy somehost "tty > $OBJ/data; exit 0"
48 if [ $? -eq 0 ]; then 50 if [ $? -eq 0 ]; then
49 r=`cat $OBJ/data` 51 r=`cat $OBJ/data`
@@ -63,6 +65,7 @@ expect_pty_fail "restrict" "restrict"
63expect_pty_succeed "restrict,pty" "restrict,pty" 65expect_pty_succeed "restrict,pty" "restrict,pty"
64 66
65# Test environment= 67# Test environment=
68# XXX this can fail if ~/.ssh/environment exists for the user running the test
66echo 'PermitUserEnvironment yes' >> $OBJ/sshd_proxy 69echo 'PermitUserEnvironment yes' >> $OBJ/sshd_proxy
67sed 's/.*/environment="FOO=bar" &/' $origkeys >$authkeys 70sed 's/.*/environment="FOO=bar" &/' $origkeys >$authkeys
68verbose "key option environment" 71verbose "key option environment"
diff --git a/regress/keygen-knownhosts.sh b/regress/keygen-knownhosts.sh
index 693cd0e75..37af34769 100644
--- a/regress/keygen-knownhosts.sh
+++ b/regress/keygen-knownhosts.sh
@@ -1,4 +1,4 @@
1# $OpenBSD: keygen-knownhosts.sh,v 1.3 2015/07/17 03:34:27 djm Exp $ 1# $OpenBSD: keygen-knownhosts.sh,v 1.4 2018/06/01 03:52:37 djm Exp $
2# Placed in the Public Domain. 2# Placed in the Public Domain.
3 3
4tid="ssh-keygen known_hosts" 4tid="ssh-keygen known_hosts"
@@ -55,13 +55,24 @@ expect_key() {
55check_find() { 55check_find() {
56 _host=$1 56 _host=$1
57 _name=$2 57 _name=$2
58 _keygenopt=$3 58 shift; shift
59 ${SSHKEYGEN} $_keygenopt -f $OBJ/kh.invalid -F $_host > $OBJ/kh.result 59 ${SSHKEYGEN} "$@" -f $OBJ/kh.invalid -F $_host > $OBJ/kh.result
60 if ! diff -w $OBJ/kh.expect $OBJ/kh.result ; then 60 if ! diff -w $OBJ/kh.expect $OBJ/kh.result ; then
61 fail "didn't find $_name" 61 fail "didn't find $_name"
62 fi 62 fi
63} 63}
64 64
65check_find_exit_code() {
66 _host=$1
67 _name=$2
68 _keygenopt=$3
69 _exp_exit_code=$4
70 ${SSHKEYGEN} $_keygenopt -f $OBJ/kh.invalid -F $_host > /dev/null
71 if [ "$?" != "$_exp_exit_code" ] ; then
72 fail "Unexpected exit code $_name"
73 fi
74}
75
65# Find key 76# Find key
66rm -f $OBJ/kh.expect 77rm -f $OBJ/kh.expect
67expect_key host-a host-a host-a 2 78expect_key host-a host-a host-a 2
@@ -88,6 +99,18 @@ rm -f $OBJ/kh.expect
88expect_key host-h "host-f,host-g,host-h " host-f 17 99expect_key host-h "host-f,host-g,host-h " host-f 17
89check_find host-h "find multiple hosts" 100check_find host-h "find multiple hosts"
90 101
102# Check exit code, known host
103check_find_exit_code host-a "known host" "-q" "0"
104
105# Check exit code, unknown host
106check_find_exit_code host-aa "unknown host" "-q" "1"
107
108# Check exit code, the hash mode, known host
109check_find_exit_code host-a "known host" "-q -H" "0"
110
111# Check exit code, the hash mode, unknown host
112check_find_exit_code host-aa "unknown host" "-q -H" "1"
113
91check_hashed_find() { 114check_hashed_find() {
92 _host=$1 115 _host=$1
93 _name=$2 116 _name=$2
@@ -110,19 +133,19 @@ check_hashed_find host-a "find simple and hash"
110rm -f $OBJ/kh.expect 133rm -f $OBJ/kh.expect
111expect_key host-c host-c host-c "" CA 134expect_key host-c host-c host-c "" CA
112# CA key output is not hashed. 135# CA key output is not hashed.
113check_find host-c "find simple and hash" -H 136check_find host-c "find simple and hash" -Hq
114 137
115# Find revoked key and hash 138# Find revoked key and hash
116rm -f $OBJ/kh.expect 139rm -f $OBJ/kh.expect
117expect_key host-d host-d host-d "" REVOKED 140expect_key host-d host-d host-d "" REVOKED
118# Revoked key output is not hashed. 141# Revoked key output is not hashed.
119check_find host-d "find simple and hash" -H 142check_find host-d "find simple and hash" -Hq
120 143
121# find key with wildcard and hash 144# find key with wildcard and hash
122rm -f $OBJ/kh.expect 145rm -f $OBJ/kh.expect
123expect_key host-e "host-e*" host-e "" 146expect_key host-e "host-e*" host-e ""
124# Key with wildcard hostname should not be hashed. 147# Key with wildcard hostname should not be hashed.
125check_find host-e "find wildcard key" -H 148check_find host-e "find wildcard key" -Hq
126 149
127# find key among multiple hosts 150# find key among multiple hosts
128rm -f $OBJ/kh.expect 151rm -f $OBJ/kh.expect
diff --git a/regress/mkdtemp.c b/regress/mkdtemp.c
new file mode 100644
index 000000000..a7be1bdab
--- /dev/null
+++ b/regress/mkdtemp.c
@@ -0,0 +1,61 @@
1/*
2 * Copyright (c) 2017 Colin Watson <cjwatson@debian.org>
3 *
4 * Permission to use, copy, modify, and distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
7 *
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 */
16
17/* Roughly equivalent to "mktemp -d -t TEMPLATE", but portable. */
18
19#include "includes.h"
20
21#include <limits.h>
22#include <stdarg.h>
23#include <stdio.h>
24#include <stdlib.h>
25#include <unistd.h>
26
27#include "log.h"
28
29static void
30usage(void)
31{
32 fprintf(stderr, "mkdtemp template\n");
33 exit(1);
34}
35
36int
37main(int argc, char **argv)
38{
39 const char *base;
40 const char *tmpdir;
41 char template[PATH_MAX];
42 int r;
43 char *dir;
44
45 if (argc != 2)
46 usage();
47 base = argv[1];
48
49 if ((tmpdir = getenv("TMPDIR")) == NULL)
50 tmpdir = "/tmp";
51 r = snprintf(template, sizeof(template), "%s/%s", tmpdir, base);
52 if (r < 0 || (size_t)r >= sizeof(template))
53 fatal("template string too long");
54 dir = mkdtemp(template);
55 if (dir == NULL) {
56 perror("mkdtemp");
57 exit(1);
58 }
59 puts(dir);
60 return 0;
61}
diff --git a/regress/multiplex.sh b/regress/multiplex.sh
index 078a53a88..a6fad8eb8 100644
--- a/regress/multiplex.sh
+++ b/regress/multiplex.sh
@@ -1,7 +1,8 @@
1# $OpenBSD: multiplex.sh,v 1.28 2017/04/30 23:34:55 djm Exp $ 1# $OpenBSD: multiplex.sh,v 1.28 2017/04/30 23:34:55 djm Exp $
2# Placed in the Public Domain. 2# Placed in the Public Domain.
3 3
4CTL=/tmp/openssh.regress.ctl-sock.$$ 4make_tmpdir
5CTL=${SSH_REGRESS_TMP}/ctl-sock
5 6
6tid="connection multiplexing" 7tid="connection multiplexing"
7 8
diff --git a/regress/rekey.sh b/regress/rekey.sh
index ae145bc8b..fd6a02cc7 100644
--- a/regress/rekey.sh
+++ b/regress/rekey.sh
@@ -1,4 +1,4 @@
1# $OpenBSD: rekey.sh,v 1.17 2016/01/29 05:18:15 dtucker Exp $ 1# $OpenBSD: rekey.sh,v 1.18 2018/04/10 00:14:10 djm Exp $
2# Placed in the Public Domain. 2# Placed in the Public Domain.
3 3
4tid="rekey" 4tid="rekey"
@@ -30,7 +30,7 @@ ssh_data_rekeying()
30 n=`expr $n - 1` 30 n=`expr $n - 1`
31 trace "$n rekeying(s)" 31 trace "$n rekeying(s)"
32 if [ $n -lt 1 ]; then 32 if [ $n -lt 1 ]; then
33 fail "no rekeying occured ($@)" 33 fail "no rekeying occurred ($@)"
34 fi 34 fi
35} 35}
36 36
@@ -80,7 +80,7 @@ for s in 5 10; do
80 n=`expr $n - 1` 80 n=`expr $n - 1`
81 trace "$n rekeying(s)" 81 trace "$n rekeying(s)"
82 if [ $n -lt 1 ]; then 82 if [ $n -lt 1 ]; then
83 fail "no rekeying occured" 83 fail "no rekeying occurred"
84 fi 84 fi
85done 85done
86 86
@@ -96,7 +96,7 @@ for s in 5 10; do
96 n=`expr $n - 1` 96 n=`expr $n - 1`
97 trace "$n rekeying(s)" 97 trace "$n rekeying(s)"
98 if [ $n -lt 1 ]; then 98 if [ $n -lt 1 ]; then
99 fail "no rekeying occured" 99 fail "no rekeying occurred"
100 fi 100 fi
101done 101done
102 102
@@ -115,7 +115,7 @@ for s in 16 1k 128k 256k; do
115 n=`expr $n - 1` 115 n=`expr $n - 1`
116 trace "$n rekeying(s)" 116 trace "$n rekeying(s)"
117 if [ $n -lt 1 ]; then 117 if [ $n -lt 1 ]; then
118 fail "no rekeying occured" 118 fail "no rekeying occurred"
119 fi 119 fi
120done 120done
121 121
@@ -132,7 +132,7 @@ for s in 5 10; do
132 n=`expr $n - 1` 132 n=`expr $n - 1`
133 trace "$n rekeying(s)" 133 trace "$n rekeying(s)"
134 if [ $n -lt 1 ]; then 134 if [ $n -lt 1 ]; then
135 fail "no rekeying occured" 135 fail "no rekeying occurred"
136 fi 136 fi
137done 137done
138 138
diff --git a/regress/setuid-allowed.c b/regress/setuid-allowed.c
index 7a0527fd0..d91d9f194 100644
--- a/regress/setuid-allowed.c
+++ b/regress/setuid-allowed.c
@@ -22,6 +22,7 @@
22#ifdef HAVE_SYS_STATVFS_H 22#ifdef HAVE_SYS_STATVFS_H
23# include <sys/statvfs.h> 23# include <sys/statvfs.h>
24#endif 24#endif
25#include <stdlib.h>
25#include <stdio.h> 26#include <stdio.h>
26#include <string.h> 27#include <string.h>
27#include <errno.h> 28#include <errno.h>
diff --git a/regress/sshcfgparse.sh b/regress/sshcfgparse.sh
index 010e02865..e0ce568d7 100644
--- a/regress/sshcfgparse.sh
+++ b/regress/sshcfgparse.sh
@@ -1,8 +1,27 @@
1# $OpenBSD: sshcfgparse.sh,v 1.2 2016/07/14 01:24:21 dtucker Exp $ 1# $OpenBSD: sshcfgparse.sh,v 1.4 2018/07/04 13:51:12 djm Exp $
2# Placed in the Public Domain. 2# Placed in the Public Domain.
3 3
4tid="ssh config parse" 4tid="ssh config parse"
5 5
6expect_result_present() {
7 _str="$1" ; shift
8 for _expect in "$@" ; do
9 echo "$f" | tr ',' '\n' | grep "^$_expect\$" >/dev/null
10 if test $? -ne 0 ; then
11 fail "missing expected \"$_expect\" from \"$_str\""
12 fi
13 done
14}
15expect_result_absent() {
16 _str="$1" ; shift
17 for _expect in "$@" ; do
18 echo "$f" | tr ',' '\n' | grep "^$_expect\$" >/dev/null
19 if test $? -eq 0 ; then
20 fail "unexpected \"$_expect\" present in \"$_str\""
21 fi
22 done
23}
24
6verbose "reparse minimal config" 25verbose "reparse minimal config"
7(${SSH} -G -F $OBJ/ssh_config somehost >$OBJ/ssh_config.1 && 26(${SSH} -G -F $OBJ/ssh_config somehost >$OBJ/ssh_config.1 &&
8 ${SSH} -G -F $OBJ/ssh_config.1 somehost >$OBJ/ssh_config.2 && 27 ${SSH} -G -F $OBJ/ssh_config.1 somehost >$OBJ/ssh_config.2 &&
@@ -25,5 +44,46 @@ f=`${SSH} -GF $OBJ/ssh_config -W a:1 -o clearallforwardings=no h | \
25 awk '/clearallforwardings/{print $2}'` 44 awk '/clearallforwardings/{print $2}'`
26test "$f" = "no" || fail "clearallforwardings override" 45test "$f" = "no" || fail "clearallforwardings override"
27 46
47verbose "user first match"
48user=`awk '$1=="User" {print $2}' $OBJ/ssh_config`
49f=`${SSH} -GF $OBJ/ssh_config host | awk '/^user /{print $2}'`
50test "$f" = "$user" || fail "user from config, expected '$user' got '$f'"
51f=`${SSH} -GF $OBJ/ssh_config -o user=foo -l bar baz@host | awk '/^user /{print $2}'`
52test "$f" = "foo" || fail "user first match -oUser, expected 'foo' got '$f' "
53f=`${SSH} -GF $OBJ/ssh_config -lbar baz@host user=foo baz@host | awk '/^user /{print $2}'`
54test "$f" = "bar" || fail "user first match -l, expected 'bar' got '$f'"
55f=`${SSH} -GF $OBJ/ssh_config baz@host -o user=foo -l bar baz@host | awk '/^user /{print $2}'`
56test "$f" = "baz" || fail "user first match user@host, expected 'baz' got '$f'"
57
58verbose "pubkeyacceptedkeytypes"
59# Default set
60f=`${SSH} -GF none host | awk '/^pubkeyacceptedkeytypes /{print $2}'`
61expect_result_present "$f" "ssh-ed25519" "ssh-ed25519-cert-v01.*"
62expect_result_absent "$f" "ssh-dss"
63# Explicit override
64f=`${SSH} -GF none -opubkeyacceptedkeytypes=ssh-ed25519 host | \
65 awk '/^pubkeyacceptedkeytypes /{print $2}'`
66expect_result_present "$f" "ssh-ed25519"
67expect_result_absent "$f" "ssh-ed25519-cert-v01.*" "ssh-dss"
68# Removal from default set
69f=`${SSH} -GF none -opubkeyacceptedkeytypes=-ssh-ed25519-cert* host | \
70 awk '/^pubkeyacceptedkeytypes /{print $2}'`
71expect_result_present "$f" "ssh-ed25519"
72expect_result_absent "$f" "ssh-ed25519-cert-v01.*" "ssh-dss"
73f=`${SSH} -GF none -opubkeyacceptedkeytypes=-ssh-ed25519 host | \
74 awk '/^pubkeyacceptedkeytypes /{print $2}'`
75expect_result_present "$f" "ssh-ed25519-cert-v01.*"
76expect_result_absent "$f" "ssh-ed25519" "ssh-dss"
77# Append to default set.
78# XXX this will break for !WITH_OPENSSL
79f=`${SSH} -GF none -opubkeyacceptedkeytypes=+ssh-dss-cert* host | \
80 awk '/^pubkeyacceptedkeytypes /{print $2}'`
81expect_result_present "$f" "ssh-ed25519" "ssh-dss-cert-v01.*"
82expect_result_absent "$f" "ssh-dss"
83f=`${SSH} -GF none -opubkeyacceptedkeytypes=+ssh-dss host | \
84 awk '/^pubkeyacceptedkeytypes /{print $2}'`
85expect_result_present "$f" "ssh-ed25519" "ssh-ed25519-cert-v01.*" "ssh-dss"
86expect_result_absent "$f" "ssh-dss-cert-v01.*"
87
28# cleanup 88# cleanup
29rm -f $OBJ/ssh_config.[012] 89rm -f $OBJ/ssh_config.[012]
diff --git a/regress/test-exec.sh b/regress/test-exec.sh
index b6169f157..40d46e3cd 100644
--- a/regress/test-exec.sh
+++ b/regress/test-exec.sh
@@ -1,4 +1,4 @@
1# $OpenBSD: test-exec.sh,v 1.62 2018/03/16 09:06:31 dtucker Exp $ 1# $OpenBSD: test-exec.sh,v 1.64 2018/08/10 01:35:49 dtucker Exp $
2# Placed in the Public Domain. 2# Placed in the Public Domain.
3 3
4#SUDO=sudo 4#SUDO=sudo
@@ -76,6 +76,9 @@ SFTP=sftp
76SFTPSERVER=/usr/libexec/openssh/sftp-server 76SFTPSERVER=/usr/libexec/openssh/sftp-server
77SCP=scp 77SCP=scp
78 78
79# Set by make_tmpdir() on demand (below).
80SSH_REGRESS_TMP=
81
79# Interop testing 82# Interop testing
80PLINK=plink 83PLINK=plink
81PUTTYGEN=puttygen 84PUTTYGEN=puttygen
@@ -163,9 +166,13 @@ if [ "x$USE_VALGRIND" != "x" ]; then
163 esac 166 esac
164 167
165 if [ x"$VG_SKIP" = "x" ]; then 168 if [ x"$VG_SKIP" = "x" ]; then
169 VG_LEAK="--leak-check=no"
170 if [ x"$VALGRIND_CHECK_LEAKS" != "x" ]; then
171 VG_LEAK="--leak-check=full"
172 fi
166 VG_IGNORE="/bin/*,/sbin/*,/usr/*,/var/*" 173 VG_IGNORE="/bin/*,/sbin/*,/usr/*,/var/*"
167 VG_LOG="$OBJ/valgrind-out/${VG_TEST}." 174 VG_LOG="$OBJ/valgrind-out/${VG_TEST}."
168 VG_OPTS="--track-origins=yes --leak-check=full" 175 VG_OPTS="--track-origins=yes $VG_LEAK"
169 VG_OPTS="$VG_OPTS --trace-children=yes" 176 VG_OPTS="$VG_OPTS --trace-children=yes"
170 VG_OPTS="$VG_OPTS --trace-children-skip=${VG_IGNORE}" 177 VG_OPTS="$VG_OPTS --trace-children-skip=${VG_IGNORE}"
171 VG_PATH="valgrind" 178 VG_PATH="valgrind"
@@ -318,6 +325,12 @@ stop_sshd ()
318 fi 325 fi
319} 326}
320 327
328make_tmpdir ()
329{
330 SSH_REGRESS_TMP="$($OBJ/mkdtemp openssh-XXXXXXXX)" || \
331 fatal "failed to create temporary directory"
332}
333
321# helper 334# helper
322cleanup () 335cleanup ()
323{ 336{
@@ -328,6 +341,9 @@ cleanup ()
328 kill $SSH_PID 341 kill $SSH_PID
329 fi 342 fi
330 fi 343 fi
344 if [ "x$SSH_REGRESS_TMP" != "x" ]; then
345 rm -rf "$SSH_REGRESS_TMP"
346 fi
331 stop_sshd 347 stop_sshd
332} 348}
333 349
@@ -375,7 +391,10 @@ fail ()
375 save_debug_log "FAIL: $@" 391 save_debug_log "FAIL: $@"
376 RESULT=1 392 RESULT=1
377 echo "$@" 393 echo "$@"
378 394 if test "x$TEST_SSH_FAIL_FATAL" != "x" ; then
395 cleanup
396 exit $RESULT
397 fi
379} 398}
380 399
381fatal () 400fatal ()
@@ -512,10 +531,13 @@ if test "$REGRESS_INTEROP_PUTTY" = "yes" ; then
512 >> $OBJ/authorized_keys_$USER 531 >> $OBJ/authorized_keys_$USER
513 532
514 # Convert rsa2 host key to PuTTY format 533 # Convert rsa2 host key to PuTTY format
515 ${SRC}/ssh2putty.sh 127.0.0.1 $PORT $OBJ/rsa > \ 534 cp $OBJ/rsa $OBJ/rsa_oldfmt
535 ${SSHKEYGEN} -p -N '' -m PEM -f $OBJ/rsa_oldfmt >/dev/null
536 ${SRC}/ssh2putty.sh 127.0.0.1 $PORT $OBJ/rsa_oldfmt > \
516 ${OBJ}/.putty/sshhostkeys 537 ${OBJ}/.putty/sshhostkeys
517 ${SRC}/ssh2putty.sh 127.0.0.1 22 $OBJ/rsa >> \ 538 ${SRC}/ssh2putty.sh 127.0.0.1 22 $OBJ/rsa_oldfmt >> \
518 ${OBJ}/.putty/sshhostkeys 539 ${OBJ}/.putty/sshhostkeys
540 rm -f $OBJ/rsa_oldfmt
519 541
520 # Setup proxied session 542 # Setup proxied session
521 mkdir -p ${OBJ}/.putty/sessions 543 mkdir -p ${OBJ}/.putty/sessions
diff --git a/regress/unittests/hostkeys/test_iterate.c b/regress/unittests/hostkeys/test_iterate.c
index 751825dda..d6963bd2a 100644
--- a/regress/unittests/hostkeys/test_iterate.c
+++ b/regress/unittests/hostkeys/test_iterate.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: test_iterate.c,v 1.5 2017/04/30 23:33:48 djm Exp $ */ 1/* $OpenBSD: test_iterate.c,v 1.6 2018/07/16 03:09:59 djm Exp $ */
2/* 2/*
3 * Regress test for hostfile.h hostkeys_foreach() 3 * Regress test for hostfile.h hostkeys_foreach()
4 * 4 *
@@ -152,6 +152,17 @@ prepare_expected(struct expected *expected, size_t n)
152 } 152 }
153} 153}
154 154
155static void
156cleanup_expected(struct expected *expected, size_t n)
157{
158 size_t i;
159
160 for (i = 0; i < n; i++) {
161 sshkey_free(expected[i].l.key);
162 expected[i].l.key = NULL;
163 }
164}
165
155struct expected expected_full[] = { 166struct expected expected_full[] = {
156 { NULL, -1, -1, 0, 0, 0, 0, -1, { 167 { NULL, -1, -1, 0, 0, 0, 0, -1, {
157 NULL, /* path, don't care */ 168 NULL, /* path, don't care */
@@ -825,6 +836,7 @@ test_iterate(void)
825 prepare_expected(expected_full, ctx.nexpected); 836 prepare_expected(expected_full, ctx.nexpected);
826 ASSERT_INT_EQ(hostkeys_foreach(test_data_file("known_hosts"), 837 ASSERT_INT_EQ(hostkeys_foreach(test_data_file("known_hosts"),
827 check, &ctx, NULL, NULL, ctx.flags), 0); 838 check, &ctx, NULL, NULL, ctx.flags), 0);
839 cleanup_expected(expected_full, ctx.nexpected);
828 TEST_DONE(); 840 TEST_DONE();
829 841
830 TEST_START("hostkeys_iterate all without key parse"); 842 TEST_START("hostkeys_iterate all without key parse");
@@ -835,6 +847,7 @@ test_iterate(void)
835 prepare_expected(expected_full, ctx.nexpected); 847 prepare_expected(expected_full, ctx.nexpected);
836 ASSERT_INT_EQ(hostkeys_foreach(test_data_file("known_hosts"), 848 ASSERT_INT_EQ(hostkeys_foreach(test_data_file("known_hosts"),
837 check, &ctx, NULL, NULL, ctx.flags), 0); 849 check, &ctx, NULL, NULL, ctx.flags), 0);
850 cleanup_expected(expected_full, ctx.nexpected);
838 TEST_DONE(); 851 TEST_DONE();
839 852
840 TEST_START("hostkeys_iterate specify host 1"); 853 TEST_START("hostkeys_iterate specify host 1");
@@ -846,6 +859,7 @@ test_iterate(void)
846 prepare_expected(expected_full, ctx.nexpected); 859 prepare_expected(expected_full, ctx.nexpected);
847 ASSERT_INT_EQ(hostkeys_foreach(test_data_file("known_hosts"), 860 ASSERT_INT_EQ(hostkeys_foreach(test_data_file("known_hosts"),
848 check, &ctx, "prometheus.example.com", NULL, ctx.flags), 0); 861 check, &ctx, "prometheus.example.com", NULL, ctx.flags), 0);
862 cleanup_expected(expected_full, ctx.nexpected);
849 TEST_DONE(); 863 TEST_DONE();
850 864
851 TEST_START("hostkeys_iterate specify host 2"); 865 TEST_START("hostkeys_iterate specify host 2");
@@ -857,6 +871,7 @@ test_iterate(void)
857 prepare_expected(expected_full, ctx.nexpected); 871 prepare_expected(expected_full, ctx.nexpected);
858 ASSERT_INT_EQ(hostkeys_foreach(test_data_file("known_hosts"), 872 ASSERT_INT_EQ(hostkeys_foreach(test_data_file("known_hosts"),
859 check, &ctx, "sisyphus.example.com", NULL, ctx.flags), 0); 873 check, &ctx, "sisyphus.example.com", NULL, ctx.flags), 0);
874 cleanup_expected(expected_full, ctx.nexpected);
860 TEST_DONE(); 875 TEST_DONE();
861 876
862 TEST_START("hostkeys_iterate match host 1"); 877 TEST_START("hostkeys_iterate match host 1");
@@ -868,6 +883,7 @@ test_iterate(void)
868 prepare_expected(expected_full, ctx.nexpected); 883 prepare_expected(expected_full, ctx.nexpected);
869 ASSERT_INT_EQ(hostkeys_foreach(test_data_file("known_hosts"), 884 ASSERT_INT_EQ(hostkeys_foreach(test_data_file("known_hosts"),
870 check, &ctx, "prometheus.example.com", NULL, ctx.flags), 0); 885 check, &ctx, "prometheus.example.com", NULL, ctx.flags), 0);
886 cleanup_expected(expected_full, ctx.nexpected);
871 TEST_DONE(); 887 TEST_DONE();
872 888
873 TEST_START("hostkeys_iterate match host 2"); 889 TEST_START("hostkeys_iterate match host 2");
@@ -879,6 +895,7 @@ test_iterate(void)
879 prepare_expected(expected_full, ctx.nexpected); 895 prepare_expected(expected_full, ctx.nexpected);
880 ASSERT_INT_EQ(hostkeys_foreach(test_data_file("known_hosts"), 896 ASSERT_INT_EQ(hostkeys_foreach(test_data_file("known_hosts"),
881 check, &ctx, "sisyphus.example.com", NULL, ctx.flags), 0); 897 check, &ctx, "sisyphus.example.com", NULL, ctx.flags), 0);
898 cleanup_expected(expected_full, ctx.nexpected);
882 TEST_DONE(); 899 TEST_DONE();
883 900
884 TEST_START("hostkeys_iterate specify host missing"); 901 TEST_START("hostkeys_iterate specify host missing");
@@ -889,6 +906,7 @@ test_iterate(void)
889 prepare_expected(expected_full, ctx.nexpected); 906 prepare_expected(expected_full, ctx.nexpected);
890 ASSERT_INT_EQ(hostkeys_foreach(test_data_file("known_hosts"), 907 ASSERT_INT_EQ(hostkeys_foreach(test_data_file("known_hosts"),
891 check, &ctx, "actaeon.example.org", NULL, ctx.flags), 0); 908 check, &ctx, "actaeon.example.org", NULL, ctx.flags), 0);
909 cleanup_expected(expected_full, ctx.nexpected);
892 TEST_DONE(); 910 TEST_DONE();
893 911
894 TEST_START("hostkeys_iterate match host missing"); 912 TEST_START("hostkeys_iterate match host missing");
@@ -899,6 +917,7 @@ test_iterate(void)
899 prepare_expected(expected_full, ctx.nexpected); 917 prepare_expected(expected_full, ctx.nexpected);
900 ASSERT_INT_EQ(hostkeys_foreach(test_data_file("known_hosts"), 918 ASSERT_INT_EQ(hostkeys_foreach(test_data_file("known_hosts"),
901 check, &ctx, "actaeon.example.org", NULL, ctx.flags), 0); 919 check, &ctx, "actaeon.example.org", NULL, ctx.flags), 0);
920 cleanup_expected(expected_full, ctx.nexpected);
902 TEST_DONE(); 921 TEST_DONE();
903 922
904 TEST_START("hostkeys_iterate specify IPv4"); 923 TEST_START("hostkeys_iterate specify IPv4");
@@ -910,6 +929,7 @@ test_iterate(void)
910 prepare_expected(expected_full, ctx.nexpected); 929 prepare_expected(expected_full, ctx.nexpected);
911 ASSERT_INT_EQ(hostkeys_foreach(test_data_file("known_hosts"), 930 ASSERT_INT_EQ(hostkeys_foreach(test_data_file("known_hosts"),
912 check, &ctx, "tiresias.example.org", "192.0.2.1", ctx.flags), 0); 931 check, &ctx, "tiresias.example.org", "192.0.2.1", ctx.flags), 0);
932 cleanup_expected(expected_full, ctx.nexpected);
913 TEST_DONE(); 933 TEST_DONE();
914 934
915 TEST_START("hostkeys_iterate specify IPv6"); 935 TEST_START("hostkeys_iterate specify IPv6");
@@ -921,6 +941,7 @@ test_iterate(void)
921 prepare_expected(expected_full, ctx.nexpected); 941 prepare_expected(expected_full, ctx.nexpected);
922 ASSERT_INT_EQ(hostkeys_foreach(test_data_file("known_hosts"), 942 ASSERT_INT_EQ(hostkeys_foreach(test_data_file("known_hosts"),
923 check, &ctx, "tiresias.example.org", "2001:db8::1", ctx.flags), 0); 943 check, &ctx, "tiresias.example.org", "2001:db8::1", ctx.flags), 0);
944 cleanup_expected(expected_full, ctx.nexpected);
924 TEST_DONE(); 945 TEST_DONE();
925 946
926 TEST_START("hostkeys_iterate match IPv4"); 947 TEST_START("hostkeys_iterate match IPv4");
@@ -932,6 +953,7 @@ test_iterate(void)
932 prepare_expected(expected_full, ctx.nexpected); 953 prepare_expected(expected_full, ctx.nexpected);
933 ASSERT_INT_EQ(hostkeys_foreach(test_data_file("known_hosts"), 954 ASSERT_INT_EQ(hostkeys_foreach(test_data_file("known_hosts"),
934 check, &ctx, "tiresias.example.org", "192.0.2.1", ctx.flags), 0); 955 check, &ctx, "tiresias.example.org", "192.0.2.1", ctx.flags), 0);
956 cleanup_expected(expected_full, ctx.nexpected);
935 TEST_DONE(); 957 TEST_DONE();
936 958
937 TEST_START("hostkeys_iterate match IPv6"); 959 TEST_START("hostkeys_iterate match IPv6");
@@ -943,6 +965,7 @@ test_iterate(void)
943 prepare_expected(expected_full, ctx.nexpected); 965 prepare_expected(expected_full, ctx.nexpected);
944 ASSERT_INT_EQ(hostkeys_foreach(test_data_file("known_hosts"), 966 ASSERT_INT_EQ(hostkeys_foreach(test_data_file("known_hosts"),
945 check, &ctx, "tiresias.example.org", "2001:db8::1", ctx.flags), 0); 967 check, &ctx, "tiresias.example.org", "2001:db8::1", ctx.flags), 0);
968 cleanup_expected(expected_full, ctx.nexpected);
946 TEST_DONE(); 969 TEST_DONE();
947 970
948 TEST_START("hostkeys_iterate specify addr missing"); 971 TEST_START("hostkeys_iterate specify addr missing");
@@ -953,6 +976,7 @@ test_iterate(void)
953 prepare_expected(expected_full, ctx.nexpected); 976 prepare_expected(expected_full, ctx.nexpected);
954 ASSERT_INT_EQ(hostkeys_foreach(test_data_file("known_hosts"), 977 ASSERT_INT_EQ(hostkeys_foreach(test_data_file("known_hosts"),
955 check, &ctx, "tiresias.example.org", "192.168.0.1", ctx.flags), 0); 978 check, &ctx, "tiresias.example.org", "192.168.0.1", ctx.flags), 0);
979 cleanup_expected(expected_full, ctx.nexpected);
956 TEST_DONE(); 980 TEST_DONE();
957 981
958 TEST_START("hostkeys_iterate match addr missing"); 982 TEST_START("hostkeys_iterate match addr missing");
@@ -963,6 +987,7 @@ test_iterate(void)
963 prepare_expected(expected_full, ctx.nexpected); 987 prepare_expected(expected_full, ctx.nexpected);
964 ASSERT_INT_EQ(hostkeys_foreach(test_data_file("known_hosts"), 988 ASSERT_INT_EQ(hostkeys_foreach(test_data_file("known_hosts"),
965 check, &ctx, "tiresias.example.org", "::1", ctx.flags), 0); 989 check, &ctx, "tiresias.example.org", "::1", ctx.flags), 0);
990 cleanup_expected(expected_full, ctx.nexpected);
966 TEST_DONE(); 991 TEST_DONE();
967 992
968 TEST_START("hostkeys_iterate specify host 2 and IPv4"); 993 TEST_START("hostkeys_iterate specify host 2 and IPv4");
@@ -975,6 +1000,7 @@ test_iterate(void)
975 prepare_expected(expected_full, ctx.nexpected); 1000 prepare_expected(expected_full, ctx.nexpected);
976 ASSERT_INT_EQ(hostkeys_foreach(test_data_file("known_hosts"), 1001 ASSERT_INT_EQ(hostkeys_foreach(test_data_file("known_hosts"),
977 check, &ctx, "sisyphus.example.com", "192.0.2.1", ctx.flags), 0); 1002 check, &ctx, "sisyphus.example.com", "192.0.2.1", ctx.flags), 0);
1003 cleanup_expected(expected_full, ctx.nexpected);
978 TEST_DONE(); 1004 TEST_DONE();
979 1005
980 TEST_START("hostkeys_iterate match host 1 and IPv6"); 1006 TEST_START("hostkeys_iterate match host 1 and IPv6");
@@ -986,7 +1012,9 @@ test_iterate(void)
986 ctx.match_ipv6 = 1; 1012 ctx.match_ipv6 = 1;
987 prepare_expected(expected_full, ctx.nexpected); 1013 prepare_expected(expected_full, ctx.nexpected);
988 ASSERT_INT_EQ(hostkeys_foreach(test_data_file("known_hosts"), 1014 ASSERT_INT_EQ(hostkeys_foreach(test_data_file("known_hosts"),
989 check, &ctx, "prometheus.example.com", "2001:db8::1", ctx.flags), 0); 1015 check, &ctx, "prometheus.example.com",
1016 "2001:db8::1", ctx.flags), 0);
1017 cleanup_expected(expected_full, ctx.nexpected);
990 TEST_DONE(); 1018 TEST_DONE();
991 1019
992 TEST_START("hostkeys_iterate specify host 2 and IPv4 w/ key parse"); 1020 TEST_START("hostkeys_iterate specify host 2 and IPv4 w/ key parse");
@@ -999,6 +1027,7 @@ test_iterate(void)
999 prepare_expected(expected_full, ctx.nexpected); 1027 prepare_expected(expected_full, ctx.nexpected);
1000 ASSERT_INT_EQ(hostkeys_foreach(test_data_file("known_hosts"), 1028 ASSERT_INT_EQ(hostkeys_foreach(test_data_file("known_hosts"),
1001 check, &ctx, "sisyphus.example.com", "192.0.2.1", ctx.flags), 0); 1029 check, &ctx, "sisyphus.example.com", "192.0.2.1", ctx.flags), 0);
1030 cleanup_expected(expected_full, ctx.nexpected);
1002 TEST_DONE(); 1031 TEST_DONE();
1003 1032
1004 TEST_START("hostkeys_iterate match host 1 and IPv6 w/ key parse"); 1033 TEST_START("hostkeys_iterate match host 1 and IPv6 w/ key parse");
@@ -1010,7 +1039,9 @@ test_iterate(void)
1010 ctx.match_ipv6 = 1; 1039 ctx.match_ipv6 = 1;
1011 prepare_expected(expected_full, ctx.nexpected); 1040 prepare_expected(expected_full, ctx.nexpected);
1012 ASSERT_INT_EQ(hostkeys_foreach(test_data_file("known_hosts"), 1041 ASSERT_INT_EQ(hostkeys_foreach(test_data_file("known_hosts"),
1013 check, &ctx, "prometheus.example.com", "2001:db8::1", ctx.flags), 0); 1042 check, &ctx, "prometheus.example.com",
1043 "2001:db8::1", ctx.flags), 0);
1044 cleanup_expected(expected_full, ctx.nexpected);
1014 TEST_DONE(); 1045 TEST_DONE();
1015} 1046}
1016 1047
diff --git a/regress/unittests/match/tests.c b/regress/unittests/match/tests.c
index e1593367b..3d9af55f2 100644
--- a/regress/unittests/match/tests.c
+++ b/regress/unittests/match/tests.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: tests.c,v 1.4 2017/02/03 23:01:42 djm Exp $ */ 1/* $OpenBSD: tests.c,v 1.5 2018/07/04 13:51:45 djm Exp $ */
2/* 2/*
3 * Regress test for matching functions 3 * Regress test for matching functions
4 * 4 *
@@ -105,7 +105,7 @@ tests(void)
105 105
106#define CHECK_FILTER(string,filter,expected) \ 106#define CHECK_FILTER(string,filter,expected) \
107 do { \ 107 do { \
108 char *result = match_filter_list((string), (filter)); \ 108 char *result = match_filter_blacklist((string), (filter)); \
109 ASSERT_STRING_EQ(result, expected); \ 109 ASSERT_STRING_EQ(result, expected); \
110 free(result); \ 110 free(result); \
111 } while (0) 111 } while (0)
diff --git a/regress/unittests/sshkey/test_sshkey.c b/regress/unittests/sshkey/test_sshkey.c
index 1aa608f92..72367bde7 100644
--- a/regress/unittests/sshkey/test_sshkey.c
+++ b/regress/unittests/sshkey/test_sshkey.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: test_sshkey.c,v 1.13 2017/12/21 00:41:22 djm Exp $ */ 1/* $OpenBSD: test_sshkey.c,v 1.14 2018/07/13 02:13:19 djm Exp $ */
2/* 2/*
3 * Regress test for sshkey.h key management API 3 * Regress test for sshkey.h key management API
4 * 4 *
@@ -434,10 +434,13 @@ sshkey_tests(void)
434 ASSERT_PTR_NE(k1->cert->principals[1], NULL); 434 ASSERT_PTR_NE(k1->cert->principals[1], NULL);
435 ASSERT_PTR_NE(k1->cert->principals[2], NULL); 435 ASSERT_PTR_NE(k1->cert->principals[2], NULL);
436 ASSERT_PTR_NE(k1->cert->principals[3], NULL); 436 ASSERT_PTR_NE(k1->cert->principals[3], NULL);
437 k1->cert->nprincipals = 4;
437 k1->cert->valid_after = 0; 438 k1->cert->valid_after = 0;
438 k1->cert->valid_before = (u_int64_t)-1; 439 k1->cert->valid_before = (u_int64_t)-1;
440 sshbuf_free(k1->cert->critical);
439 k1->cert->critical = sshbuf_new(); 441 k1->cert->critical = sshbuf_new();
440 ASSERT_PTR_NE(k1->cert->critical, NULL); 442 ASSERT_PTR_NE(k1->cert->critical, NULL);
443 sshbuf_free(k1->cert->extensions);
441 k1->cert->extensions = sshbuf_new(); 444 k1->cert->extensions = sshbuf_new();
442 ASSERT_PTR_NE(k1->cert->extensions, NULL); 445 ASSERT_PTR_NE(k1->cert->extensions, NULL);
443 put_opt(k1->cert->critical, "force-command", "/usr/bin/true"); 446 put_opt(k1->cert->critical, "force-command", "/usr/bin/true");
diff --git a/regress/valgrind-unit.sh b/regress/valgrind-unit.sh
index 433cb069a..4143ead4b 100755
--- a/regress/valgrind-unit.sh
+++ b/regress/valgrind-unit.sh
@@ -7,10 +7,12 @@ UNIT_ARGS="$@"
7test "x$OBJ" = "x" && OBJ=$PWD 7test "x$OBJ" = "x" && OBJ=$PWD
8 8
9# This mostly replicates the logic in test-exec.sh for running the 9# This mostly replicates the logic in test-exec.sh for running the
10# regress tests under valgrind. 10# regress tests under valgrind, except that we unconditionally enable
11# leak checking because the unit tests should be clean.
12VG_LEAK="--leak-check=full"
11VG_TEST=`basename $UNIT_BINARY` 13VG_TEST=`basename $UNIT_BINARY`
12VG_LOG="$OBJ/valgrind-out/${VG_TEST}.%p" 14VG_LOG="$OBJ/valgrind-out/${VG_TEST}.%p"
13VG_OPTS="--track-origins=yes --leak-check=full --log-file=${VG_LOG}" 15VG_OPTS="--track-origins=yes $VG_LEAK --log-file=${VG_LOG}"
14VG_OPTS="$VG_OPTS --trace-children=yes" 16VG_OPTS="$VG_OPTS --trace-children=yes"
15VG_PATH="valgrind" 17VG_PATH="valgrind"
16if [ "x$VALGRIND_PATH" != "x" ]; then 18if [ "x$VALGRIND_PATH" != "x" ]; then
diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c
index 98062f152..f216ba353 100644
--- a/sandbox-seccomp-filter.c
+++ b/sandbox-seccomp-filter.c
@@ -169,30 +169,30 @@ static const struct sock_filter preauth_insns[] = {
169#if defined(__NR_flock) && defined(__s390__) 169#if defined(__NR_flock) && defined(__s390__)
170 SC_ALLOW(__NR_flock), 170 SC_ALLOW(__NR_flock),
171#endif 171#endif
172#ifdef __NR_getpgid
173 SC_ALLOW(__NR_getpgid),
174#endif
175#ifdef __NR_getpid
176 SC_ALLOW(__NR_getpid),
177#endif
178#ifdef __NR_getuid
179 SC_ALLOW(__NR_getuid),
180#endif
181#ifdef __NR_getuid32
182 SC_ALLOW(__NR_getuid32),
183#endif
184#ifdef __NR_geteuid 172#ifdef __NR_geteuid
185 SC_ALLOW(__NR_geteuid), 173 SC_ALLOW(__NR_geteuid),
186#endif 174#endif
187#ifdef __NR_geteuid32 175#ifdef __NR_geteuid32
188 SC_ALLOW(__NR_geteuid32), 176 SC_ALLOW(__NR_geteuid32),
189#endif 177#endif
178#ifdef __NR_getpgid
179 SC_ALLOW(__NR_getpgid),
180#endif
181#ifdef __NR_getpid
182 SC_ALLOW(__NR_getpid),
183#endif
190#ifdef __NR_getrandom 184#ifdef __NR_getrandom
191 SC_ALLOW(__NR_getrandom), 185 SC_ALLOW(__NR_getrandom),
192#endif 186#endif
193#ifdef __NR_gettimeofday 187#ifdef __NR_gettimeofday
194 SC_ALLOW(__NR_gettimeofday), 188 SC_ALLOW(__NR_gettimeofday),
195#endif 189#endif
190#ifdef __NR_getuid
191 SC_ALLOW(__NR_getuid),
192#endif
193#ifdef __NR_getuid32
194 SC_ALLOW(__NR_getuid32),
195#endif
196#if defined(__NR_ipc) && defined(__s390__) 196#if defined(__NR_ipc) && defined(__s390__)
197 SC_ALLOW(__NR_ipc), 197 SC_ALLOW(__NR_ipc),
198#endif 198#endif
@@ -211,6 +211,9 @@ static const struct sock_filter preauth_insns[] = {
211#ifdef __NR_munmap 211#ifdef __NR_munmap
212 SC_ALLOW(__NR_munmap), 212 SC_ALLOW(__NR_munmap),
213#endif 213#endif
214#ifdef __NR_nanosleep
215 SC_ALLOW(__NR_nanosleep),
216#endif
214#ifdef __NR__newselect 217#ifdef __NR__newselect
215 SC_ALLOW(__NR__newselect), 218 SC_ALLOW(__NR__newselect),
216#endif 219#endif
diff --git a/sandbox-systrace.c b/sandbox-systrace.c
index b4d8d04ca..add4c46d0 100644
--- a/sandbox-systrace.c
+++ b/sandbox-systrace.c
@@ -59,6 +59,7 @@ static const struct sandbox_policy preauth_policy[] = {
59 { SYS_getpgid, SYSTR_POLICY_PERMIT }, 59 { SYS_getpgid, SYSTR_POLICY_PERMIT },
60 { SYS_clock_gettime, SYSTR_POLICY_PERMIT }, 60 { SYS_clock_gettime, SYSTR_POLICY_PERMIT },
61 { SYS_gettimeofday, SYSTR_POLICY_PERMIT }, 61 { SYS_gettimeofday, SYSTR_POLICY_PERMIT },
62 { SYS_nanosleep, SYSTR_POLICY_PERMIT },
62 { SYS_sigprocmask, SYSTR_POLICY_PERMIT }, 63 { SYS_sigprocmask, SYSTR_POLICY_PERMIT },
63 64
64#ifdef SYS_getentropy 65#ifdef SYS_getentropy
diff --git a/scp.0 b/scp.0
index 0089ed80f..11516924b 100644
--- a/scp.0
+++ b/scp.0
@@ -114,10 +114,10 @@ DESCRIPTION
114 SendEnv 114 SendEnv
115 ServerAliveInterval 115 ServerAliveInterval
116 ServerAliveCountMax 116 ServerAliveCountMax
117 SetEnv
117 StrictHostKeyChecking 118 StrictHostKeyChecking
118 TCPKeepAlive 119 TCPKeepAlive
119 UpdateHostKeys 120 UpdateHostKeys
120 UsePrivilegedPort
121 User 121 User
122 UserKnownHostsFile 122 UserKnownHostsFile
123 VerifyHostKeyDNS 123 VerifyHostKeyDNS
@@ -159,4 +159,4 @@ AUTHORS
159 Timo Rinne <tri@iki.fi> 159 Timo Rinne <tri@iki.fi>
160 Tatu Ylonen <ylo@cs.hut.fi> 160 Tatu Ylonen <ylo@cs.hut.fi>
161 161
162OpenBSD 6.2 February 23, 2018 OpenBSD 6.2 162OpenBSD 6.4 July 19, 2018 OpenBSD 6.4
diff --git a/scp.1 b/scp.1
index 8d251e34a..92abcaf07 100644
--- a/scp.1
+++ b/scp.1
@@ -8,9 +8,9 @@
8.\" 8.\"
9.\" Created: Sun May 7 00:14:37 1995 ylo 9.\" Created: Sun May 7 00:14:37 1995 ylo
10.\" 10.\"
11.\" $OpenBSD: scp.1,v 1.77 2018/02/23 07:38:09 jmc Exp $ 11.\" $OpenBSD: scp.1,v 1.80 2018/07/19 10:28:47 dtucker Exp $
12.\" 12.\"
13.Dd $Mdocdate: February 23 2018 $ 13.Dd $Mdocdate: July 19 2018 $
14.Dt SCP 1 14.Dt SCP 1
15.Os 15.Os
16.Sh NAME 16.Sh NAME
@@ -173,10 +173,10 @@ For full details of the options listed below, and their possible values, see
173.It SendEnv 173.It SendEnv
174.It ServerAliveInterval 174.It ServerAliveInterval
175.It ServerAliveCountMax 175.It ServerAliveCountMax
176.It SetEnv
176.It StrictHostKeyChecking 177.It StrictHostKeyChecking
177.It TCPKeepAlive 178.It TCPKeepAlive
178.It UpdateHostKeys 179.It UpdateHostKeys
179.It UsePrivilegedPort
180.It User 180.It User
181.It UserKnownHostsFile 181.It UserKnownHostsFile
182.It VerifyHostKeyDNS 182.It VerifyHostKeyDNS
diff --git a/scp.c b/scp.c
index 2bbf6938e..ed2864250 100644
--- a/scp.c
+++ b/scp.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: scp.c,v 1.195 2018/02/10 06:15:12 djm Exp $ */ 1/* $OpenBSD: scp.c,v 1.197 2018/06/01 04:31:48 dtucker Exp $ */
2/* 2/*
3 * scp - secure remote copy. This is basically patched BSD rcp which 3 * scp - secure remote copy. This is basically patched BSD rcp which
4 * uses ssh to do the data transfer (instead of using rcmd). 4 * uses ssh to do the data transfer (instead of using rcmd).
@@ -319,7 +319,7 @@ do_cmd(char *host, char *remuser, int port, char *cmd, int *fdin, int *fdout)
319} 319}
320 320
321/* 321/*
322 * This functions executes a command simlar to do_cmd(), but expects the 322 * This function executes a command similar to do_cmd(), but expects the
323 * input and output descriptors to be setup by a previous call to do_cmd(). 323 * input and output descriptors to be setup by a previous call to do_cmd().
324 * This way the input and output of two commands can be connected. 324 * This way the input and output of two commands can be connected.
325 */ 325 */
@@ -1100,6 +1100,8 @@ sink(int argc, char **argv)
1100 SCREWUP("bad mode"); 1100 SCREWUP("bad mode");
1101 mode = (mode << 3) | (*cp - '0'); 1101 mode = (mode << 3) | (*cp - '0');
1102 } 1102 }
1103 if (!pflag)
1104 mode &= ~mask;
1103 if (*cp++ != ' ') 1105 if (*cp++ != ' ')
1104 SCREWUP("mode not delimited"); 1106 SCREWUP("mode not delimited");
1105 1107
diff --git a/servconf.c b/servconf.c
index 0a8f6fd62..bb43a649c 100644
--- a/servconf.c
+++ b/servconf.c
@@ -1,5 +1,5 @@
1 1
2/* $OpenBSD: servconf.c,v 1.326 2018/03/01 20:32:16 markus Exp $ */ 2/* $OpenBSD: servconf.c,v 1.340 2018/08/12 20:19:13 djm Exp $ */
3/* 3/*
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
5 * All rights reserved 5 * All rights reserved
@@ -45,13 +45,13 @@
45#include "xmalloc.h" 45#include "xmalloc.h"
46#include "ssh.h" 46#include "ssh.h"
47#include "log.h" 47#include "log.h"
48#include "buffer.h" 48#include "sshbuf.h"
49#include "misc.h" 49#include "misc.h"
50#include "servconf.h" 50#include "servconf.h"
51#include "compat.h" 51#include "compat.h"
52#include "pathnames.h" 52#include "pathnames.h"
53#include "cipher.h" 53#include "cipher.h"
54#include "key.h" 54#include "sshkey.h"
55#include "kex.h" 55#include "kex.h"
56#include "mac.h" 56#include "mac.h"
57#include "match.h" 57#include "match.h"
@@ -59,6 +59,7 @@
59#include "groupaccess.h" 59#include "groupaccess.h"
60#include "canohost.h" 60#include "canohost.h"
61#include "packet.h" 61#include "packet.h"
62#include "ssherr.h"
62#include "hostfile.h" 63#include "hostfile.h"
63#include "auth.h" 64#include "auth.h"
64#include "myproposal.h" 65#include "myproposal.h"
@@ -71,7 +72,7 @@ static void add_one_listen_addr(ServerOptions *, const char *,
71 72
72/* Use of privilege separation or not */ 73/* Use of privilege separation or not */
73extern int use_privsep; 74extern int use_privsep;
74extern Buffer cfg; 75extern struct sshbuf *cfg;
75 76
76/* Initializes the server options to their default values. */ 77/* Initializes the server options to their default values. */
77 78
@@ -132,6 +133,7 @@ initialize_server_options(ServerOptions *options)
132 options->challenge_response_authentication = -1; 133 options->challenge_response_authentication = -1;
133 options->permit_empty_passwd = -1; 134 options->permit_empty_passwd = -1;
134 options->permit_user_env = -1; 135 options->permit_user_env = -1;
136 options->permit_user_env_whitelist = NULL;
135 options->compression = -1; 137 options->compression = -1;
136 options->rekey_limit = -1; 138 options->rekey_limit = -1;
137 options->rekey_interval = -1; 139 options->rekey_interval = -1;
@@ -160,8 +162,10 @@ initialize_server_options(ServerOptions *options)
160 options->client_alive_count_max = -1; 162 options->client_alive_count_max = -1;
161 options->num_authkeys_files = 0; 163 options->num_authkeys_files = 0;
162 options->num_accept_env = 0; 164 options->num_accept_env = 0;
165 options->num_setenv = 0;
163 options->permit_tun = -1; 166 options->permit_tun = -1;
164 options->permitted_opens = NULL; 167 options->permitted_opens = NULL;
168 options->permitted_listens = NULL;
165 options->adm_forced_command = NULL; 169 options->adm_forced_command = NULL;
166 options->chroot_directory = NULL; 170 options->chroot_directory = NULL;
167 options->authorized_keys_command = NULL; 171 options->authorized_keys_command = NULL;
@@ -190,15 +194,29 @@ option_clear_or_none(const char *o)
190static void 194static void
191assemble_algorithms(ServerOptions *o) 195assemble_algorithms(ServerOptions *o)
192{ 196{
193 if (kex_assemble_names(KEX_SERVER_ENCRYPT, &o->ciphers) != 0 || 197 char *all_cipher, *all_mac, *all_kex, *all_key;
194 kex_assemble_names(KEX_SERVER_MAC, &o->macs) != 0 || 198 int r;
195 kex_assemble_names(KEX_SERVER_KEX, &o->kex_algorithms) != 0 || 199
196 kex_assemble_names(KEX_DEFAULT_PK_ALG, 200 all_cipher = cipher_alg_list(',', 0);
197 &o->hostkeyalgorithms) != 0 || 201 all_mac = mac_alg_list(',');
198 kex_assemble_names(KEX_DEFAULT_PK_ALG, 202 all_kex = kex_alg_list(',');
199 &o->hostbased_key_types) != 0 || 203 all_key = sshkey_alg_list(0, 0, 1, ',');
200 kex_assemble_names(KEX_DEFAULT_PK_ALG, &o->pubkey_key_types) != 0) 204#define ASSEMBLE(what, defaults, all) \
201 fatal("kex_assemble_names failed"); 205 do { \
206 if ((r = kex_assemble_names(&o->what, defaults, all)) != 0) \
207 fatal("%s: %s: %s", __func__, #what, ssh_err(r)); \
208 } while (0)
209 ASSEMBLE(ciphers, KEX_SERVER_ENCRYPT, all_cipher);
210 ASSEMBLE(macs, KEX_SERVER_MAC, all_mac);
211 ASSEMBLE(kex_algorithms, KEX_SERVER_KEX, all_kex);
212 ASSEMBLE(hostkeyalgorithms, KEX_DEFAULT_PK_ALG, all_key);
213 ASSEMBLE(hostbased_key_types, KEX_DEFAULT_PK_ALG, all_key);
214 ASSEMBLE(pubkey_key_types, KEX_DEFAULT_PK_ALG, all_key);
215#undef ASSEMBLE
216 free(all_cipher);
217 free(all_mac);
218 free(all_kex);
219 free(all_key);
202} 220}
203 221
204static void 222static void
@@ -334,8 +352,10 @@ fill_default_server_options(ServerOptions *options)
334 options->challenge_response_authentication = 1; 352 options->challenge_response_authentication = 1;
335 if (options->permit_empty_passwd == -1) 353 if (options->permit_empty_passwd == -1)
336 options->permit_empty_passwd = 0; 354 options->permit_empty_passwd = 0;
337 if (options->permit_user_env == -1) 355 if (options->permit_user_env == -1) {
338 options->permit_user_env = 0; 356 options->permit_user_env = 0;
357 options->permit_user_env_whitelist = NULL;
358 }
339 if (options->compression == -1) 359 if (options->compression == -1)
340 options->compression = COMP_DELAYED; 360 options->compression = COMP_DELAYED;
341 if (options->rekey_limit == -1) 361 if (options->rekey_limit == -1)
@@ -379,9 +399,9 @@ fill_default_server_options(ServerOptions *options)
379 if (options->permit_tun == -1) 399 if (options->permit_tun == -1)
380 options->permit_tun = SSH_TUNMODE_NO; 400 options->permit_tun = SSH_TUNMODE_NO;
381 if (options->ip_qos_interactive == -1) 401 if (options->ip_qos_interactive == -1)
382 options->ip_qos_interactive = IPTOS_LOWDELAY; 402 options->ip_qos_interactive = IPTOS_DSCP_AF21;
383 if (options->ip_qos_bulk == -1) 403 if (options->ip_qos_bulk == -1)
384 options->ip_qos_bulk = IPTOS_THROUGHPUT; 404 options->ip_qos_bulk = IPTOS_DSCP_CS1;
385 if (options->version_addendum == NULL) 405 if (options->version_addendum == NULL)
386 options->version_addendum = xstrdup(""); 406 options->version_addendum = xstrdup("");
387 if (options->fwd_opts.streamlocal_bind_mask == (mode_t)-1) 407 if (options->fwd_opts.streamlocal_bind_mask == (mode_t)-1)
@@ -471,8 +491,8 @@ typedef enum {
471 sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile, 491 sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile,
472 sGssAuthentication, sGssCleanupCreds, sGssStrictAcceptor, 492 sGssAuthentication, sGssCleanupCreds, sGssStrictAcceptor,
473 sGssKeyEx, sGssStoreRekey, 493 sGssKeyEx, sGssStoreRekey,
474 sAcceptEnv, sPermitTunnel, 494 sAcceptEnv, sSetEnv, sPermitTunnel,
475 sMatch, sPermitOpen, sForceCommand, sChrootDirectory, 495 sMatch, sPermitOpen, sPermitListen, sForceCommand, sChrootDirectory,
476 sUsePrivilegeSeparation, sAllowAgentForwarding, 496 sUsePrivilegeSeparation, sAllowAgentForwarding,
477 sHostCertificate, 497 sHostCertificate,
478 sRevokedKeys, sTrustedUserCAKeys, sAuthorizedPrincipalsFile, 498 sRevokedKeys, sTrustedUserCAKeys, sAuthorizedPrincipalsFile,
@@ -563,7 +583,7 @@ static struct {
563 { "passwordauthentication", sPasswordAuthentication, SSHCFG_ALL }, 583 { "passwordauthentication", sPasswordAuthentication, SSHCFG_ALL },
564 { "kbdinteractiveauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL }, 584 { "kbdinteractiveauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL },
565 { "challengeresponseauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL }, 585 { "challengeresponseauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL },
566 { "skeyauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL }, /* alias */ 586 { "skeyauthentication", sDeprecated, SSHCFG_GLOBAL },
567 { "checkmail", sDeprecated, SSHCFG_GLOBAL }, 587 { "checkmail", sDeprecated, SSHCFG_GLOBAL },
568 { "listenaddress", sListenAddress, SSHCFG_GLOBAL }, 588 { "listenaddress", sListenAddress, SSHCFG_GLOBAL },
569 { "addressfamily", sAddressFamily, SSHCFG_GLOBAL }, 589 { "addressfamily", sAddressFamily, SSHCFG_GLOBAL },
@@ -612,11 +632,13 @@ static struct {
612 { "authorizedkeysfile2", sDeprecated, SSHCFG_ALL }, 632 { "authorizedkeysfile2", sDeprecated, SSHCFG_ALL },
613 { "useprivilegeseparation", sDeprecated, SSHCFG_GLOBAL}, 633 { "useprivilegeseparation", sDeprecated, SSHCFG_GLOBAL},
614 { "acceptenv", sAcceptEnv, SSHCFG_ALL }, 634 { "acceptenv", sAcceptEnv, SSHCFG_ALL },
635 { "setenv", sSetEnv, SSHCFG_ALL },
615 { "permittunnel", sPermitTunnel, SSHCFG_ALL }, 636 { "permittunnel", sPermitTunnel, SSHCFG_ALL },
616 { "permittty", sPermitTTY, SSHCFG_ALL }, 637 { "permittty", sPermitTTY, SSHCFG_ALL },
617 { "permituserrc", sPermitUserRC, SSHCFG_ALL }, 638 { "permituserrc", sPermitUserRC, SSHCFG_ALL },
618 { "match", sMatch, SSHCFG_ALL }, 639 { "match", sMatch, SSHCFG_ALL },
619 { "permitopen", sPermitOpen, SSHCFG_ALL }, 640 { "permitopen", sPermitOpen, SSHCFG_ALL },
641 { "permitlisten", sPermitListen, SSHCFG_ALL },
620 { "forcecommand", sForceCommand, SSHCFG_ALL }, 642 { "forcecommand", sForceCommand, SSHCFG_ALL },
621 { "chrootdirectory", sChrootDirectory, SSHCFG_ALL }, 643 { "chrootdirectory", sChrootDirectory, SSHCFG_ALL },
622 { "hostcertificate", sHostCertificate, SSHCFG_GLOBAL }, 644 { "hostcertificate", sHostCertificate, SSHCFG_GLOBAL },
@@ -653,6 +675,20 @@ static struct {
653 { -1, NULL } 675 { -1, NULL }
654}; 676};
655 677
678/* Returns an opcode name from its number */
679
680static const char *
681lookup_opcode_name(ServerOpCodes code)
682{
683 u_int i;
684
685 for (i = 0; keywords[i].name != NULL; i++)
686 if (keywords[i].opcode == code)
687 return(keywords[i].name);
688 return "UNKNOWN";
689}
690
691
656/* 692/*
657 * Returns the number of the token pointed to by cp or sBadOption. 693 * Returns the number of the token pointed to by cp or sBadOption.
658 */ 694 */
@@ -835,43 +871,59 @@ process_queued_listen_addrs(ServerOptions *options)
835} 871}
836 872
837/* 873/*
838 * Inform channels layer of permitopen options from configuration. 874 * Inform channels layer of permitopen options for a single forwarding
875 * direction (local/remote).
839 */ 876 */
840void 877static void
841process_permitopen(struct ssh *ssh, ServerOptions *options) 878process_permitopen_list(struct ssh *ssh, ServerOpCodes opcode,
879 char **opens, u_int num_opens)
842{ 880{
843 u_int i; 881 u_int i;
844 int port; 882 int port;
845 char *host, *arg, *oarg; 883 char *host, *arg, *oarg;
884 int where = opcode == sPermitOpen ? FORWARD_LOCAL : FORWARD_REMOTE;
885 const char *what = lookup_opcode_name(opcode);
846 886
847 channel_clear_adm_permitted_opens(ssh); 887 channel_clear_permission(ssh, FORWARD_ADM, where);
848 if (options->num_permitted_opens == 0) 888 if (num_opens == 0)
849 return; /* permit any */ 889 return; /* permit any */
850 890
851 /* handle keywords: "any" / "none" */ 891 /* handle keywords: "any" / "none" */
852 if (options->num_permitted_opens == 1 && 892 if (num_opens == 1 && strcmp(opens[0], "any") == 0)
853 strcmp(options->permitted_opens[0], "any") == 0)
854 return; 893 return;
855 if (options->num_permitted_opens == 1 && 894 if (num_opens == 1 && strcmp(opens[0], "none") == 0) {
856 strcmp(options->permitted_opens[0], "none") == 0) { 895 channel_disable_admin(ssh, where);
857 channel_disable_adm_local_opens(ssh);
858 return; 896 return;
859 } 897 }
860 /* Otherwise treat it as a list of permitted host:port */ 898 /* Otherwise treat it as a list of permitted host:port */
861 for (i = 0; i < options->num_permitted_opens; i++) { 899 for (i = 0; i < num_opens; i++) {
862 oarg = arg = xstrdup(options->permitted_opens[i]); 900 oarg = arg = xstrdup(opens[i]);
863 host = hpdelim(&arg); 901 host = hpdelim(&arg);
864 if (host == NULL) 902 if (host == NULL)
865 fatal("%s: missing host in PermitOpen", __func__); 903 fatal("%s: missing host in %s", __func__, what);
866 host = cleanhostname(host); 904 host = cleanhostname(host);
867 if (arg == NULL || ((port = permitopen_port(arg)) < 0)) 905 if (arg == NULL || ((port = permitopen_port(arg)) < 0))
868 fatal("%s: bad port number in PermitOpen", __func__); 906 fatal("%s: bad port number in %s", __func__, what);
869 /* Send it to channels layer */ 907 /* Send it to channels layer */
870 channel_add_adm_permitted_opens(ssh, host, port); 908 channel_add_permission(ssh, FORWARD_ADM,
909 where, host, port);
871 free(oarg); 910 free(oarg);
872 } 911 }
873} 912}
874 913
914/*
915 * Inform channels layer of permitopen options from configuration.
916 */
917void
918process_permitopen(struct ssh *ssh, ServerOptions *options)
919{
920 process_permitopen_list(ssh, sPermitOpen,
921 options->permitted_opens, options->num_permitted_opens);
922 process_permitopen_list(ssh, sPermitListen,
923 options->permitted_listens,
924 options->num_permitted_listens);
925}
926
875struct connection_info * 927struct connection_info *
876get_connection_info(int populate, int use_dns) 928get_connection_info(int populate, int use_dns)
877{ 929{
@@ -1165,12 +1217,12 @@ process_server_config_line(ServerOptions *options, char *line,
1165 const char *filename, int linenum, int *activep, 1217 const char *filename, int linenum, int *activep,
1166 struct connection_info *connectinfo) 1218 struct connection_info *connectinfo)
1167{ 1219{
1168 char *cp, **charptr, *arg, *arg2, *p; 1220 char *cp, ***chararrayptr, **charptr, *arg, *arg2, *p;
1169 int cmdline = 0, *intptr, value, value2, n, port; 1221 int cmdline = 0, *intptr, value, value2, n, port;
1170 SyslogFacility *log_facility_ptr; 1222 SyslogFacility *log_facility_ptr;
1171 LogLevel *log_level_ptr; 1223 LogLevel *log_level_ptr;
1172 ServerOpCodes opcode; 1224 ServerOpCodes opcode;
1173 u_int i, flags = 0; 1225 u_int i, *uintptr, uvalue, flags = 0;
1174 size_t len; 1226 size_t len;
1175 long long val64; 1227 long long val64;
1176 const struct multistate *multistate_ptr; 1228 const struct multistate *multistate_ptr;
@@ -1509,7 +1561,29 @@ process_server_config_line(ServerOptions *options, char *line,
1509 1561
1510 case sPermitUserEnvironment: 1562 case sPermitUserEnvironment:
1511 intptr = &options->permit_user_env; 1563 intptr = &options->permit_user_env;
1512 goto parse_flag; 1564 charptr = &options->permit_user_env_whitelist;
1565 arg = strdelim(&cp);
1566 if (!arg || *arg == '\0')
1567 fatal("%s line %d: missing argument.",
1568 filename, linenum);
1569 value = 0;
1570 p = NULL;
1571 if (strcmp(arg, "yes") == 0)
1572 value = 1;
1573 else if (strcmp(arg, "no") == 0)
1574 value = 0;
1575 else {
1576 /* Pattern-list specified */
1577 value = 1;
1578 p = xstrdup(arg);
1579 }
1580 if (*activep && *intptr == -1) {
1581 *intptr = value;
1582 *charptr = p;
1583 p = NULL;
1584 }
1585 free(p);
1586 break;
1513 1587
1514 case sCompression: 1588 case sCompression:
1515 intptr = &options->compression; 1589 intptr = &options->compression;
@@ -1798,6 +1872,19 @@ process_server_config_line(ServerOptions *options, char *line,
1798 } 1872 }
1799 break; 1873 break;
1800 1874
1875 case sSetEnv:
1876 uvalue = options->num_setenv;
1877 while ((arg = strdelimw(&cp)) && *arg != '\0') {
1878 if (strchr(arg, '=') == NULL)
1879 fatal("%s line %d: Invalid environment.",
1880 filename, linenum);
1881 if (!*activep || uvalue != 0)
1882 continue;
1883 array_append(filename, linenum, "SetEnv",
1884 &options->setenv, &options->num_setenv, arg);
1885 }
1886 break;
1887
1801 case sPermitTunnel: 1888 case sPermitTunnel:
1802 intptr = &options->permit_tun; 1889 intptr = &options->permit_tun;
1803 arg = strdelim(&cp); 1890 arg = strdelim(&cp);
@@ -1828,36 +1915,57 @@ process_server_config_line(ServerOptions *options, char *line,
1828 *activep = value; 1915 *activep = value;
1829 break; 1916 break;
1830 1917
1918 case sPermitListen:
1831 case sPermitOpen: 1919 case sPermitOpen:
1920 if (opcode == sPermitListen) {
1921 uintptr = &options->num_permitted_listens;
1922 chararrayptr = &options->permitted_listens;
1923 } else {
1924 uintptr = &options->num_permitted_opens;
1925 chararrayptr = &options->permitted_opens;
1926 }
1832 arg = strdelim(&cp); 1927 arg = strdelim(&cp);
1833 if (!arg || *arg == '\0') 1928 if (!arg || *arg == '\0')
1834 fatal("%s line %d: missing PermitOpen specification", 1929 fatal("%s line %d: missing %s specification",
1835 filename, linenum); 1930 filename, linenum, lookup_opcode_name(opcode));
1836 value = options->num_permitted_opens; /* modified later */ 1931 uvalue = *uintptr; /* modified later */
1837 if (strcmp(arg, "any") == 0 || strcmp(arg, "none") == 0) { 1932 if (strcmp(arg, "any") == 0 || strcmp(arg, "none") == 0) {
1838 if (*activep && value == 0) { 1933 if (*activep && uvalue == 0) {
1839 options->num_permitted_opens = 1; 1934 *uintptr = 1;
1840 options->permitted_opens = xcalloc(1, 1935 *chararrayptr = xcalloc(1,
1841 sizeof(*options->permitted_opens)); 1936 sizeof(**chararrayptr));
1842 options->permitted_opens[0] = xstrdup(arg); 1937 (*chararrayptr)[0] = xstrdup(arg);
1843 } 1938 }
1844 break; 1939 break;
1845 } 1940 }
1846 for (; arg != NULL && *arg != '\0'; arg = strdelim(&cp)) { 1941 for (; arg != NULL && *arg != '\0'; arg = strdelim(&cp)) {
1847 arg2 = xstrdup(arg); 1942 if (opcode == sPermitListen &&
1848 p = hpdelim(&arg); 1943 strchr(arg, ':') == NULL) {
1849 if (p == NULL) 1944 /*
1850 fatal("%s line %d: missing host in PermitOpen", 1945 * Allow bare port number for PermitListen
1851 filename, linenum); 1946 * to indicate a wildcard listen host.
1852 p = cleanhostname(p); 1947 */
1853 if (arg == NULL || ((port = permitopen_port(arg)) < 0)) 1948 xasprintf(&arg2, "*:%s", arg);
1854 fatal("%s line %d: bad port number in " 1949 } else {
1855 "PermitOpen", filename, linenum); 1950 arg2 = xstrdup(arg);
1856 if (*activep && value == 0) { 1951 p = hpdelim(&arg);
1952 if (p == NULL) {
1953 fatal("%s line %d: missing host in %s",
1954 filename, linenum,
1955 lookup_opcode_name(opcode));
1956 }
1957 p = cleanhostname(p);
1958 }
1959 if (arg == NULL ||
1960 ((port = permitopen_port(arg)) < 0)) {
1961 fatal("%s line %d: bad port number in %s",
1962 filename, linenum,
1963 lookup_opcode_name(opcode));
1964 }
1965 if (*activep && uvalue == 0) {
1857 array_append(filename, linenum, 1966 array_append(filename, linenum,
1858 "PermitOpen", 1967 lookup_opcode_name(opcode),
1859 &options->permitted_opens, 1968 chararrayptr, uintptr, arg2);
1860 &options->num_permitted_opens, arg2);
1861 } 1969 }
1862 free(arg2); 1970 free(arg2);
1863 } 1971 }
@@ -1980,7 +2088,7 @@ process_server_config_line(ServerOptions *options, char *line,
1980 case sAuthenticationMethods: 2088 case sAuthenticationMethods:
1981 if (options->num_auth_methods == 0) { 2089 if (options->num_auth_methods == 0) {
1982 value = 0; /* seen "any" pseudo-method */ 2090 value = 0; /* seen "any" pseudo-method */
1983 value2 = 0; /* sucessfully parsed any method */ 2091 value2 = 0; /* successfully parsed any method */
1984 while ((arg = strdelim(&cp)) && *arg != '\0') { 2092 while ((arg = strdelim(&cp)) && *arg != '\0') {
1985 if (strcmp(arg, "any") == 0) { 2093 if (strcmp(arg, "any") == 0) {
1986 if (options->num_auth_methods > 0) { 2094 if (options->num_auth_methods > 0) {
@@ -2089,22 +2197,21 @@ process_server_config_line(ServerOptions *options, char *line,
2089/* Reads the server configuration file. */ 2197/* Reads the server configuration file. */
2090 2198
2091void 2199void
2092load_server_config(const char *filename, Buffer *conf) 2200load_server_config(const char *filename, struct sshbuf *conf)
2093{ 2201{
2094 char line[4096], *cp; 2202 char *line = NULL, *cp;
2203 size_t linesize = 0;
2095 FILE *f; 2204 FILE *f;
2096 int lineno = 0; 2205 int r, lineno = 0;
2097 2206
2098 debug2("%s: filename %s", __func__, filename); 2207 debug2("%s: filename %s", __func__, filename);
2099 if ((f = fopen(filename, "r")) == NULL) { 2208 if ((f = fopen(filename, "r")) == NULL) {
2100 perror(filename); 2209 perror(filename);
2101 exit(1); 2210 exit(1);
2102 } 2211 }
2103 buffer_clear(conf); 2212 sshbuf_reset(conf);
2104 while (fgets(line, sizeof(line), f)) { 2213 while (getline(&line, &linesize, f) != -1) {
2105 lineno++; 2214 lineno++;
2106 if (strlen(line) == sizeof(line) - 1)
2107 fatal("%s line %d too long", filename, lineno);
2108 /* 2215 /*
2109 * Trim out comments and strip whitespace 2216 * Trim out comments and strip whitespace
2110 * NB - preserve newlines, they are needed to reproduce 2217 * NB - preserve newlines, they are needed to reproduce
@@ -2113,12 +2220,14 @@ load_server_config(const char *filename, Buffer *conf)
2113 if ((cp = strchr(line, '#')) != NULL) 2220 if ((cp = strchr(line, '#')) != NULL)
2114 memcpy(cp, "\n", 2); 2221 memcpy(cp, "\n", 2);
2115 cp = line + strspn(line, " \t\r"); 2222 cp = line + strspn(line, " \t\r");
2116 2223 if ((r = sshbuf_put(conf, cp, strlen(cp))) != 0)
2117 buffer_append(conf, cp, strlen(cp)); 2224 fatal("%s: buffer error: %s", __func__, ssh_err(r));
2118 } 2225 }
2119 buffer_append(conf, "\0", 1); 2226 free(line);
2227 if ((r = sshbuf_put_u8(conf, 0)) != 0)
2228 fatal("%s: buffer error: %s", __func__, ssh_err(r));
2120 fclose(f); 2229 fclose(f);
2121 debug2("%s: done config len = %d", __func__, buffer_len(conf)); 2230 debug2("%s: done config len = %zu", __func__, sshbuf_len(conf));
2122} 2231}
2123 2232
2124void 2233void
@@ -2128,7 +2237,7 @@ parse_server_match_config(ServerOptions *options,
2128 ServerOptions mo; 2237 ServerOptions mo;
2129 2238
2130 initialize_server_options(&mo); 2239 initialize_server_options(&mo);
2131 parse_server_config(&mo, "reprocess config", &cfg, connectinfo); 2240 parse_server_config(&mo, "reprocess config", cfg, connectinfo);
2132 copy_set_server_options(options, &mo, 0); 2241 copy_set_server_options(options, &mo, 0);
2133} 2242}
2134 2243
@@ -2168,7 +2277,7 @@ int parse_server_match_testspec(struct connection_info *ci, char *spec)
2168 * 2277 *
2169 * If the preauth flag is set, we do not bother copying the string or 2278 * If the preauth flag is set, we do not bother copying the string or
2170 * array values that are not used pre-authentication, because any that we 2279 * array values that are not used pre-authentication, because any that we
2171 * do use must be explictly sent in mm_getpwnamallow(). 2280 * do use must be explicitly sent in mm_getpwnamallow().
2172 */ 2281 */
2173void 2282void
2174copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth) 2283copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth)
@@ -2272,13 +2381,13 @@ copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth)
2272#undef M_CP_STRARRAYOPT 2381#undef M_CP_STRARRAYOPT
2273 2382
2274void 2383void
2275parse_server_config(ServerOptions *options, const char *filename, Buffer *conf, 2384parse_server_config(ServerOptions *options, const char *filename,
2276 struct connection_info *connectinfo) 2385 struct sshbuf *conf, struct connection_info *connectinfo)
2277{ 2386{
2278 int active, linenum, bad_options = 0; 2387 int active, linenum, bad_options = 0;
2279 char *cp, *obuf, *cbuf; 2388 char *cp, *obuf, *cbuf;
2280 2389
2281 debug2("%s: config %s len %d", __func__, filename, buffer_len(conf)); 2390 debug2("%s: config %s len %zu", __func__, filename, sshbuf_len(conf));
2282 2391
2283 if ((obuf = cbuf = sshbuf_dup_string(conf)) == NULL) 2392 if ((obuf = cbuf = sshbuf_dup_string(conf)) == NULL)
2284 fatal("%s: sshbuf_dup_string failed", __func__); 2393 fatal("%s: sshbuf_dup_string failed", __func__);
@@ -2340,17 +2449,6 @@ fmt_intarg(ServerOpCodes code, int val)
2340 } 2449 }
2341} 2450}
2342 2451
2343static const char *
2344lookup_opcode_name(ServerOpCodes code)
2345{
2346 u_int i;
2347
2348 for (i = 0; keywords[i].name != NULL; i++)
2349 if (keywords[i].opcode == code)
2350 return(keywords[i].name);
2351 return "UNKNOWN";
2352}
2353
2354static void 2452static void
2355dump_cfg_int(ServerOpCodes code, int val) 2453dump_cfg_int(ServerOpCodes code, int val)
2356{ 2454{
@@ -2507,7 +2605,6 @@ dump_config(ServerOptions *o)
2507 dump_cfg_fmtint(sStrictModes, o->strict_modes); 2605 dump_cfg_fmtint(sStrictModes, o->strict_modes);
2508 dump_cfg_fmtint(sTCPKeepAlive, o->tcp_keep_alive); 2606 dump_cfg_fmtint(sTCPKeepAlive, o->tcp_keep_alive);
2509 dump_cfg_fmtint(sEmptyPasswd, o->permit_empty_passwd); 2607 dump_cfg_fmtint(sEmptyPasswd, o->permit_empty_passwd);
2510 dump_cfg_fmtint(sPermitUserEnvironment, o->permit_user_env);
2511 dump_cfg_fmtint(sCompression, o->compression); 2608 dump_cfg_fmtint(sCompression, o->compression);
2512 dump_cfg_fmtint(sGatewayPorts, o->fwd_opts.gateway_ports); 2609 dump_cfg_fmtint(sGatewayPorts, o->fwd_opts.gateway_ports);
2513 dump_cfg_fmtint(sUseDNS, o->use_dns); 2610 dump_cfg_fmtint(sUseDNS, o->use_dns);
@@ -2564,6 +2661,7 @@ dump_config(ServerOptions *o)
2564 dump_cfg_strarray(sAllowGroups, o->num_allow_groups, o->allow_groups); 2661 dump_cfg_strarray(sAllowGroups, o->num_allow_groups, o->allow_groups);
2565 dump_cfg_strarray(sDenyGroups, o->num_deny_groups, o->deny_groups); 2662 dump_cfg_strarray(sDenyGroups, o->num_deny_groups, o->deny_groups);
2566 dump_cfg_strarray(sAcceptEnv, o->num_accept_env, o->accept_env); 2663 dump_cfg_strarray(sAcceptEnv, o->num_accept_env, o->accept_env);
2664 dump_cfg_strarray(sSetEnv, o->num_setenv, o->setenv);
2567 dump_cfg_strarray_oneline(sAuthenticationMethods, 2665 dump_cfg_strarray_oneline(sAuthenticationMethods,
2568 o->num_auth_methods, o->auth_methods); 2666 o->num_auth_methods, o->auth_methods);
2569 2667
@@ -2598,4 +2696,20 @@ dump_config(ServerOptions *o)
2598 printf(" %s", o->permitted_opens[i]); 2696 printf(" %s", o->permitted_opens[i]);
2599 } 2697 }
2600 printf("\n"); 2698 printf("\n");
2699 printf("permitlisten");
2700 if (o->num_permitted_listens == 0)
2701 printf(" any");
2702 else {
2703 for (i = 0; i < o->num_permitted_listens; i++)
2704 printf(" %s", o->permitted_listens[i]);
2705 }
2706 printf("\n");
2707
2708 if (o->permit_user_env_whitelist == NULL) {
2709 dump_cfg_fmtint(sPermitUserEnvironment, o->permit_user_env);
2710 } else {
2711 printf("permituserenvironment %s\n",
2712 o->permit_user_env_whitelist);
2713 }
2714
2601} 2715}
diff --git a/servconf.h b/servconf.h
index b0fa70455..76098119b 100644
--- a/servconf.h
+++ b/servconf.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: servconf.h,v 1.130 2017/10/25 00:19:47 djm Exp $ */ 1/* $OpenBSD: servconf.h,v 1.136 2018/07/09 21:26:02 markus Exp $ */
2 2
3/* 3/*
4 * Author: Tatu Ylonen <ylo@cs.hut.fi> 4 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -32,12 +32,6 @@
32#define PRIVSEP_ON 1 32#define PRIVSEP_ON 1
33#define PRIVSEP_NOSANDBOX 2 33#define PRIVSEP_NOSANDBOX 2
34 34
35/* AllowTCPForwarding */
36#define FORWARD_DENY 0
37#define FORWARD_REMOTE (1)
38#define FORWARD_LOCAL (1<<1)
39#define FORWARD_ALLOW (FORWARD_REMOTE|FORWARD_LOCAL)
40
41/* PermitOpen */ 35/* PermitOpen */
42#define PERMITOPEN_ANY 0 36#define PERMITOPEN_ANY 0
43#define PERMITOPEN_NONE -2 37#define PERMITOPEN_NONE -2
@@ -141,6 +135,7 @@ typedef struct {
141 int permit_empty_passwd; /* If false, do not permit empty 135 int permit_empty_passwd; /* If false, do not permit empty
142 * passwords. */ 136 * passwords. */
143 int permit_user_env; /* If true, read ~/.ssh/environment */ 137 int permit_user_env; /* If true, read ~/.ssh/environment */
138 char *permit_user_env_whitelist; /* pattern-list whitelist */
144 int compression; /* If true, compression is allowed */ 139 int compression; /* If true, compression is allowed */
145 int allow_tcp_forwarding; /* One of FORWARD_* */ 140 int allow_tcp_forwarding; /* One of FORWARD_* */
146 int allow_streamlocal_forwarding; /* One of FORWARD_* */ 141 int allow_streamlocal_forwarding; /* One of FORWARD_* */
@@ -162,6 +157,8 @@ typedef struct {
162 157
163 u_int num_accept_env; 158 u_int num_accept_env;
164 char **accept_env; 159 char **accept_env;
160 u_int num_setenv;
161 char **setenv;
165 162
166 int max_startups_begin; 163 int max_startups_begin;
167 int max_startups_rate; 164 int max_startups_rate;
@@ -189,8 +186,10 @@ typedef struct {
189 186
190 int permit_tun; 187 int permit_tun;
191 188
192 char **permitted_opens; 189 char **permitted_opens; /* May also be one of PERMITOPEN_* */
193 u_int num_permitted_opens; /* May also be one of PERMITOPEN_* */ 190 u_int num_permitted_opens;
191 char **permitted_listens; /* May also be one of PERMITOPEN_* */
192 u_int num_permitted_listens;
194 193
195 char *chroot_directory; 194 char *chroot_directory;
196 char *revoked_keys_file; 195 char *revoked_keys_file;
@@ -211,6 +210,7 @@ typedef struct {
211 210
212 int fingerprint_hash; 211 int fingerprint_hash;
213 int expose_userauth_info; 212 int expose_userauth_info;
213 u_int64_t timing_secret;
214 214
215 int debian_banner; 215 int debian_banner;
216} ServerOptions; 216} ServerOptions;
@@ -247,6 +247,7 @@ struct connection_info {
247 M_CP_STROPT(hostbased_key_types); \ 247 M_CP_STROPT(hostbased_key_types); \
248 M_CP_STROPT(pubkey_key_types); \ 248 M_CP_STROPT(pubkey_key_types); \
249 M_CP_STROPT(routing_domain); \ 249 M_CP_STROPT(routing_domain); \
250 M_CP_STROPT(permit_user_env_whitelist); \
250 M_CP_STRARRAYOPT(authorized_keys_files, num_authkeys_files); \ 251 M_CP_STRARRAYOPT(authorized_keys_files, num_authkeys_files); \
251 M_CP_STRARRAYOPT(allow_users, num_allow_users); \ 252 M_CP_STRARRAYOPT(allow_users, num_allow_users); \
252 M_CP_STRARRAYOPT(deny_users, num_deny_users); \ 253 M_CP_STRARRAYOPT(deny_users, num_deny_users); \
@@ -255,6 +256,7 @@ struct connection_info {
255 M_CP_STRARRAYOPT(accept_env, num_accept_env); \ 256 M_CP_STRARRAYOPT(accept_env, num_accept_env); \
256 M_CP_STRARRAYOPT(auth_methods, num_auth_methods); \ 257 M_CP_STRARRAYOPT(auth_methods, num_auth_methods); \
257 M_CP_STRARRAYOPT(permitted_opens, num_permitted_opens); \ 258 M_CP_STRARRAYOPT(permitted_opens, num_permitted_opens); \
259 M_CP_STRARRAYOPT(permitted_listens, num_permitted_listens); \
258 } while (0) 260 } while (0)
259 261
260struct connection_info *get_connection_info(int, int); 262struct connection_info *get_connection_info(int, int);
@@ -263,8 +265,8 @@ void fill_default_server_options(ServerOptions *);
263int process_server_config_line(ServerOptions *, char *, const char *, int, 265int process_server_config_line(ServerOptions *, char *, const char *, int,
264 int *, struct connection_info *); 266 int *, struct connection_info *);
265void process_permitopen(struct ssh *ssh, ServerOptions *options); 267void process_permitopen(struct ssh *ssh, ServerOptions *options);
266void load_server_config(const char *, Buffer *); 268void load_server_config(const char *, struct sshbuf *);
267void parse_server_config(ServerOptions *, const char *, Buffer *, 269void parse_server_config(ServerOptions *, const char *, struct sshbuf *,
268 struct connection_info *); 270 struct connection_info *);
269void parse_server_match_config(ServerOptions *, struct connection_info *); 271void parse_server_match_config(ServerOptions *, struct connection_info *);
270int parse_server_match_testspec(struct connection_info *, char *); 272int parse_server_match_testspec(struct connection_info *, char *);
diff --git a/serverloop.c b/serverloop.c
index d6fe24cc1..7be83e2d3 100644
--- a/serverloop.c
+++ b/serverloop.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: serverloop.c,v 1.205 2018/03/03 03:15:51 djm Exp $ */ 1/* $OpenBSD: serverloop.c,v 1.209 2018/07/27 05:13:02 dtucker Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -58,7 +58,7 @@
58#include "openbsd-compat/sys-queue.h" 58#include "openbsd-compat/sys-queue.h"
59#include "xmalloc.h" 59#include "xmalloc.h"
60#include "packet.h" 60#include "packet.h"
61#include "buffer.h" 61#include "sshbuf.h"
62#include "log.h" 62#include "log.h"
63#include "misc.h" 63#include "misc.h"
64#include "servconf.h" 64#include "servconf.h"
@@ -67,7 +67,7 @@
67#include "channels.h" 67#include "channels.h"
68#include "compat.h" 68#include "compat.h"
69#include "ssh2.h" 69#include "ssh2.h"
70#include "key.h" 70#include "sshkey.h"
71#include "cipher.h" 71#include "cipher.h"
72#include "kex.h" 72#include "kex.h"
73#include "hostfile.h" 73#include "hostfile.h"
@@ -103,6 +103,17 @@ static void server_init_dispatch(void);
103/* requested tunnel forwarding interface(s), shared with session.c */ 103/* requested tunnel forwarding interface(s), shared with session.c */
104char *tun_fwd_ifnames = NULL; 104char *tun_fwd_ifnames = NULL;
105 105
106/* returns 1 if bind to specified port by specified user is permitted */
107static int
108bind_permitted(int port, uid_t uid)
109{
110 if (use_privsep)
111 return 1; /* allow system to decide */
112 if (port < IPPORT_RESERVED && uid != 0)
113 return 0;
114 return 1;
115}
116
106/* 117/*
107 * we write to this pipe if a SIGCHLD is caught in order to avoid 118 * we write to this pipe if a SIGCHLD is caught in order to avoid
108 * the race between select() and child_terminated 119 * the race between select() and child_terminated
@@ -145,7 +156,7 @@ notify_done(fd_set *readset)
145 156
146 if (notify_pipe[0] != -1 && FD_ISSET(notify_pipe[0], readset)) 157 if (notify_pipe[0] != -1 && FD_ISSET(notify_pipe[0], readset))
147 while (read(notify_pipe[0], &c, 1) != -1) 158 while (read(notify_pipe[0], &c, 1) != -1)
148 debug2("notify_done: reading"); 159 debug2("%s: reading", __func__);
149} 160}
150 161
151/*ARGSUSED*/ 162/*ARGSUSED*/
@@ -623,7 +634,7 @@ server_input_channel_open(int type, u_int32_t seq, struct ssh *ssh)
623 rwindow = packet_get_int(); 634 rwindow = packet_get_int();
624 rmaxpack = packet_get_int(); 635 rmaxpack = packet_get_int();
625 636
626 debug("server_input_channel_open: ctype %s rchan %d win %d max %d", 637 debug("%s: ctype %s rchan %d win %d max %d", __func__,
627 ctype, rchan, rwindow, rmaxpack); 638 ctype, rchan, rwindow, rmaxpack);
628 639
629 if (strcmp(ctype, "session") == 0) { 640 if (strcmp(ctype, "session") == 0) {
@@ -636,7 +647,7 @@ server_input_channel_open(int type, u_int32_t seq, struct ssh *ssh)
636 c = server_request_tun(ssh); 647 c = server_request_tun(ssh);
637 } 648 }
638 if (c != NULL) { 649 if (c != NULL) {
639 debug("server_input_channel_open: confirm %s", ctype); 650 debug("%s: confirm %s", __func__, ctype);
640 c->remote_id = rchan; 651 c->remote_id = rchan;
641 c->have_remote_id = 1; 652 c->have_remote_id = 1;
642 c->remote_window = rwindow; 653 c->remote_window = rwindow;
@@ -650,7 +661,7 @@ server_input_channel_open(int type, u_int32_t seq, struct ssh *ssh)
650 packet_send(); 661 packet_send();
651 } 662 }
652 } else { 663 } else {
653 debug("server_input_channel_open: failure %s", ctype); 664 debug("%s: failure %s", __func__, ctype);
654 packet_start(SSH2_MSG_CHANNEL_OPEN_FAILURE); 665 packet_start(SSH2_MSG_CHANNEL_OPEN_FAILURE);
655 packet_put_int(rchan); 666 packet_put_int(rchan);
656 packet_put_int(reason); 667 packet_put_int(reason);
@@ -750,11 +761,11 @@ server_input_global_request(int type, u_int32_t seq, struct ssh *ssh)
750 struct passwd *pw = the_authctxt->pw; 761 struct passwd *pw = the_authctxt->pw;
751 762
752 if (pw == NULL || !the_authctxt->valid) 763 if (pw == NULL || !the_authctxt->valid)
753 fatal("server_input_global_request: no/invalid user"); 764 fatal("%s: no/invalid user", __func__);
754 765
755 rtype = packet_get_string(NULL); 766 rtype = packet_get_string(NULL);
756 want_reply = packet_get_char(); 767 want_reply = packet_get_char();
757 debug("server_input_global_request: rtype %s want_reply %d", rtype, want_reply); 768 debug("%s: rtype %s want_reply %d", __func__, rtype, want_reply);
758 769
759 /* -R style forwarding */ 770 /* -R style forwarding */
760 if (strcmp(rtype, "tcpip-forward") == 0) { 771 if (strcmp(rtype, "tcpip-forward") == 0) {
@@ -763,7 +774,7 @@ server_input_global_request(int type, u_int32_t seq, struct ssh *ssh)
763 memset(&fwd, 0, sizeof(fwd)); 774 memset(&fwd, 0, sizeof(fwd));
764 fwd.listen_host = packet_get_string(NULL); 775 fwd.listen_host = packet_get_string(NULL);
765 fwd.listen_port = (u_short)packet_get_int(); 776 fwd.listen_port = (u_short)packet_get_int();
766 debug("server_input_global_request: tcpip-forward listen %s port %d", 777 debug("%s: tcpip-forward listen %s port %d", __func__,
767 fwd.listen_host, fwd.listen_port); 778 fwd.listen_host, fwd.listen_port);
768 779
769 /* check permissions */ 780 /* check permissions */
@@ -802,7 +813,7 @@ server_input_global_request(int type, u_int32_t seq, struct ssh *ssh)
802 813
803 memset(&fwd, 0, sizeof(fwd)); 814 memset(&fwd, 0, sizeof(fwd));
804 fwd.listen_path = packet_get_string(NULL); 815 fwd.listen_path = packet_get_string(NULL);
805 debug("server_input_global_request: streamlocal-forward listen path %s", 816 debug("%s: streamlocal-forward listen path %s", __func__,
806 fwd.listen_path); 817 fwd.listen_path);
807 818
808 /* check permissions */ 819 /* check permissions */
diff --git a/session.c b/session.c
index ff301c983..d5d2e94b0 100644
--- a/session.c
+++ b/session.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: session.c,v 1.294 2018/03/03 03:15:51 djm Exp $ */ 1/* $OpenBSD: session.c,v 1.305 2018/07/25 13:56:23 deraadt Exp $ */
2/* 2/*
3 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 3 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
4 * All rights reserved 4 * All rights reserved
@@ -69,12 +69,13 @@
69#include "ssh2.h" 69#include "ssh2.h"
70#include "sshpty.h" 70#include "sshpty.h"
71#include "packet.h" 71#include "packet.h"
72#include "buffer.h" 72#include "sshbuf.h"
73#include "ssherr.h"
73#include "match.h" 74#include "match.h"
74#include "uidswap.h" 75#include "uidswap.h"
75#include "compat.h" 76#include "compat.h"
76#include "channels.h" 77#include "channels.h"
77#include "key.h" 78#include "sshkey.h"
78#include "cipher.h" 79#include "cipher.h"
79#ifdef GSSAPI 80#ifdef GSSAPI
80#include "ssh-gss.h" 81#include "ssh-gss.h"
@@ -139,7 +140,7 @@ extern int debug_flag;
139extern u_int utmp_len; 140extern u_int utmp_len;
140extern int startup_pipe; 141extern int startup_pipe;
141extern void destroy_sensitive_data(void); 142extern void destroy_sensitive_data(void);
142extern Buffer loginmsg; 143extern struct sshbuf *loginmsg;
143extern struct sshauthopt *auth_opts; 144extern struct sshauthopt *auth_opts;
144char *tun_fwd_ifnames; /* serverloop.c */ 145char *tun_fwd_ifnames; /* serverloop.c */
145 146
@@ -248,11 +249,14 @@ auth_input_request_forwarding(struct ssh *ssh, struct passwd * pw)
248static void 249static void
249display_loginmsg(void) 250display_loginmsg(void)
250{ 251{
251 if (buffer_len(&loginmsg) > 0) { 252 int r;
252 buffer_append(&loginmsg, "\0", 1); 253
253 printf("%s", (char *)buffer_ptr(&loginmsg)); 254 if (sshbuf_len(loginmsg) == 0)
254 buffer_clear(&loginmsg); 255 return;
255 } 256 if ((r = sshbuf_put_u8(loginmsg, 0)) != 0)
257 fatal("%s: buffer error: %s", __func__, ssh_err(r));
258 printf("%s", (char *)sshbuf_ptr(loginmsg));
259 sshbuf_reset(loginmsg);
256} 260}
257 261
258static void 262static void
@@ -290,26 +294,43 @@ prepare_auth_info_file(struct passwd *pw, struct sshbuf *info)
290} 294}
291 295
292static void 296static void
293set_permitopen_from_authopts(struct ssh *ssh, const struct sshauthopt *opts) 297set_fwdpermit_from_authopts(struct ssh *ssh, const struct sshauthopt *opts)
294{ 298{
295 char *tmp, *cp, *host; 299 char *tmp, *cp, *host;
296 int port; 300 int port;
297 size_t i; 301 size_t i;
298 302
299 if ((options.allow_tcp_forwarding & FORWARD_LOCAL) == 0) 303 if ((options.allow_tcp_forwarding & FORWARD_LOCAL) != 0) {
300 return; 304 channel_clear_permission(ssh, FORWARD_USER, FORWARD_LOCAL);
301 channel_clear_permitted_opens(ssh); 305 for (i = 0; i < auth_opts->npermitopen; i++) {
302 for (i = 0; i < auth_opts->npermitopen; i++) { 306 tmp = cp = xstrdup(auth_opts->permitopen[i]);
303 tmp = cp = xstrdup(auth_opts->permitopen[i]); 307 /* This shouldn't fail as it has already been checked */
304 /* This shouldn't fail as it has already been checked */ 308 if ((host = hpdelim(&cp)) == NULL)
305 if ((host = hpdelim(&cp)) == NULL) 309 fatal("%s: internal error: hpdelim", __func__);
306 fatal("%s: internal error: hpdelim", __func__); 310 host = cleanhostname(host);
307 host = cleanhostname(host); 311 if (cp == NULL || (port = permitopen_port(cp)) < 0)
308 if (cp == NULL || (port = permitopen_port(cp)) < 0) 312 fatal("%s: internal error: permitopen port",
309 fatal("%s: internal error: permitopen port", 313 __func__);
310 __func__); 314 channel_add_permission(ssh,
311 channel_add_permitted_opens(ssh, host, port); 315 FORWARD_USER, FORWARD_LOCAL, host, port);
312 free(tmp); 316 free(tmp);
317 }
318 }
319 if ((options.allow_tcp_forwarding & FORWARD_REMOTE) != 0) {
320 channel_clear_permission(ssh, FORWARD_USER, FORWARD_REMOTE);
321 for (i = 0; i < auth_opts->npermitlisten; i++) {
322 tmp = cp = xstrdup(auth_opts->permitlisten[i]);
323 /* This shouldn't fail as it has already been checked */
324 if ((host = hpdelim(&cp)) == NULL)
325 fatal("%s: internal error: hpdelim", __func__);
326 host = cleanhostname(host);
327 if (cp == NULL || (port = permitopen_port(cp)) < 0)
328 fatal("%s: internal error: permitlisten port",
329 __func__);
330 channel_add_permission(ssh,
331 FORWARD_USER, FORWARD_REMOTE, host, port);
332 free(tmp);
333 }
313 } 334 }
314} 335}
315 336
@@ -322,14 +343,22 @@ do_authenticated(struct ssh *ssh, Authctxt *authctxt)
322 343
323 /* setup the channel layer */ 344 /* setup the channel layer */
324 /* XXX - streamlocal? */ 345 /* XXX - streamlocal? */
325 set_permitopen_from_authopts(ssh, auth_opts); 346 set_fwdpermit_from_authopts(ssh, auth_opts);
326 if (!auth_opts->permit_port_forwarding_flag ||
327 options.disable_forwarding ||
328 (options.allow_tcp_forwarding & FORWARD_LOCAL) == 0)
329 channel_disable_adm_local_opens(ssh);
330 else
331 channel_permit_all_opens(ssh);
332 347
348 if (!auth_opts->permit_port_forwarding_flag ||
349 options.disable_forwarding) {
350 channel_disable_admin(ssh, FORWARD_LOCAL);
351 channel_disable_admin(ssh, FORWARD_REMOTE);
352 } else {
353 if ((options.allow_tcp_forwarding & FORWARD_LOCAL) == 0)
354 channel_disable_admin(ssh, FORWARD_LOCAL);
355 else
356 channel_permit_all(ssh, FORWARD_LOCAL);
357 if ((options.allow_tcp_forwarding & FORWARD_REMOTE) == 0)
358 channel_disable_admin(ssh, FORWARD_REMOTE);
359 else
360 channel_permit_all(ssh, FORWARD_REMOTE);
361 }
333 auth_debug_send(); 362 auth_debug_send();
334 363
335 prepare_auth_info_file(authctxt->pw, authctxt->session_info); 364 prepare_auth_info_file(authctxt->pw, authctxt->session_info);
@@ -349,7 +378,7 @@ xauth_valid_string(const char *s)
349 if (!isalnum((u_char)s[i]) && 378 if (!isalnum((u_char)s[i]) &&
350 s[i] != '.' && s[i] != ':' && s[i] != '/' && 379 s[i] != '.' && s[i] != ':' && s[i] != '/' &&
351 s[i] != '-' && s[i] != '_') 380 s[i] != '-' && s[i] != '_')
352 return 0; 381 return 0;
353 } 382 }
354 return 1; 383 return 1;
355} 384}
@@ -500,7 +529,7 @@ do_exec_no_pty(struct ssh *ssh, Session *s, const char *command)
500 * it to the user, otherwise multiple sessions may accumulate 529 * it to the user, otherwise multiple sessions may accumulate
501 * multiple copies of the login messages. 530 * multiple copies of the login messages.
502 */ 531 */
503 buffer_clear(&loginmsg); 532 sshbuf_reset(loginmsg);
504 533
505#ifdef USE_PIPES 534#ifdef USE_PIPES
506 /* We are the parent. Close the child sides of the pipes. */ 535 /* We are the parent. Close the child sides of the pipes. */
@@ -732,7 +761,7 @@ do_exec(struct ssh *ssh, Session *s, const char *command)
732 * it to the user, otherwise multiple sessions may accumulate 761 * it to the user, otherwise multiple sessions may accumulate
733 * multiple copies of the login messages. 762 * multiple copies of the login messages.
734 */ 763 */
735 buffer_clear(&loginmsg); 764 sshbuf_reset(loginmsg);
736 765
737 return ret; 766 return ret;
738} 767}
@@ -842,24 +871,26 @@ check_quietlogin(Session *s, const char *command)
842 * into the environment. If the file does not exist, this does nothing. 871 * into the environment. If the file does not exist, this does nothing.
843 * Otherwise, it must consist of empty lines, comments (line starts with '#') 872 * Otherwise, it must consist of empty lines, comments (line starts with '#')
844 * and assignments of the form name=value. No other forms are allowed. 873 * and assignments of the form name=value. No other forms are allowed.
874 * If whitelist is not NULL, then it is interpreted as a pattern list and
875 * only variable names that match it will be accepted.
845 */ 876 */
846static void 877static void
847read_environment_file(char ***env, u_int *envsize, 878read_environment_file(char ***env, u_int *envsize,
848 const char *filename) 879 const char *filename, const char *whitelist)
849{ 880{
850 FILE *f; 881 FILE *f;
851 char buf[4096]; 882 char *line = NULL, *cp, *value;
852 char *cp, *value; 883 size_t linesize = 0;
853 u_int lineno = 0; 884 u_int lineno = 0;
854 885
855 f = fopen(filename, "r"); 886 f = fopen(filename, "r");
856 if (!f) 887 if (!f)
857 return; 888 return;
858 889
859 while (fgets(buf, sizeof(buf), f)) { 890 while (getline(&line, &linesize, f) != -1) {
860 if (++lineno > 1000) 891 if (++lineno > 1000)
861 fatal("Too many lines in environment file %s", filename); 892 fatal("Too many lines in environment file %s", filename);
862 for (cp = buf; *cp == ' ' || *cp == '\t'; cp++) 893 for (cp = line; *cp == ' ' || *cp == '\t'; cp++)
863 ; 894 ;
864 if (!*cp || *cp == '#' || *cp == '\n') 895 if (!*cp || *cp == '#' || *cp == '\n')
865 continue; 896 continue;
@@ -878,8 +909,12 @@ read_environment_file(char ***env, u_int *envsize,
878 */ 909 */
879 *value = '\0'; 910 *value = '\0';
880 value++; 911 value++;
912 if (whitelist != NULL &&
913 match_pattern_list(cp, whitelist, 0) != 1)
914 continue;
881 child_set_env(env, envsize, cp, value); 915 child_set_env(env, envsize, cp, value);
882 } 916 }
917 free(line);
883 fclose(f); 918 fclose(f);
884} 919}
885 920
@@ -916,7 +951,8 @@ read_etc_default_login(char ***env, u_int *envsize, uid_t uid)
916 * so we use a temporary environment and copy the variables we're 951 * so we use a temporary environment and copy the variables we're
917 * interested in. 952 * interested in.
918 */ 953 */
919 read_environment_file(&tmpenv, &tmpenvsize, "/etc/default/login"); 954 read_environment_file(&tmpenv, &tmpenvsize, "/etc/default/login",
955 options.permit_user_env_whitelist);
920 956
921 if (tmpenv == NULL) 957 if (tmpenv == NULL)
922 return; 958 return;
@@ -978,7 +1014,7 @@ do_setup_env(struct ssh *ssh, Session *s, const char *shell)
978 char buf[256]; 1014 char buf[256];
979 size_t n; 1015 size_t n;
980 u_int i, envsize; 1016 u_int i, envsize;
981 char *ocp, *cp, **env, *laddr; 1017 char *ocp, *cp, *value, **env, *laddr;
982 struct passwd *pw = s->pw; 1018 struct passwd *pw = s->pw;
983#if !defined (HAVE_LOGIN_CAP) && !defined (HAVE_CYGWIN) 1019#if !defined (HAVE_LOGIN_CAP) && !defined (HAVE_CYGWIN)
984 char *path = NULL; 1020 char *path = NULL;
@@ -1052,46 +1088,10 @@ do_setup_env(struct ssh *ssh, Session *s, const char *shell)
1052 1088
1053 if (getenv("TZ")) 1089 if (getenv("TZ"))
1054 child_set_env(&env, &envsize, "TZ", getenv("TZ")); 1090 child_set_env(&env, &envsize, "TZ", getenv("TZ"));
1055
1056 /* Set custom environment options from pubkey authentication. */
1057 if (options.permit_user_env) {
1058 for (n = 0 ; n < auth_opts->nenv; n++) {
1059 ocp = xstrdup(auth_opts->env[n]);
1060 cp = strchr(ocp, '=');
1061 if (*cp == '=') {
1062 *cp = '\0';
1063 child_set_env(&env, &envsize, ocp, cp + 1);
1064 }
1065 free(ocp);
1066 }
1067 }
1068
1069 /* SSH_CLIENT deprecated */
1070 snprintf(buf, sizeof buf, "%.50s %d %d",
1071 ssh_remote_ipaddr(ssh), ssh_remote_port(ssh),
1072 ssh_local_port(ssh));
1073 child_set_env(&env, &envsize, "SSH_CLIENT", buf);
1074
1075 laddr = get_local_ipaddr(packet_get_connection_in());
1076 snprintf(buf, sizeof buf, "%.50s %d %.50s %d",
1077 ssh_remote_ipaddr(ssh), ssh_remote_port(ssh),
1078 laddr, ssh_local_port(ssh));
1079 free(laddr);
1080 child_set_env(&env, &envsize, "SSH_CONNECTION", buf);
1081
1082 if (tun_fwd_ifnames != NULL)
1083 child_set_env(&env, &envsize, "SSH_TUNNEL", tun_fwd_ifnames);
1084 if (auth_info_file != NULL)
1085 child_set_env(&env, &envsize, "SSH_USER_AUTH", auth_info_file);
1086 if (s->ttyfd != -1)
1087 child_set_env(&env, &envsize, "SSH_TTY", s->tty);
1088 if (s->term) 1091 if (s->term)
1089 child_set_env(&env, &envsize, "TERM", s->term); 1092 child_set_env(&env, &envsize, "TERM", s->term);
1090 if (s->display) 1093 if (s->display)
1091 child_set_env(&env, &envsize, "DISPLAY", s->display); 1094 child_set_env(&env, &envsize, "DISPLAY", s->display);
1092 if (original_command)
1093 child_set_env(&env, &envsize, "SSH_ORIGINAL_COMMAND",
1094 original_command);
1095 1095
1096 /* 1096 /*
1097 * Since we clear KRB5CCNAME at startup, if it's set now then it 1097 * Since we clear KRB5CCNAME at startup, if it's set now then it
@@ -1111,7 +1111,8 @@ do_setup_env(struct ssh *ssh, Session *s, const char *shell)
1111 1111
1112 if ((cp = getenv("AUTHSTATE")) != NULL) 1112 if ((cp = getenv("AUTHSTATE")) != NULL)
1113 child_set_env(&env, &envsize, "AUTHSTATE", cp); 1113 child_set_env(&env, &envsize, "AUTHSTATE", cp);
1114 read_environment_file(&env, &envsize, "/etc/environment"); 1114 read_environment_file(&env, &envsize, "/etc/environment",
1115 options.permit_user_env_whitelist);
1115 } 1116 }
1116#endif 1117#endif
1117#ifdef KRB5 1118#ifdef KRB5
@@ -1119,6 +1120,37 @@ do_setup_env(struct ssh *ssh, Session *s, const char *shell)
1119 child_set_env(&env, &envsize, "KRB5CCNAME", 1120 child_set_env(&env, &envsize, "KRB5CCNAME",
1120 s->authctxt->krb5_ccname); 1121 s->authctxt->krb5_ccname);
1121#endif 1122#endif
1123 if (auth_sock_name != NULL)
1124 child_set_env(&env, &envsize, SSH_AUTHSOCKET_ENV_NAME,
1125 auth_sock_name);
1126
1127
1128 /* Set custom environment options from pubkey authentication. */
1129 if (options.permit_user_env) {
1130 for (n = 0 ; n < auth_opts->nenv; n++) {
1131 ocp = xstrdup(auth_opts->env[n]);
1132 cp = strchr(ocp, '=');
1133 if (*cp == '=') {
1134 *cp = '\0';
1135 /* Apply PermitUserEnvironment whitelist */
1136 if (options.permit_user_env_whitelist == NULL ||
1137 match_pattern_list(ocp,
1138 options.permit_user_env_whitelist, 0) == 1)
1139 child_set_env(&env, &envsize,
1140 ocp, cp + 1);
1141 }
1142 free(ocp);
1143 }
1144 }
1145
1146 /* read $HOME/.ssh/environment. */
1147 if (options.permit_user_env) {
1148 snprintf(buf, sizeof buf, "%.200s/.ssh/environment",
1149 pw->pw_dir);
1150 read_environment_file(&env, &envsize, buf,
1151 options.permit_user_env_whitelist);
1152 }
1153
1122#ifdef USE_PAM 1154#ifdef USE_PAM
1123 /* 1155 /*
1124 * Pull in any environment variables that may have 1156 * Pull in any environment variables that may have
@@ -1141,16 +1173,40 @@ do_setup_env(struct ssh *ssh, Session *s, const char *shell)
1141 } 1173 }
1142#endif /* USE_PAM */ 1174#endif /* USE_PAM */
1143 1175
1144 if (auth_sock_name != NULL) 1176 /* Environment specified by admin */
1145 child_set_env(&env, &envsize, SSH_AUTHSOCKET_ENV_NAME, 1177 for (i = 0; i < options.num_setenv; i++) {
1146 auth_sock_name); 1178 cp = xstrdup(options.setenv[i]);
1147 1179 if ((value = strchr(cp, '=')) == NULL) {
1148 /* read $HOME/.ssh/environment. */ 1180 /* shouldn't happen; vars are checked in servconf.c */
1149 if (options.permit_user_env) { 1181 fatal("Invalid config SetEnv: %s", options.setenv[i]);
1150 snprintf(buf, sizeof buf, "%.200s/.ssh/environment", 1182 }
1151 strcmp(pw->pw_dir, "/") ? pw->pw_dir : ""); 1183 *value++ = '\0';
1152 read_environment_file(&env, &envsize, buf); 1184 child_set_env(&env, &envsize, cp, value);
1153 } 1185 }
1186
1187 /* SSH_CLIENT deprecated */
1188 snprintf(buf, sizeof buf, "%.50s %d %d",
1189 ssh_remote_ipaddr(ssh), ssh_remote_port(ssh),
1190 ssh_local_port(ssh));
1191 child_set_env(&env, &envsize, "SSH_CLIENT", buf);
1192
1193 laddr = get_local_ipaddr(packet_get_connection_in());
1194 snprintf(buf, sizeof buf, "%.50s %d %.50s %d",
1195 ssh_remote_ipaddr(ssh), ssh_remote_port(ssh),
1196 laddr, ssh_local_port(ssh));
1197 free(laddr);
1198 child_set_env(&env, &envsize, "SSH_CONNECTION", buf);
1199
1200 if (tun_fwd_ifnames != NULL)
1201 child_set_env(&env, &envsize, "SSH_TUNNEL", tun_fwd_ifnames);
1202 if (auth_info_file != NULL)
1203 child_set_env(&env, &envsize, "SSH_USER_AUTH", auth_info_file);
1204 if (s->ttyfd != -1)
1205 child_set_env(&env, &envsize, "SSH_TTY", s->tty);
1206 if (original_command)
1207 child_set_env(&env, &envsize, "SSH_ORIGINAL_COMMAND",
1208 original_command);
1209
1154 if (debug_flag) { 1210 if (debug_flag) {
1155 /* dump the environment */ 1211 /* dump the environment */
1156 fprintf(stderr, "Environment:\n"); 1212 fprintf(stderr, "Environment:\n");
@@ -1324,7 +1380,7 @@ safely_chroot(const char *path, uid_t uid)
1324void 1380void
1325do_setusercontext(struct passwd *pw, const char *role) 1381do_setusercontext(struct passwd *pw, const char *role)
1326{ 1382{
1327 char *chroot_path, *tmp; 1383 char uidstr[32], *chroot_path, *tmp;
1328 1384
1329 platform_setusercontext(pw); 1385 platform_setusercontext(pw);
1330 1386
@@ -1356,8 +1412,10 @@ do_setusercontext(struct passwd *pw, const char *role)
1356 strcasecmp(options.chroot_directory, "none") != 0) { 1412 strcasecmp(options.chroot_directory, "none") != 0) {
1357 tmp = tilde_expand_filename(options.chroot_directory, 1413 tmp = tilde_expand_filename(options.chroot_directory,
1358 pw->pw_uid); 1414 pw->pw_uid);
1415 snprintf(uidstr, sizeof(uidstr), "%llu",
1416 (unsigned long long)pw->pw_uid);
1359 chroot_path = percent_expand(tmp, "h", pw->pw_dir, 1417 chroot_path = percent_expand(tmp, "h", pw->pw_dir,
1360 "u", pw->pw_name, (char *)NULL); 1418 "u", pw->pw_name, "U", uidstr, (char *)NULL);
1361 safely_chroot(chroot_path, pw->pw_uid); 1419 safely_chroot(chroot_path, pw->pw_uid);
1362 free(tmp); 1420 free(tmp);
1363 free(chroot_path); 1421 free(chroot_path);
@@ -1858,7 +1916,6 @@ static int
1858session_pty_req(struct ssh *ssh, Session *s) 1916session_pty_req(struct ssh *ssh, Session *s)
1859{ 1917{
1860 u_int len; 1918 u_int len;
1861 int n_bytes;
1862 1919
1863 if (!auth_opts->permit_pty_flag || !options.permit_tty) { 1920 if (!auth_opts->permit_pty_flag || !options.permit_tty) {
1864 debug("Allocating a pty not permitted for this connection."); 1921 debug("Allocating a pty not permitted for this connection.");
@@ -1893,8 +1950,7 @@ session_pty_req(struct ssh *ssh, Session *s)
1893 } 1950 }
1894 debug("session_pty_req: session %d alloc %s", s->self, s->tty); 1951 debug("session_pty_req: session %d alloc %s", s->self, s->tty);
1895 1952
1896 n_bytes = packet_remaining(); 1953 ssh_tty_parse_modes(ssh, s->ttyfd);
1897 tty_parse_modes(s->ttyfd, &n_bytes);
1898 1954
1899 if (!use_privsep) 1955 if (!use_privsep)
1900 pty_setowner(s->pw, s->tty, s->authctxt->role); 1956 pty_setowner(s->pw, s->tty, s->authctxt->role);
diff --git a/sftp-client.c b/sftp-client.c
index 0b53a2e68..4986d6d8d 100644
--- a/sftp-client.c
+++ b/sftp-client.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: sftp-client.c,v 1.128 2017/11/28 21:10:22 dtucker Exp $ */ 1/* $OpenBSD: sftp-client.c,v 1.130 2018/07/31 03:07:24 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org> 3 * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org>
4 * 4 *
@@ -669,7 +669,7 @@ do_lsreaddir(struct sftp_conn *conn, const char *path, int print_flag,
669 **dir = NULL; 669 **dir = NULL;
670 } 670 }
671 671
672 return status; 672 return status == SSH2_FX_OK ? 0 : -1;
673} 673}
674 674
675int 675int
@@ -1019,7 +1019,7 @@ do_fsync(struct sftp_conn *conn, u_char *handle, u_int handle_len)
1019 if (status != SSH2_FX_OK) 1019 if (status != SSH2_FX_OK)
1020 error("Couldn't sync file: %s", fx2txt(status)); 1020 error("Couldn't sync file: %s", fx2txt(status));
1021 1021
1022 return status; 1022 return status == SSH2_FX_OK ? 0 : -1;
1023} 1023}
1024 1024
1025#ifdef notyet 1025#ifdef notyet
@@ -1451,7 +1451,7 @@ do_download(struct sftp_conn *conn, const char *remote_path,
1451 sshbuf_free(msg); 1451 sshbuf_free(msg);
1452 free(handle); 1452 free(handle);
1453 1453
1454 return(status); 1454 return status == SSH2_FX_OK ? 0 : -1;
1455} 1455}
1456 1456
1457static int 1457static int
@@ -1461,7 +1461,7 @@ download_dir_internal(struct sftp_conn *conn, const char *src, const char *dst,
1461{ 1461{
1462 int i, ret = 0; 1462 int i, ret = 0;
1463 SFTP_DIRENT **dir_entries; 1463 SFTP_DIRENT **dir_entries;
1464 char *filename, *new_src, *new_dst; 1464 char *filename, *new_src = NULL, *new_dst = NULL;
1465 mode_t mode = 0777; 1465 mode_t mode = 0777;
1466 1466
1467 if (depth >= MAX_DIR_DEPTH) { 1467 if (depth >= MAX_DIR_DEPTH) {
@@ -1499,8 +1499,10 @@ download_dir_internal(struct sftp_conn *conn, const char *src, const char *dst,
1499 } 1499 }
1500 1500
1501 for (i = 0; dir_entries[i] != NULL && !interrupted; i++) { 1501 for (i = 0; dir_entries[i] != NULL && !interrupted; i++) {
1502 filename = dir_entries[i]->filename; 1502 free(new_dst);
1503 free(new_src);
1503 1504
1505 filename = dir_entries[i]->filename;
1504 new_dst = path_append(dst, filename); 1506 new_dst = path_append(dst, filename);
1505 new_src = path_append(src, filename); 1507 new_src = path_append(src, filename);
1506 1508
@@ -1523,9 +1525,9 @@ download_dir_internal(struct sftp_conn *conn, const char *src, const char *dst,
1523 } else 1525 } else
1524 logit("%s: not a regular file\n", new_src); 1526 logit("%s: not a regular file\n", new_src);
1525 1527
1526 free(new_dst);
1527 free(new_src);
1528 } 1528 }
1529 free(new_dst);
1530 free(new_src);
1529 1531
1530 if (preserve_flag) { 1532 if (preserve_flag) {
1531 if (dirattrib->flags & SSH2_FILEXFER_ATTR_ACMODTIME) { 1533 if (dirattrib->flags & SSH2_FILEXFER_ATTR_ACMODTIME) {
@@ -1793,7 +1795,7 @@ upload_dir_internal(struct sftp_conn *conn, const char *src, const char *dst,
1793 int ret = 0; 1795 int ret = 0;
1794 DIR *dirp; 1796 DIR *dirp;
1795 struct dirent *dp; 1797 struct dirent *dp;
1796 char *filename, *new_src, *new_dst; 1798 char *filename, *new_src = NULL, *new_dst = NULL;
1797 struct stat sb; 1799 struct stat sb;
1798 Attrib a, *dirattrib; 1800 Attrib a, *dirattrib;
1799 1801
@@ -1844,6 +1846,8 @@ upload_dir_internal(struct sftp_conn *conn, const char *src, const char *dst,
1844 while (((dp = readdir(dirp)) != NULL) && !interrupted) { 1846 while (((dp = readdir(dirp)) != NULL) && !interrupted) {
1845 if (dp->d_ino == 0) 1847 if (dp->d_ino == 0)
1846 continue; 1848 continue;
1849 free(new_dst);
1850 free(new_src);
1847 filename = dp->d_name; 1851 filename = dp->d_name;
1848 new_dst = path_append(dst, filename); 1852 new_dst = path_append(dst, filename);
1849 new_src = path_append(src, filename); 1853 new_src = path_append(src, filename);
@@ -1870,9 +1874,9 @@ upload_dir_internal(struct sftp_conn *conn, const char *src, const char *dst,
1870 } 1874 }
1871 } else 1875 } else
1872 logit("%s: not a regular file\n", filename); 1876 logit("%s: not a regular file\n", filename);
1873 free(new_dst);
1874 free(new_src);
1875 } 1877 }
1878 free(new_dst);
1879 free(new_src);
1876 1880
1877 do_setstat(conn, dst, &a); 1881 do_setstat(conn, dst, &a);
1878 1882
diff --git a/sftp-server.0 b/sftp-server.0
index 4f994f4c5..4c42b26c9 100644
--- a/sftp-server.0
+++ b/sftp-server.0
@@ -93,4 +93,4 @@ HISTORY
93AUTHORS 93AUTHORS
94 Markus Friedl <markus@openbsd.org> 94 Markus Friedl <markus@openbsd.org>
95 95
96OpenBSD 6.2 December 11, 2014 OpenBSD 6.2 96OpenBSD 6.4 December 11, 2014 OpenBSD 6.4
diff --git a/sftp-server.c b/sftp-server.c
index df0fb5068..ab1b063f2 100644
--- a/sftp-server.c
+++ b/sftp-server.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: sftp-server.c,v 1.111 2017/04/04 00:24:56 djm Exp $ */ 1/* $OpenBSD: sftp-server.c,v 1.112 2018/06/01 03:33:53 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2000-2004 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000-2004 Markus Friedl. All rights reserved.
4 * 4 *
@@ -1503,7 +1503,7 @@ sftp_server_main(int argc, char **argv, struct passwd *user_pw)
1503 int i, r, in, out, max, ch, skipargs = 0, log_stderr = 0; 1503 int i, r, in, out, max, ch, skipargs = 0, log_stderr = 0;
1504 ssize_t len, olen, set_size; 1504 ssize_t len, olen, set_size;
1505 SyslogFacility log_facility = SYSLOG_FACILITY_AUTH; 1505 SyslogFacility log_facility = SYSLOG_FACILITY_AUTH;
1506 char *cp, *homedir = NULL, buf[4*4096]; 1506 char *cp, *homedir = NULL, uidstr[32], buf[4*4096];
1507 long mask; 1507 long mask;
1508 1508
1509 extern char *optarg; 1509 extern char *optarg;
@@ -1554,8 +1554,10 @@ sftp_server_main(int argc, char **argv, struct passwd *user_pw)
1554 break; 1554 break;
1555 case 'd': 1555 case 'd':
1556 cp = tilde_expand_filename(optarg, user_pw->pw_uid); 1556 cp = tilde_expand_filename(optarg, user_pw->pw_uid);
1557 snprintf(uidstr, sizeof(uidstr), "%llu",
1558 (unsigned long long)pw->pw_uid);
1557 homedir = percent_expand(cp, "d", user_pw->pw_dir, 1559 homedir = percent_expand(cp, "d", user_pw->pw_dir,
1558 "u", user_pw->pw_name, (char *)NULL); 1560 "u", user_pw->pw_name, "U", uidstr, (char *)NULL);
1559 free(cp); 1561 free(cp);
1560 break; 1562 break;
1561 case 'p': 1563 case 'p':
diff --git a/sftp.0 b/sftp.0
index 7ad3e8d3f..343058e71 100644
--- a/sftp.0
+++ b/sftp.0
@@ -146,10 +146,10 @@ DESCRIPTION
146 SendEnv 146 SendEnv
147 ServerAliveInterval 147 ServerAliveInterval
148 ServerAliveCountMax 148 ServerAliveCountMax
149 SetEnv
149 StrictHostKeyChecking 150 StrictHostKeyChecking
150 TCPKeepAlive 151 TCPKeepAlive
151 UpdateHostKeys 152 UpdateHostKeys
152 UsePrivilegedPort
153 User 153 User
154 UserKnownHostsFile 154 UserKnownHostsFile
155 VerifyHostKeyDNS 155 VerifyHostKeyDNS
@@ -197,16 +197,16 @@ INTERACTIVE COMMANDS
197 change directory to the one the session started in. 197 change directory to the one the session started in.
198 198
199 chgrp grp path 199 chgrp grp path
200 Change group of file path to grp. path may contain glob(3) 200 Change group of file path to grp. path may contain glob(7)
201 characters and may match multiple files. grp must be a numeric 201 characters and may match multiple files. grp must be a numeric
202 GID. 202 GID.
203 203
204 chmod mode path 204 chmod mode path
205 Change permissions of file path to mode. path may contain 205 Change permissions of file path to mode. path may contain
206 glob(3) characters and may match multiple files. 206 glob(7) characters and may match multiple files.
207 207
208 chown own path 208 chown own path
209 Change owner of file path to own. path may contain glob(3) 209 Change owner of file path to own. path may contain glob(7)
210 characters and may match multiple files. own must be a numeric 210 characters and may match multiple files. own must be a numeric
211 UID. 211 UID.
212 212
@@ -223,7 +223,7 @@ INTERACTIVE COMMANDS
223 get [-afPpr] remote-path [local-path] 223 get [-afPpr] remote-path [local-path]
224 Retrieve the remote-path and store it on the local machine. If 224 Retrieve the remote-path and store it on the local machine. If
225 the local path name is not specified, it is given the same name 225 the local path name is not specified, it is given the same name
226 it has on the remote machine. remote-path may contain glob(3) 226 it has on the remote machine. remote-path may contain glob(7)
227 characters and may match multiple files. If it does and 227 characters and may match multiple files. If it does and
228 local-path is specified, then local-path must specify a 228 local-path is specified, then local-path must specify a
229 directory. 229 directory.
@@ -254,7 +254,7 @@ INTERACTIVE COMMANDS
254 Display local directory listing of either path or current 254 Display local directory listing of either path or current
255 directory if path is not specified. ls-options may contain any 255 directory if path is not specified. ls-options may contain any
256 flags supported by the local system's ls(1) command. path may 256 flags supported by the local system's ls(1) command. path may
257 contain glob(3) characters and may match multiple files. 257 contain glob(7) characters and may match multiple files.
258 258
259 lmkdir path 259 lmkdir path
260 Create local directory specified by path. 260 Create local directory specified by path.
@@ -268,7 +268,7 @@ INTERACTIVE COMMANDS
268 268
269 ls [-1afhlnrSt] [path] 269 ls [-1afhlnrSt] [path]
270 Display a remote directory listing of either path or the current 270 Display a remote directory listing of either path or the current
271 directory if path is not specified. path may contain glob(3) 271 directory if path is not specified. path may contain glob(7)
272 characters and may match multiple files. 272 characters and may match multiple files.
273 273
274 The following flags are recognized and alter the behaviour of ls 274 The following flags are recognized and alter the behaviour of ls
@@ -311,7 +311,7 @@ INTERACTIVE COMMANDS
311 put [-afPpr] local-path [remote-path] 311 put [-afPpr] local-path [remote-path]
312 Upload local-path and store it on the remote machine. If the 312 Upload local-path and store it on the remote machine. If the
313 remote path name is not specified, it is given the same name it 313 remote path name is not specified, it is given the same name it
314 has on the local machine. local-path may contain glob(3) 314 has on the local machine. local-path may contain glob(7)
315 characters and may match multiple files. If it does and 315 characters and may match multiple files. If it does and
316 remote-path is specified, then remote-path must specify a 316 remote-path is specified, then remote-path must specify a
317 directory. 317 directory.
@@ -369,10 +369,10 @@ INTERACTIVE COMMANDS
369 ? Synonym for help. 369 ? Synonym for help.
370 370
371SEE ALSO 371SEE ALSO
372 ftp(1), ls(1), scp(1), ssh(1), ssh-add(1), ssh-keygen(1), glob(3), 372 ftp(1), ls(1), scp(1), ssh(1), ssh-add(1), ssh-keygen(1), ssh_config(5),
373 ssh_config(5), sftp-server(8), sshd(8) 373 glob(7), sftp-server(8), sshd(8)
374 374
375 T. Ylonen and S. Lehtinen, SSH File Transfer Protocol, draft-ietf-secsh- 375 T. Ylonen and S. Lehtinen, SSH File Transfer Protocol, draft-ietf-secsh-
376 filexfer-00.txt, January 2001, work in progress material. 376 filexfer-00.txt, January 2001, work in progress material.
377 377
378OpenBSD 6.2 February 23, 2018 OpenBSD 6.2 378OpenBSD 6.4 July 23, 2018 OpenBSD 6.4
diff --git a/sftp.1 b/sftp.1
index 43e0442f7..a25d3890b 100644
--- a/sftp.1
+++ b/sftp.1
@@ -1,4 +1,4 @@
1.\" $OpenBSD: sftp.1,v 1.114 2018/02/23 07:38:09 jmc Exp $ 1.\" $OpenBSD: sftp.1,v 1.119 2018/07/23 19:53:55 jmc Exp $
2.\" 2.\"
3.\" Copyright (c) 2001 Damien Miller. All rights reserved. 3.\" Copyright (c) 2001 Damien Miller. All rights reserved.
4.\" 4.\"
@@ -22,7 +22,7 @@
22.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 22.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
23.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 23.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24.\" 24.\"
25.Dd $Mdocdate: February 23 2018 $ 25.Dd $Mdocdate: July 23 2018 $
26.Dt SFTP 1 26.Dt SFTP 1
27.Os 27.Os
28.Sh NAME 28.Sh NAME
@@ -243,10 +243,10 @@ For full details of the options listed below, and their possible values, see
243.It SendEnv 243.It SendEnv
244.It ServerAliveInterval 244.It ServerAliveInterval
245.It ServerAliveCountMax 245.It ServerAliveCountMax
246.It SetEnv
246.It StrictHostKeyChecking 247.It StrictHostKeyChecking
247.It TCPKeepAlive 248.It TCPKeepAlive
248.It UpdateHostKeys 249.It UpdateHostKeys
249.It UsePrivilegedPort
250.It User 250.It User
251.It UserKnownHostsFile 251.It UserKnownHostsFile
252.It VerifyHostKeyDNS 252.It VerifyHostKeyDNS
@@ -315,7 +315,7 @@ to
315.Ar grp . 315.Ar grp .
316.Ar path 316.Ar path
317may contain 317may contain
318.Xr glob 3 318.Xr glob 7
319characters and may match multiple files. 319characters and may match multiple files.
320.Ar grp 320.Ar grp
321must be a numeric GID. 321must be a numeric GID.
@@ -326,7 +326,7 @@ to
326.Ar mode . 326.Ar mode .
327.Ar path 327.Ar path
328may contain 328may contain
329.Xr glob 3 329.Xr glob 7
330characters and may match multiple files. 330characters and may match multiple files.
331.It Ic chown Ar own Ar path 331.It Ic chown Ar own Ar path
332Change owner of file 332Change owner of file
@@ -335,7 +335,7 @@ to
335.Ar own . 335.Ar own .
336.Ar path 336.Ar path
337may contain 337may contain
338.Xr glob 3 338.Xr glob 7
339characters and may match multiple files. 339characters and may match multiple files.
340.Ar own 340.Ar own
341must be a numeric UID. 341must be a numeric UID.
@@ -373,7 +373,7 @@ path name is not specified, it is given the same name it has on the
373remote machine. 373remote machine.
374.Ar remote-path 374.Ar remote-path
375may contain 375may contain
376.Xr glob 3 376.Xr glob 7
377characters and may match multiple files. 377characters and may match multiple files.
378If it does and 378If it does and
379.Ar local-path 379.Ar local-path
@@ -429,7 +429,7 @@ may contain any flags supported by the local system's
429command. 429command.
430.Ar path 430.Ar path
431may contain 431may contain
432.Xr glob 3 432.Xr glob 7
433characters and may match multiple files. 433characters and may match multiple files.
434.It Ic lmkdir Ar path 434.It Ic lmkdir Ar path
435Create local directory specified by 435Create local directory specified by
@@ -460,7 +460,7 @@ or the current directory if
460is not specified. 460is not specified.
461.Ar path 461.Ar path
462may contain 462may contain
463.Xr glob 3 463.Xr glob 7
464characters and may match multiple files. 464characters and may match multiple files.
465.Pp 465.Pp
466The following flags are recognized and alter the behaviour of 466The following flags are recognized and alter the behaviour of
@@ -513,7 +513,7 @@ If the remote path name is not specified, it is given the same name it has
513on the local machine. 513on the local machine.
514.Ar local-path 514.Ar local-path
515may contain 515may contain
516.Xr glob 3 516.Xr glob 7
517characters and may match multiple files. 517characters and may match multiple files.
518If it does and 518If it does and
519.Ar remote-path 519.Ar remote-path
@@ -616,8 +616,8 @@ Synonym for help.
616.Xr ssh 1 , 616.Xr ssh 1 ,
617.Xr ssh-add 1 , 617.Xr ssh-add 1 ,
618.Xr ssh-keygen 1 , 618.Xr ssh-keygen 1 ,
619.Xr glob 3 ,
620.Xr ssh_config 5 , 619.Xr ssh_config 5 ,
620.Xr glob 7 ,
621.Xr sftp-server 8 , 621.Xr sftp-server 8 ,
622.Xr sshd 8 622.Xr sshd 8
623.Rs 623.Rs
diff --git a/sftp.c b/sftp.c
index 5ce864eeb..d068f7e0f 100644
--- a/sftp.c
+++ b/sftp.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: sftp.c,v 1.182 2017/11/03 03:46:52 djm Exp $ */ 1/* $OpenBSD: sftp.c,v 1.185 2018/04/26 14:47:03 bluhm Exp $ */
2/* 2/*
3 * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org> 3 * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org>
4 * 4 *
@@ -81,7 +81,7 @@ FILE* infile;
81int batchmode = 0; 81int batchmode = 0;
82 82
83/* PID of ssh transport process */ 83/* PID of ssh transport process */
84static pid_t sshpid = -1; 84static volatile pid_t sshpid = -1;
85 85
86/* Suppress diagnositic messages */ 86/* Suppress diagnositic messages */
87int quiet = 0; 87int quiet = 0;
@@ -253,6 +253,25 @@ cmd_interrupt(int signo)
253 errno = olderrno; 253 errno = olderrno;
254} 254}
255 255
256/*ARGSUSED*/
257static void
258sigchld_handler(int sig)
259{
260 int save_errno = errno;
261 pid_t pid;
262 const char msg[] = "\rConnection closed. \n";
263
264 /* Report if ssh transport process dies. */
265 while ((pid = waitpid(sshpid, NULL, WNOHANG)) == -1 && errno == EINTR)
266 continue;
267 if (pid == sshpid) {
268 (void)write(STDERR_FILENO, msg, sizeof(msg) - 1);
269 sshpid = -1;
270 }
271
272 errno = save_errno;
273}
274
256static void 275static void
257help(void) 276help(void)
258{ 277{
@@ -1844,7 +1863,7 @@ complete_cmd_parse(EditLine *el, char *cmd, int lastarg, char quote,
1844 return 0; 1863 return 0;
1845 } 1864 }
1846 1865
1847 /* Complete ambigious command */ 1866 /* Complete ambiguous command */
1848 tmp = complete_ambiguous(cmd, list, count); 1867 tmp = complete_ambiguous(cmd, list, count);
1849 if (count > 1) 1868 if (count > 1)
1850 complete_display(list, 0); 1869 complete_display(list, 0);
@@ -2227,6 +2246,7 @@ interactive_loop(struct sftp_conn *conn, char *file1, char *file2)
2227 if (err != 0) 2246 if (err != 0)
2228 break; 2247 break;
2229 } 2248 }
2249 signal(SIGCHLD, SIG_DFL);
2230 free(remote_path); 2250 free(remote_path);
2231 free(startdir); 2251 free(startdir);
2232 free(conn); 2252 free(conn);
@@ -2296,6 +2316,7 @@ connect_to_server(char *path, char **args, int *in, int *out)
2296 signal(SIGTSTP, suspchild); 2316 signal(SIGTSTP, suspchild);
2297 signal(SIGTTIN, suspchild); 2317 signal(SIGTTIN, suspchild);
2298 signal(SIGTTOU, suspchild); 2318 signal(SIGTTOU, suspchild);
2319 signal(SIGCHLD, sigchld_handler);
2299 close(c_in); 2320 close(c_in);
2300 close(c_out); 2321 close(c_out);
2301} 2322}
@@ -2535,7 +2556,7 @@ main(int argc, char **argv)
2535 if (batchmode) 2556 if (batchmode)
2536 fclose(infile); 2557 fclose(infile);
2537 2558
2538 while (waitpid(sshpid, NULL, 0) == -1) 2559 while (waitpid(sshpid, NULL, 0) == -1 && sshpid > 1)
2539 if (errno != EINTR) 2560 if (errno != EINTR)
2540 fatal("Couldn't wait for ssh process: %s", 2561 fatal("Couldn't wait for ssh process: %s",
2541 strerror(errno)); 2562 strerror(errno));
diff --git a/ssh-add.0 b/ssh-add.0
index 2ef6c3da2..d60ae715e 100644
--- a/ssh-add.0
+++ b/ssh-add.0
@@ -120,4 +120,4 @@ AUTHORS
120 created OpenSSH. Markus Friedl contributed the support for SSH protocol 120 created OpenSSH. Markus Friedl contributed the support for SSH protocol
121 versions 1.5 and 2.0. 121 versions 1.5 and 2.0.
122 122
123OpenBSD 6.2 August 29, 2017 OpenBSD 6.2 123OpenBSD 6.4 August 29, 2017 OpenBSD 6.4
diff --git a/ssh-agent.0 b/ssh-agent.0
index 86ac988bd..f4575d01b 100644
--- a/ssh-agent.0
+++ b/ssh-agent.0
@@ -117,4 +117,4 @@ AUTHORS
117 created OpenSSH. Markus Friedl contributed the support for SSH protocol 117 created OpenSSH. Markus Friedl contributed the support for SSH protocol
118 versions 1.5 and 2.0. 118 versions 1.5 and 2.0.
119 119
120OpenBSD 6.2 November 30, 2016 OpenBSD 6.2 120OpenBSD 6.4 November 30, 2016 OpenBSD 6.4
diff --git a/ssh-agent.c b/ssh-agent.c
index 2a4578b03..d8a8260f9 100644
--- a/ssh-agent.c
+++ b/ssh-agent.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-agent.c,v 1.228 2018/02/23 15:58:37 markus Exp $ */ 1/* $OpenBSD: ssh-agent.c,v 1.231 2018/05/11 03:38:51 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -709,7 +709,7 @@ process_message(u_int socknum)
709 709
710 debug("%s: socket %u (fd=%d) type %d", __func__, socknum, e->fd, type); 710 debug("%s: socket %u (fd=%d) type %d", __func__, socknum, e->fd, type);
711 711
712 /* check wheter agent is locked */ 712 /* check whether agent is locked */
713 if (locked && type != SSH_AGENTC_UNLOCK) { 713 if (locked && type != SSH_AGENTC_UNLOCK) {
714 sshbuf_reset(e->request); 714 sshbuf_reset(e->request);
715 switch (type) { 715 switch (type) {
@@ -886,10 +886,10 @@ handle_conn_write(u_int socknum)
886} 886}
887 887
888static void 888static void
889after_poll(struct pollfd *pfd, size_t npfd) 889after_poll(struct pollfd *pfd, size_t npfd, u_int maxfds)
890{ 890{
891 size_t i; 891 size_t i;
892 u_int socknum; 892 u_int socknum, activefds = npfd;
893 893
894 for (i = 0; i < npfd; i++) { 894 for (i = 0; i < npfd; i++) {
895 if (pfd[i].revents == 0) 895 if (pfd[i].revents == 0)
@@ -909,19 +909,30 @@ after_poll(struct pollfd *pfd, size_t npfd)
909 /* Process events */ 909 /* Process events */
910 switch (sockets[socknum].type) { 910 switch (sockets[socknum].type) {
911 case AUTH_SOCKET: 911 case AUTH_SOCKET:
912 if ((pfd[i].revents & (POLLIN|POLLERR)) != 0 && 912 if ((pfd[i].revents & (POLLIN|POLLERR)) == 0)
913 handle_socket_read(socknum) != 0) 913 break;
914 close_socket(&sockets[socknum]); 914 if (npfd > maxfds) {
915 debug3("out of fds (active %u >= limit %u); "
916 "skipping accept", activefds, maxfds);
917 break;
918 }
919 if (handle_socket_read(socknum) == 0)
920 activefds++;
915 break; 921 break;
916 case AUTH_CONNECTION: 922 case AUTH_CONNECTION:
917 if ((pfd[i].revents & (POLLIN|POLLERR)) != 0 && 923 if ((pfd[i].revents & (POLLIN|POLLERR)) != 0 &&
918 handle_conn_read(socknum) != 0) { 924 handle_conn_read(socknum) != 0) {
919 close_socket(&sockets[socknum]); 925 goto close_sock;
920 break;
921 } 926 }
922 if ((pfd[i].revents & (POLLOUT|POLLHUP)) != 0 && 927 if ((pfd[i].revents & (POLLOUT|POLLHUP)) != 0 &&
923 handle_conn_write(socknum) != 0) 928 handle_conn_write(socknum) != 0) {
929 close_sock:
930 if (activefds == 0)
931 fatal("activefds == 0 at close_sock");
924 close_socket(&sockets[socknum]); 932 close_socket(&sockets[socknum]);
933 activefds--;
934 break;
935 }
925 break; 936 break;
926 default: 937 default:
927 break; 938 break;
@@ -930,7 +941,7 @@ after_poll(struct pollfd *pfd, size_t npfd)
930} 941}
931 942
932static int 943static int
933prepare_poll(struct pollfd **pfdp, size_t *npfdp, int *timeoutp) 944prepare_poll(struct pollfd **pfdp, size_t *npfdp, int *timeoutp, u_int maxfds)
934{ 945{
935 struct pollfd *pfd = *pfdp; 946 struct pollfd *pfd = *pfdp;
936 size_t i, j, npfd = 0; 947 size_t i, j, npfd = 0;
@@ -959,6 +970,16 @@ prepare_poll(struct pollfd **pfdp, size_t *npfdp, int *timeoutp)
959 for (i = j = 0; i < sockets_alloc; i++) { 970 for (i = j = 0; i < sockets_alloc; i++) {
960 switch (sockets[i].type) { 971 switch (sockets[i].type) {
961 case AUTH_SOCKET: 972 case AUTH_SOCKET:
973 if (npfd > maxfds) {
974 debug3("out of fds (active %zu >= limit %u); "
975 "skipping arming listener", npfd, maxfds);
976 break;
977 }
978 pfd[j].fd = sockets[i].fd;
979 pfd[j].revents = 0;
980 pfd[j].events = POLLIN;
981 j++;
982 break;
962 case AUTH_CONNECTION: 983 case AUTH_CONNECTION:
963 pfd[j].fd = sockets[i].fd; 984 pfd[j].fd = sockets[i].fd;
964 pfd[j].revents = 0; 985 pfd[j].revents = 0;
@@ -1059,6 +1080,7 @@ main(int ac, char **av)
1059 int timeout = -1; /* INFTIM */ 1080 int timeout = -1; /* INFTIM */
1060 struct pollfd *pfd = NULL; 1081 struct pollfd *pfd = NULL;
1061 size_t npfd = 0; 1082 size_t npfd = 0;
1083 u_int maxfds;
1062 1084
1063 ssh_malloc_init(); /* must be called before any mallocs */ 1085 ssh_malloc_init(); /* must be called before any mallocs */
1064 /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ 1086 /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
@@ -1070,6 +1092,9 @@ main(int ac, char **av)
1070 1092
1071 platform_disable_tracing(0); /* strict=no */ 1093 platform_disable_tracing(0); /* strict=no */
1072 1094
1095 if (getrlimit(RLIMIT_NOFILE, &rlim) == -1)
1096 fatal("%s: getrlimit: %s", __progname, strerror(errno));
1097
1073#ifdef WITH_OPENSSL 1098#ifdef WITH_OPENSSL
1074 OpenSSL_add_all_algorithms(); 1099 OpenSSL_add_all_algorithms();
1075#endif 1100#endif
@@ -1166,6 +1191,18 @@ main(int ac, char **av)
1166 printf("echo Agent pid %ld killed;\n", (long)pid); 1191 printf("echo Agent pid %ld killed;\n", (long)pid);
1167 exit(0); 1192 exit(0);
1168 } 1193 }
1194
1195 /*
1196 * Minimum file descriptors:
1197 * stdio (3) + listener (1) + syslog (1 maybe) + connection (1) +
1198 * a few spare for libc / stack protectors / sanitisers, etc.
1199 */
1200#define SSH_AGENT_MIN_FDS (3+1+1+1+4)
1201 if (rlim.rlim_cur < SSH_AGENT_MIN_FDS)
1202 fatal("%s: file descriptior rlimit %lld too low (minimum %u)",
1203 __progname, (long long)rlim.rlim_cur, SSH_AGENT_MIN_FDS);
1204 maxfds = rlim.rlim_cur - SSH_AGENT_MIN_FDS;
1205
1169 parent_pid = getpid(); 1206 parent_pid = getpid();
1170 1207
1171 if (agentsocket == NULL) { 1208 if (agentsocket == NULL) {
@@ -1285,7 +1322,7 @@ skip:
1285 platform_pledge_agent(); 1322 platform_pledge_agent();
1286 1323
1287 while (1) { 1324 while (1) {
1288 prepare_poll(&pfd, &npfd, &timeout); 1325 prepare_poll(&pfd, &npfd, &timeout, maxfds);
1289 result = poll(pfd, npfd, timeout); 1326 result = poll(pfd, npfd, timeout);
1290 saved_errno = errno; 1327 saved_errno = errno;
1291 if (parent_alive_interval != 0) 1328 if (parent_alive_interval != 0)
@@ -1296,7 +1333,7 @@ skip:
1296 continue; 1333 continue;
1297 fatal("poll: %s", strerror(saved_errno)); 1334 fatal("poll: %s", strerror(saved_errno));
1298 } else if (result > 0) 1335 } else if (result > 0)
1299 after_poll(pfd, npfd); 1336 after_poll(pfd, npfd, maxfds);
1300 } 1337 }
1301 /* NOTREACHED */ 1338 /* NOTREACHED */
1302} 1339}
diff --git a/ssh-gss.h b/ssh-gss.h
index 919660a03..350ce7882 100644
--- a/ssh-gss.h
+++ b/ssh-gss.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-gss.h,v 1.12 2017/06/24 06:34:38 djm Exp $ */ 1/* $OpenBSD: ssh-gss.h,v 1.14 2018/07/10 09:13:30 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved. 3 * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved.
4 * 4 *
@@ -124,6 +124,9 @@ ssh_gssapi_mech *ssh_gssapi_get_ctype(Gssctxt *);
124void ssh_gssapi_prepare_supported_oids(void); 124void ssh_gssapi_prepare_supported_oids(void);
125OM_uint32 ssh_gssapi_test_oid_supported(OM_uint32 *, gss_OID, int *); 125OM_uint32 ssh_gssapi_test_oid_supported(OM_uint32 *, gss_OID, int *);
126 126
127struct sshbuf;
128int ssh_gssapi_get_buffer_desc(struct sshbuf *, gss_buffer_desc *);
129
127OM_uint32 ssh_gssapi_import_name(Gssctxt *, const char *); 130OM_uint32 ssh_gssapi_import_name(Gssctxt *, const char *);
128OM_uint32 ssh_gssapi_init_ctx(Gssctxt *, int, 131OM_uint32 ssh_gssapi_init_ctx(Gssctxt *, int,
129 gss_buffer_desc *, gss_buffer_desc *, OM_uint32 *); 132 gss_buffer_desc *, gss_buffer_desc *, OM_uint32 *);
@@ -135,7 +138,8 @@ char *ssh_gssapi_last_error(Gssctxt *, OM_uint32 *, OM_uint32 *);
135void ssh_gssapi_build_ctx(Gssctxt **); 138void ssh_gssapi_build_ctx(Gssctxt **);
136void ssh_gssapi_delete_ctx(Gssctxt **); 139void ssh_gssapi_delete_ctx(Gssctxt **);
137OM_uint32 ssh_gssapi_sign(Gssctxt *, gss_buffer_t, gss_buffer_t); 140OM_uint32 ssh_gssapi_sign(Gssctxt *, gss_buffer_t, gss_buffer_t);
138void ssh_gssapi_buildmic(Buffer *, const char *, const char *, const char *); 141void ssh_gssapi_buildmic(struct sshbuf *, const char *,
142 const char *, const char *);
139int ssh_gssapi_check_mechanism(Gssctxt **, gss_OID, const char *, const char *); 143int ssh_gssapi_check_mechanism(Gssctxt **, gss_OID, const char *, const char *);
140OM_uint32 ssh_gssapi_client_identity(Gssctxt *, const char *); 144OM_uint32 ssh_gssapi_client_identity(Gssctxt *, const char *);
141int ssh_gssapi_credentials_updated(Gssctxt *); 145int ssh_gssapi_credentials_updated(Gssctxt *);
diff --git a/ssh-keygen.0 b/ssh-keygen.0
index 417e8382b..f8cc3c3e2 100644
--- a/ssh-keygen.0
+++ b/ssh-keygen.0
@@ -88,9 +88,8 @@ DESCRIPTION
88 new host keys. 88 new host keys.
89 89
90 -a rounds 90 -a rounds
91 When saving a new-format private key (i.e. an ed25519 key or when 91 When saving a private key this option specifies the number of KDF
92 the -o flag is set), this option specifies the number of KDF (key 92 (key derivation function) rounds used. Higher numbers result in
93 derivation function) rounds used. Higher numbers result in
94 slower passphrase verification and increased resistance to brute- 93 slower passphrase verification and increased resistance to brute-
95 force password cracking (should the keys be stolen). 94 force password cracking (should the keys be stolen).
96 95
@@ -115,10 +114,9 @@ DESCRIPTION
115 Provides a new comment. 114 Provides a new comment.
116 115
117 -c Requests changing the comment in the private and public key 116 -c Requests changing the comment in the private and public key
118 files. This operation is only supported for keys stored in the 117 files. The program will prompt for the file containing the
119 newer OpenSSH format. The program will prompt for the file 118 private keys, for the passphrase if the key has one, and for the
120 containing the private keys, for the passphrase if the key has 119 new comment.
121 one, and for the new comment.
122 120
123 -D pkcs11 121 -D pkcs11
124 Download the RSA public keys provided by the PKCS#11 shared 122 Download the RSA public keys provided by the PKCS#11 shared
@@ -212,7 +210,9 @@ DESCRIPTION
212 conversion options. The supported key formats are: M-bM-^@M-^\RFC4716M-bM-^@M-^] 210 conversion options. The supported key formats are: M-bM-^@M-^\RFC4716M-bM-^@M-^]
213 (RFC 4716/SSH2 public or private key), M-bM-^@M-^\PKCS8M-bM-^@M-^] (PEM PKCS8 public 211 (RFC 4716/SSH2 public or private key), M-bM-^@M-^\PKCS8M-bM-^@M-^] (PEM PKCS8 public
214 key) or M-bM-^@M-^\PEMM-bM-^@M-^] (PEM public key). The default conversion format is 212 key) or M-bM-^@M-^\PEMM-bM-^@M-^] (PEM public key). The default conversion format is
215 M-bM-^@M-^\RFC4716M-bM-^@M-^]. 213 M-bM-^@M-^\RFC4716M-bM-^@M-^]. Setting a format of M-bM-^@M-^\PEMM-bM-^@M-^] when generating or updating
214 a supported private key type will cause the key to be stored in
215 the legacy PEM private key format.
216 216
217 -N new_passphrase 217 -N new_passphrase
218 Provides the new passphrase. 218 Provides the new passphrase.
@@ -289,12 +289,6 @@ DESCRIPTION
289 separated list of one or more address/netmask pairs in 289 separated list of one or more address/netmask pairs in
290 CIDR format. 290 CIDR format.
291 291
292 -o Causes ssh-keygen to save private keys using the new OpenSSH
293 format rather than the more compatible PEM format. The new
294 format has increased resistance to brute-force password cracking
295 but is not supported by versions of OpenSSH prior to 6.5.
296 Ed25519 keys always use the new private key format.
297
298 -P passphrase 292 -P passphrase
299 Provides the (old) passphrase. 293 Provides the (old) passphrase.
300 294
@@ -577,4 +571,4 @@ AUTHORS
577 created OpenSSH. Markus Friedl contributed the support for SSH protocol 571 created OpenSSH. Markus Friedl contributed the support for SSH protocol
578 versions 1.5 and 2.0. 572 versions 1.5 and 2.0.
579 573
580OpenBSD 6.2 March 12, 2018 OpenBSD 6.2 574OpenBSD 6.4 August 8, 2018 OpenBSD 6.4
diff --git a/ssh-keygen.1 b/ssh-keygen.1
index 39767e621..33e0bbcc1 100644
--- a/ssh-keygen.1
+++ b/ssh-keygen.1
@@ -1,4 +1,4 @@
1.\" $OpenBSD: ssh-keygen.1,v 1.147 2018/03/12 00:52:01 djm Exp $ 1.\" $OpenBSD: ssh-keygen.1,v 1.148 2018/08/08 01:16:01 djm Exp $
2.\" 2.\"
3.\" Author: Tatu Ylonen <ylo@cs.hut.fi> 3.\" Author: Tatu Ylonen <ylo@cs.hut.fi>
4.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -35,7 +35,7 @@
35.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 35.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
36.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 36.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
37.\" 37.\"
38.Dd $Mdocdate: March 12 2018 $ 38.Dd $Mdocdate: August 8 2018 $
39.Dt SSH-KEYGEN 1 39.Dt SSH-KEYGEN 1
40.Os 40.Os
41.Sh NAME 41.Sh NAME
@@ -229,10 +229,8 @@ has also been specified, its argument is used as a prefix to the
229default path for the resulting host key files. 229default path for the resulting host key files.
230This is used by system administration scripts to generate new host keys. 230This is used by system administration scripts to generate new host keys.
231.It Fl a Ar rounds 231.It Fl a Ar rounds
232When saving a new-format private key (i.e. an ed25519 key or when the 232When saving a private key this option specifies the number of KDF
233.Fl o 233(key derivation function) rounds used.
234flag is set), this option specifies the number of KDF (key derivation function)
235rounds used.
236Higher numbers result in slower passphrase verification and increased 234Higher numbers result in slower passphrase verification and increased
237resistance to brute-force password cracking (should the keys be stolen). 235resistance to brute-force password cracking (should the keys be stolen).
238.Pp 236.Pp
@@ -260,8 +258,6 @@ flag will be ignored.
260Provides a new comment. 258Provides a new comment.
261.It Fl c 259.It Fl c
262Requests changing the comment in the private and public key files. 260Requests changing the comment in the private and public key files.
263This operation is only supported for keys stored in the
264newer OpenSSH format.
265The program will prompt for the file containing the private keys, for 261The program will prompt for the file containing the private keys, for
266the passphrase if the key has one, and for the new comment. 262the passphrase if the key has one, and for the new comment.
267.It Fl D Ar pkcs11 263.It Fl D Ar pkcs11
@@ -406,6 +402,10 @@ or
406(PEM public key). 402(PEM public key).
407The default conversion format is 403The default conversion format is
408.Dq RFC4716 . 404.Dq RFC4716 .
405Setting a format of
406.Dq PEM
407when generating or updating a supported private key type will cause the
408key to be stored in the legacy PEM private key format.
409.It Fl N Ar new_passphrase 409.It Fl N Ar new_passphrase
410Provides the new passphrase. 410Provides the new passphrase.
411.It Fl n Ar principals 411.It Fl n Ar principals
@@ -500,14 +500,6 @@ The
500is a comma-separated list of one or more address/netmask pairs in CIDR 500is a comma-separated list of one or more address/netmask pairs in CIDR
501format. 501format.
502.El 502.El
503.It Fl o
504Causes
505.Nm
506to save private keys using the new OpenSSH format rather than
507the more compatible PEM format.
508The new format has increased resistance to brute-force password cracking
509but is not supported by versions of OpenSSH prior to 6.5.
510Ed25519 keys always use the new private key format.
511.It Fl P Ar passphrase 503.It Fl P Ar passphrase
512Provides the (old) passphrase. 504Provides the (old) passphrase.
513.It Fl p 505.It Fl p
diff --git a/ssh-keygen.c b/ssh-keygen.c
index 9aac64fc3..22860ad90 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-keygen.c,v 1.314 2018/03/12 00:52:01 djm Exp $ */ 1/* $OpenBSD: ssh-keygen.c,v 1.319 2018/08/08 01:16:01 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -38,6 +38,7 @@
38#include <unistd.h> 38#include <unistd.h>
39#include <limits.h> 39#include <limits.h>
40#include <locale.h> 40#include <locale.h>
41#include <time.h>
41 42
42#include "xmalloc.h" 43#include "xmalloc.h"
43#include "sshkey.h" 44#include "sshkey.h"
@@ -178,7 +179,7 @@ char *key_type_name = NULL;
178char *pkcs11provider = NULL; 179char *pkcs11provider = NULL;
179 180
180/* Use new OpenSSH private key format when writing SSH2 keys instead of PEM */ 181/* Use new OpenSSH private key format when writing SSH2 keys instead of PEM */
181int use_new_format = 0; 182int use_new_format = 1;
182 183
183/* Cipher for new-format private keys */ 184/* Cipher for new-format private keys */
184char *new_format_cipher = NULL; 185char *new_format_cipher = NULL;
@@ -870,7 +871,8 @@ do_fingerprint(struct passwd *pw)
870{ 871{
871 FILE *f; 872 FILE *f;
872 struct sshkey *public = NULL; 873 struct sshkey *public = NULL;
873 char *comment = NULL, *cp, *ep, line[SSH_MAX_PUBKEY_BYTES]; 874 char *comment = NULL, *cp, *ep, *line = NULL;
875 size_t linesize = 0;
874 int i, invalid = 1; 876 int i, invalid = 1;
875 const char *path; 877 const char *path;
876 u_long lnum = 0; 878 u_long lnum = 0;
@@ -885,7 +887,8 @@ do_fingerprint(struct passwd *pw)
885 } else if ((f = fopen(path, "r")) == NULL) 887 } else if ((f = fopen(path, "r")) == NULL)
886 fatal("%s: %s: %s", __progname, path, strerror(errno)); 888 fatal("%s: %s: %s", __progname, path, strerror(errno));
887 889
888 while (read_keyfile_line(f, path, line, sizeof(line), &lnum) == 0) { 890 while (getline(&line, &linesize, f) != -1) {
891 lnum++;
889 cp = line; 892 cp = line;
890 cp[strcspn(cp, "\n")] = '\0'; 893 cp[strcspn(cp, "\n")] = '\0';
891 /* Trim leading space and comments */ 894 /* Trim leading space and comments */
@@ -905,6 +908,7 @@ do_fingerprint(struct passwd *pw)
905 */ 908 */
906 if (lnum == 1 && strcmp(identity_file, "-") != 0 && 909 if (lnum == 1 && strcmp(identity_file, "-") != 0 &&
907 strstr(cp, "PRIVATE KEY") != NULL) { 910 strstr(cp, "PRIVATE KEY") != NULL) {
911 free(line);
908 fclose(f); 912 fclose(f);
909 fingerprint_private(path); 913 fingerprint_private(path);
910 exit(0); 914 exit(0);
@@ -951,6 +955,7 @@ do_fingerprint(struct passwd *pw)
951 invalid = 0; /* One good key in the file is sufficient */ 955 invalid = 0; /* One good key in the file is sufficient */
952 } 956 }
953 fclose(f); 957 fclose(f);
958 free(line);
954 959
955 if (invalid) 960 if (invalid)
956 fatal("%s is not a public key file.", path); 961 fatal("%s is not a public key file.", path);
@@ -1254,13 +1259,12 @@ do_known_hosts(struct passwd *pw, const char *name)
1254 } 1259 }
1255 inplace = 1; 1260 inplace = 1;
1256 } 1261 }
1257
1258 /* XXX support identity_file == "-" for stdin */ 1262 /* XXX support identity_file == "-" for stdin */
1259 foreach_options = find_host ? HKF_WANT_MATCH : 0; 1263 foreach_options = find_host ? HKF_WANT_MATCH : 0;
1260 foreach_options |= print_fingerprint ? HKF_WANT_PARSE_KEY : 0; 1264 foreach_options |= print_fingerprint ? HKF_WANT_PARSE_KEY : 0;
1261 if ((r = hostkeys_foreach(identity_file, 1265 if ((r = hostkeys_foreach(identity_file, (find_host || !hash_hosts) ?
1262 hash_hosts ? known_hosts_hash : known_hosts_find_delete, &ctx, 1266 known_hosts_find_delete : known_hosts_hash, &ctx, name, NULL,
1263 name, NULL, foreach_options)) != 0) { 1267 foreach_options)) != 0) {
1264 if (inplace) 1268 if (inplace)
1265 unlink(tmp); 1269 unlink(tmp);
1266 fatal("%s: hostkeys_foreach failed: %s", __func__, ssh_err(r)); 1270 fatal("%s: hostkeys_foreach failed: %s", __func__, ssh_err(r));
@@ -2005,8 +2009,9 @@ do_show_cert(struct passwd *pw)
2005 struct stat st; 2009 struct stat st;
2006 int r, is_stdin = 0, ok = 0; 2010 int r, is_stdin = 0, ok = 0;
2007 FILE *f; 2011 FILE *f;
2008 char *cp, line[SSH_MAX_PUBKEY_BYTES]; 2012 char *cp, *line = NULL;
2009 const char *path; 2013 const char *path;
2014 size_t linesize = 0;
2010 u_long lnum = 0; 2015 u_long lnum = 0;
2011 2016
2012 if (!have_identity) 2017 if (!have_identity)
@@ -2022,7 +2027,8 @@ do_show_cert(struct passwd *pw)
2022 } else if ((f = fopen(identity_file, "r")) == NULL) 2027 } else if ((f = fopen(identity_file, "r")) == NULL)
2023 fatal("fopen %s: %s", identity_file, strerror(errno)); 2028 fatal("fopen %s: %s", identity_file, strerror(errno));
2024 2029
2025 while (read_keyfile_line(f, path, line, sizeof(line), &lnum) == 0) { 2030 while (getline(&line, &linesize, f) != -1) {
2031 lnum++;
2026 sshkey_free(key); 2032 sshkey_free(key);
2027 key = NULL; 2033 key = NULL;
2028 /* Trim leading space and comments */ 2034 /* Trim leading space and comments */
@@ -2047,6 +2053,7 @@ do_show_cert(struct passwd *pw)
2047 printf("%s:%lu:\n", path, lnum); 2053 printf("%s:%lu:\n", path, lnum);
2048 print_cert(key); 2054 print_cert(key);
2049 } 2055 }
2056 free(line);
2050 sshkey_free(key); 2057 sshkey_free(key);
2051 fclose(f); 2058 fclose(f);
2052 exit(ok ? 0 : 1); 2059 exit(ok ? 0 : 1);
@@ -2078,7 +2085,8 @@ update_krl_from_file(struct passwd *pw, const char *file, int wild_ca,
2078{ 2085{
2079 struct sshkey *key = NULL; 2086 struct sshkey *key = NULL;
2080 u_long lnum = 0; 2087 u_long lnum = 0;
2081 char *path, *cp, *ep, line[SSH_MAX_PUBKEY_BYTES]; 2088 char *path, *cp, *ep, *line = NULL;
2089 size_t linesize = 0;
2082 unsigned long long serial, serial2; 2090 unsigned long long serial, serial2;
2083 int i, was_explicit_key, was_sha1, r; 2091 int i, was_explicit_key, was_sha1, r;
2084 FILE *krl_spec; 2092 FILE *krl_spec;
@@ -2093,8 +2101,8 @@ update_krl_from_file(struct passwd *pw, const char *file, int wild_ca,
2093 2101
2094 if (!quiet) 2102 if (!quiet)
2095 printf("Revoking from %s\n", path); 2103 printf("Revoking from %s\n", path);
2096 while (read_keyfile_line(krl_spec, path, line, sizeof(line), 2104 while (getline(&line, &linesize, krl_spec) != -1) {
2097 &lnum) == 0) { 2105 lnum++;
2098 was_explicit_key = was_sha1 = 0; 2106 was_explicit_key = was_sha1 = 0;
2099 cp = line + strspn(line, " \t"); 2107 cp = line + strspn(line, " \t");
2100 /* Trim trailing space, comments and strip \n */ 2108 /* Trim trailing space, comments and strip \n */
@@ -2194,6 +2202,7 @@ update_krl_from_file(struct passwd *pw, const char *file, int wild_ca,
2194 } 2202 }
2195 if (strcmp(path, "-") != 0) 2203 if (strcmp(path, "-") != 0)
2196 fclose(krl_spec); 2204 fclose(krl_spec);
2205 free(line);
2197 free(path); 2206 free(path);
2198} 2207}
2199 2208
@@ -2247,7 +2256,7 @@ do_gen_krl(struct passwd *pw, int updating, int argc, char **argv)
2247 fatal("Couldn't generate KRL"); 2256 fatal("Couldn't generate KRL");
2248 if ((fd = open(identity_file, O_WRONLY|O_CREAT|O_TRUNC, 0644)) == -1) 2257 if ((fd = open(identity_file, O_WRONLY|O_CREAT|O_TRUNC, 0644)) == -1)
2249 fatal("open %s: %s", identity_file, strerror(errno)); 2258 fatal("open %s: %s", identity_file, strerror(errno));
2250 if (atomicio(vwrite, fd, (void *)sshbuf_ptr(kbuf), sshbuf_len(kbuf)) != 2259 if (atomicio(vwrite, fd, sshbuf_mutable_ptr(kbuf), sshbuf_len(kbuf)) !=
2251 sshbuf_len(kbuf)) 2260 sshbuf_len(kbuf))
2252 fatal("write %s: %s", identity_file, strerror(errno)); 2261 fatal("write %s: %s", identity_file, strerror(errno));
2253 close(fd); 2262 close(fd);
@@ -2425,6 +2434,7 @@ main(int argc, char **argv)
2425 } 2434 }
2426 if (strcasecmp(optarg, "PEM") == 0) { 2435 if (strcasecmp(optarg, "PEM") == 0) {
2427 convert_format = FMT_PEM; 2436 convert_format = FMT_PEM;
2437 use_new_format = 0;
2428 break; 2438 break;
2429 } 2439 }
2430 fatal("Unsupported conversion format \"%s\"", optarg); 2440 fatal("Unsupported conversion format \"%s\"", optarg);
@@ -2432,7 +2442,7 @@ main(int argc, char **argv)
2432 cert_principals = optarg; 2442 cert_principals = optarg;
2433 break; 2443 break;
2434 case 'o': 2444 case 'o':
2435 use_new_format = 1; 2445 /* no-op; new format is already the default */
2436 break; 2446 break;
2437 case 'p': 2447 case 'p':
2438 change_passphrase = 1; 2448 change_passphrase = 1;
diff --git a/ssh-keyscan.0 b/ssh-keyscan.0
index c0278ee0a..497ac0d9e 100644
--- a/ssh-keyscan.0
+++ b/ssh-keyscan.0
@@ -93,4 +93,4 @@ AUTHORS
93 Davison <wayned@users.sourceforge.net> added support for protocol version 93 Davison <wayned@users.sourceforge.net> added support for protocol version
94 2. 94 2.
95 95
96OpenBSD 6.2 March 5, 2018 OpenBSD 6.2 96OpenBSD 6.4 March 5, 2018 OpenBSD 6.4
diff --git a/ssh-keyscan.c b/ssh-keyscan.c
index 381fb0844..38b1c548b 100644
--- a/ssh-keyscan.c
+++ b/ssh-keyscan.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-keyscan.c,v 1.119 2018/03/02 21:40:15 jmc Exp $ */ 1/* $OpenBSD: ssh-keyscan.c,v 1.120 2018/06/06 18:29:18 markus Exp $ */
2/* 2/*
3 * Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>. 3 * Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>.
4 * 4 *
@@ -646,9 +646,9 @@ main(int argc, char **argv)
646{ 646{
647 int debug_flag = 0, log_level = SYSLOG_LEVEL_INFO; 647 int debug_flag = 0, log_level = SYSLOG_LEVEL_INFO;
648 int opt, fopt_count = 0, j; 648 int opt, fopt_count = 0, j;
649 char *tname, *cp, line[NI_MAXHOST]; 649 char *tname, *cp, *line = NULL;
650 size_t linesize = 0;
650 FILE *fp; 651 FILE *fp;
651 u_long linenum;
652 652
653 extern int optind; 653 extern int optind;
654 extern char *optarg; 654 extern char *optarg;
@@ -769,11 +769,8 @@ main(int argc, char **argv)
769 else if ((fp = fopen(argv[j], "r")) == NULL) 769 else if ((fp = fopen(argv[j], "r")) == NULL)
770 fatal("%s: %s: %s", __progname, argv[j], 770 fatal("%s: %s: %s", __progname, argv[j],
771 strerror(errno)); 771 strerror(errno));
772 linenum = 0;
773 772
774 while (read_keyfile_line(fp, 773 while (getline(&line, &linesize, fp) != -1) {
775 argv[j] == NULL ? "(stdin)" : argv[j], line, sizeof(line),
776 &linenum) != -1) {
777 /* Chomp off trailing whitespace and comments */ 774 /* Chomp off trailing whitespace and comments */
778 if ((cp = strchr(line, '#')) == NULL) 775 if ((cp = strchr(line, '#')) == NULL)
779 cp = line + strlen(line) - 1; 776 cp = line + strlen(line) - 1;
@@ -798,6 +795,7 @@ main(int argc, char **argv)
798 795
799 fclose(fp); 796 fclose(fp);
800 } 797 }
798 free(line);
801 799
802 while (optind < argc) 800 while (optind < argc)
803 do_host(argv[optind++]); 801 do_host(argv[optind++]);
diff --git a/ssh-keysign.0 b/ssh-keysign.0
index d855ad07a..db4355d29 100644
--- a/ssh-keysign.0
+++ b/ssh-keysign.0
@@ -49,4 +49,4 @@ HISTORY
49AUTHORS 49AUTHORS
50 Markus Friedl <markus@openbsd.org> 50 Markus Friedl <markus@openbsd.org>
51 51
52OpenBSD 6.2 February 17, 2016 OpenBSD 6.2 52OpenBSD 6.4 February 17, 2016 OpenBSD 6.4
diff --git a/ssh-keysign.c b/ssh-keysign.c
index 78bb66b08..744ecb4f9 100644
--- a/ssh-keysign.c
+++ b/ssh-keysign.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-keysign.c,v 1.54 2018/02/23 15:58:38 markus Exp $ */ 1/* $OpenBSD: ssh-keysign.c,v 1.55 2018/07/27 05:34:42 dtucker Exp $ */
2/* 2/*
3 * Copyright (c) 2002 Markus Friedl. All rights reserved. 3 * Copyright (c) 2002 Markus Friedl. All rights reserved.
4 * 4 *
@@ -62,11 +62,6 @@ struct ssh *active_state = NULL; /* XXX needed for linking */
62 62
63extern char *__progname; 63extern char *__progname;
64 64
65/* XXX readconf.c needs these */
66uid_t original_real_uid;
67
68extern char *__progname;
69
70static int 65static int
71valid_request(struct passwd *pw, char *host, struct sshkey **ret, 66valid_request(struct passwd *pw, char *host, struct sshkey **ret,
72 u_char *data, size_t datalen) 67 u_char *data, size_t datalen)
@@ -201,8 +196,7 @@ main(int argc, char **argv)
201 key_fd[i++] = open(_PATH_HOST_XMSS_KEY_FILE, O_RDONLY); 196 key_fd[i++] = open(_PATH_HOST_XMSS_KEY_FILE, O_RDONLY);
202 key_fd[i++] = open(_PATH_HOST_RSA_KEY_FILE, O_RDONLY); 197 key_fd[i++] = open(_PATH_HOST_RSA_KEY_FILE, O_RDONLY);
203 198
204 original_real_uid = getuid(); /* XXX readconf.c needs this */ 199 if ((pw = getpwuid(getuid())) == NULL)
205 if ((pw = getpwuid(original_real_uid)) == NULL)
206 fatal("getpwuid failed"); 200 fatal("getpwuid failed");
207 pw = pwcopy(pw); 201 pw = pwcopy(pw);
208 202
diff --git a/ssh-pkcs11-client.c b/ssh-pkcs11-client.c
index fc7582827..028b272cb 100644
--- a/ssh-pkcs11-client.c
+++ b/ssh-pkcs11-client.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-pkcs11-client.c,v 1.8 2018/02/05 05:37:46 tb Exp $ */ 1/* $OpenBSD: ssh-pkcs11-client.c,v 1.10 2018/07/09 21:59:10 markus Exp $ */
2/* 2/*
3 * Copyright (c) 2010 Markus Friedl. All rights reserved. 3 * Copyright (c) 2010 Markus Friedl. All rights reserved.
4 * 4 *
@@ -34,13 +34,14 @@
34 34
35#include "pathnames.h" 35#include "pathnames.h"
36#include "xmalloc.h" 36#include "xmalloc.h"
37#include "buffer.h" 37#include "sshbuf.h"
38#include "log.h" 38#include "log.h"
39#include "misc.h" 39#include "misc.h"
40#include "key.h" 40#include "sshkey.h"
41#include "authfd.h" 41#include "authfd.h"
42#include "atomicio.h" 42#include "atomicio.h"
43#include "ssh-pkcs11.h" 43#include "ssh-pkcs11.h"
44#include "ssherr.h"
44 45
45/* borrows code from sftp-server and ssh-agent */ 46/* borrows code from sftp-server and ssh-agent */
46 47
@@ -48,34 +49,37 @@ int fd = -1;
48pid_t pid = -1; 49pid_t pid = -1;
49 50
50static void 51static void
51send_msg(Buffer *m) 52send_msg(struct sshbuf *m)
52{ 53{
53 u_char buf[4]; 54 u_char buf[4];
54 int mlen = buffer_len(m); 55 size_t mlen = sshbuf_len(m);
56 int r;
55 57
56 put_u32(buf, mlen); 58 POKE_U32(buf, mlen);
57 if (atomicio(vwrite, fd, buf, 4) != 4 || 59 if (atomicio(vwrite, fd, buf, 4) != 4 ||
58 atomicio(vwrite, fd, buffer_ptr(m), 60 atomicio(vwrite, fd, sshbuf_mutable_ptr(m),
59 buffer_len(m)) != buffer_len(m)) 61 sshbuf_len(m)) != sshbuf_len(m))
60 error("write to helper failed"); 62 error("write to helper failed");
61 buffer_consume(m, mlen); 63 if ((r = sshbuf_consume(m, mlen)) != 0)
64 fatal("%s: buffer error: %s", __func__, ssh_err(r));
62} 65}
63 66
64static int 67static int
65recv_msg(Buffer *m) 68recv_msg(struct sshbuf *m)
66{ 69{
67 u_int l, len; 70 u_int l, len;
68 u_char buf[1024]; 71 u_char c, buf[1024];
72 int r;
69 73
70 if ((len = atomicio(read, fd, buf, 4)) != 4) { 74 if ((len = atomicio(read, fd, buf, 4)) != 4) {
71 error("read from helper failed: %u", len); 75 error("read from helper failed: %u", len);
72 return (0); /* XXX */ 76 return (0); /* XXX */
73 } 77 }
74 len = get_u32(buf); 78 len = PEEK_U32(buf);
75 if (len > 256 * 1024) 79 if (len > 256 * 1024)
76 fatal("response too long: %u", len); 80 fatal("response too long: %u", len);
77 /* read len bytes into m */ 81 /* read len bytes into m */
78 buffer_clear(m); 82 sshbuf_reset(m);
79 while (len > 0) { 83 while (len > 0) {
80 l = len; 84 l = len;
81 if (l > sizeof(buf)) 85 if (l > sizeof(buf))
@@ -84,10 +88,13 @@ recv_msg(Buffer *m)
84 error("response from helper failed."); 88 error("response from helper failed.");
85 return (0); /* XXX */ 89 return (0); /* XXX */
86 } 90 }
87 buffer_append(m, buf, l); 91 if ((r = sshbuf_put(m, buf, l)) != 0)
92 fatal("%s: buffer error: %s", __func__, ssh_err(r));
88 len -= l; 93 len -= l;
89 } 94 }
90 return (buffer_get_char(m)); 95 if ((r = sshbuf_get_u8(m, &c)) != 0)
96 fatal("%s: buffer error: %s", __func__, ssh_err(r));
97 return c;
91} 98}
92 99
93int 100int
@@ -109,34 +116,39 @@ pkcs11_rsa_private_encrypt(int flen, const u_char *from, u_char *to, RSA *rsa,
109{ 116{
110 struct sshkey key; /* XXX */ 117 struct sshkey key; /* XXX */
111 u_char *blob, *signature = NULL; 118 u_char *blob, *signature = NULL;
112 u_int blen, slen = 0; 119 size_t blen, slen = 0;
113 int ret = -1; 120 int r, ret = -1;
114 Buffer msg; 121 struct sshbuf *msg;
115 122
116 if (padding != RSA_PKCS1_PADDING) 123 if (padding != RSA_PKCS1_PADDING)
117 return (-1); 124 return (-1);
118 key.type = KEY_RSA; 125 key.type = KEY_RSA;
119 key.rsa = rsa; 126 key.rsa = rsa;
120 if (key_to_blob(&key, &blob, &blen) == 0) 127 if ((r = sshkey_to_blob(&key, &blob, &blen)) != 0) {
128 error("%s: sshkey_to_blob: %s", __func__, ssh_err(r));
121 return -1; 129 return -1;
122 buffer_init(&msg); 130 }
123 buffer_put_char(&msg, SSH2_AGENTC_SIGN_REQUEST); 131 if ((msg = sshbuf_new()) == NULL)
124 buffer_put_string(&msg, blob, blen); 132 fatal("%s: sshbuf_new failed", __func__);
125 buffer_put_string(&msg, from, flen); 133 if ((r = sshbuf_put_u8(msg, SSH2_AGENTC_SIGN_REQUEST)) != 0 ||
126 buffer_put_int(&msg, 0); 134 (r = sshbuf_put_string(msg, blob, blen)) != 0 ||
135 (r = sshbuf_put_string(msg, from, flen)) != 0 ||
136 (r = sshbuf_put_u32(msg, 0)) != 0)
137 fatal("%s: buffer error: %s", __func__, ssh_err(r));
127 free(blob); 138 free(blob);
128 send_msg(&msg); 139 send_msg(msg);
129 buffer_clear(&msg); 140 sshbuf_reset(msg);
130 141
131 if (recv_msg(&msg) == SSH2_AGENT_SIGN_RESPONSE) { 142 if (recv_msg(msg) == SSH2_AGENT_SIGN_RESPONSE) {
132 signature = buffer_get_string(&msg, &slen); 143 if ((r = sshbuf_get_string(msg, &signature, &slen)) != 0)
133 if (slen <= (u_int)RSA_size(rsa)) { 144 fatal("%s: buffer error: %s", __func__, ssh_err(r));
145 if (slen <= (size_t)RSA_size(rsa)) {
134 memcpy(to, signature, slen); 146 memcpy(to, signature, slen);
135 ret = slen; 147 ret = slen;
136 } 148 }
137 free(signature); 149 free(signature);
138 } 150 }
139 buffer_free(&msg); 151 sshbuf_free(msg);
140 return (ret); 152 return (ret);
141} 153}
142 154
@@ -185,31 +197,39 @@ pkcs11_start_helper(void)
185} 197}
186 198
187int 199int
188pkcs11_add_provider(char *name, char *pin, Key ***keysp) 200pkcs11_add_provider(char *name, char *pin, struct sshkey ***keysp)
189{ 201{
190 struct sshkey *k; 202 struct sshkey *k;
191 int i, nkeys; 203 int r;
192 u_char *blob; 204 u_char *blob;
193 u_int blen; 205 size_t blen;
194 Buffer msg; 206 u_int nkeys, i;
207 struct sshbuf *msg;
195 208
196 if (fd < 0 && pkcs11_start_helper() < 0) 209 if (fd < 0 && pkcs11_start_helper() < 0)
197 return (-1); 210 return (-1);
198 211
199 buffer_init(&msg); 212 if ((msg = sshbuf_new()) == NULL)
200 buffer_put_char(&msg, SSH_AGENTC_ADD_SMARTCARD_KEY); 213 fatal("%s: sshbuf_new failed", __func__);
201 buffer_put_cstring(&msg, name); 214 if ((r = sshbuf_put_u8(msg, SSH_AGENTC_ADD_SMARTCARD_KEY)) != 0 ||
202 buffer_put_cstring(&msg, pin); 215 (r = sshbuf_put_cstring(msg, name)) != 0 ||
203 send_msg(&msg); 216 (r = sshbuf_put_cstring(msg, pin)) != 0)
204 buffer_clear(&msg); 217 fatal("%s: buffer error: %s", __func__, ssh_err(r));
218 send_msg(msg);
219 sshbuf_reset(msg);
205 220
206 if (recv_msg(&msg) == SSH2_AGENT_IDENTITIES_ANSWER) { 221 if (recv_msg(msg) == SSH2_AGENT_IDENTITIES_ANSWER) {
207 nkeys = buffer_get_int(&msg); 222 if ((r = sshbuf_get_u32(msg, &nkeys)) != 0)
208 *keysp = xcalloc(nkeys, sizeof(Key *)); 223 fatal("%s: buffer error: %s", __func__, ssh_err(r));
224 *keysp = xcalloc(nkeys, sizeof(struct sshkey *));
209 for (i = 0; i < nkeys; i++) { 225 for (i = 0; i < nkeys; i++) {
210 blob = buffer_get_string(&msg, &blen); 226 /* XXX clean up properly instead of fatal() */
211 free(buffer_get_string(&msg, NULL)); 227 if ((r = sshbuf_get_string(msg, &blob, &blen)) != 0 ||
212 k = key_from_blob(blob, blen); 228 (r = sshbuf_skip_string(msg)) != 0)
229 fatal("%s: buffer error: %s",
230 __func__, ssh_err(r));
231 if ((r = sshkey_from_blob(blob, blen, &k)) != 0)
232 fatal("%s: bad key: %s", __func__, ssh_err(r));
213 wrap_key(k->rsa); 233 wrap_key(k->rsa);
214 (*keysp)[i] = k; 234 (*keysp)[i] = k;
215 free(blob); 235 free(blob);
@@ -217,26 +237,28 @@ pkcs11_add_provider(char *name, char *pin, Key ***keysp)
217 } else { 237 } else {
218 nkeys = -1; 238 nkeys = -1;
219 } 239 }
220 buffer_free(&msg); 240 sshbuf_free(msg);
221 return (nkeys); 241 return (nkeys);
222} 242}
223 243
224int 244int
225pkcs11_del_provider(char *name) 245pkcs11_del_provider(char *name)
226{ 246{
227 int ret = -1; 247 int r, ret = -1;
228 Buffer msg; 248 struct sshbuf *msg;
229 249
230 buffer_init(&msg); 250 if ((msg = sshbuf_new()) == NULL)
231 buffer_put_char(&msg, SSH_AGENTC_REMOVE_SMARTCARD_KEY); 251 fatal("%s: sshbuf_new failed", __func__);
232 buffer_put_cstring(&msg, name); 252 if ((r = sshbuf_put_u8(msg, SSH_AGENTC_REMOVE_SMARTCARD_KEY)) != 0 ||
233 buffer_put_cstring(&msg, ""); 253 (r = sshbuf_put_cstring(msg, name)) != 0 ||
234 send_msg(&msg); 254 (r = sshbuf_put_cstring(msg, "")) != 0)
235 buffer_clear(&msg); 255 fatal("%s: buffer error: %s", __func__, ssh_err(r));
256 send_msg(msg);
257 sshbuf_reset(msg);
236 258
237 if (recv_msg(&msg) == SSH_AGENT_SUCCESS) 259 if (recv_msg(msg) == SSH_AGENT_SUCCESS)
238 ret = 0; 260 ret = 0;
239 buffer_free(&msg); 261 sshbuf_free(msg);
240 return (ret); 262 return (ret);
241} 263}
242 264
diff --git a/ssh-pkcs11-helper.0 b/ssh-pkcs11-helper.0
index 93e5565b7..4d5c9843b 100644
--- a/ssh-pkcs11-helper.0
+++ b/ssh-pkcs11-helper.0
@@ -22,4 +22,4 @@ HISTORY
22AUTHORS 22AUTHORS
23 Markus Friedl <markus@openbsd.org> 23 Markus Friedl <markus@openbsd.org>
24 24
25OpenBSD 6.2 July 16, 2013 OpenBSD 6.2 25OpenBSD 6.4 July 16, 2013 OpenBSD 6.4
diff --git a/ssh-rsa.c b/ssh-rsa.c
index 49e71c87f..1756315b9 100644
--- a/ssh-rsa.c
+++ b/ssh-rsa.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-rsa.c,v 1.66 2018/02/14 16:27:24 jsing Exp $ */ 1/* $OpenBSD: ssh-rsa.c,v 1.67 2018/07/03 11:39:54 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2000, 2003 Markus Friedl <markus@openbsd.org> 3 * Copyright (c) 2000, 2003 Markus Friedl <markus@openbsd.org>
4 * 4 *
@@ -51,11 +51,14 @@ rsa_hash_alg_ident(int hash_alg)
51 return NULL; 51 return NULL;
52} 52}
53 53
54/*
55 * Returns the hash algorithm ID for a given algorithm identifier as used
56 * inside the signature blob,
57 */
54static int 58static int
55rsa_hash_alg_from_ident(const char *ident) 59rsa_hash_id_from_ident(const char *ident)
56{ 60{
57 if (strcmp(ident, "ssh-rsa") == 0 || 61 if (strcmp(ident, "ssh-rsa") == 0)
58 strcmp(ident, "ssh-rsa-cert-v01@openssh.com") == 0)
59 return SSH_DIGEST_SHA1; 62 return SSH_DIGEST_SHA1;
60 if (strcmp(ident, "rsa-sha2-256") == 0) 63 if (strcmp(ident, "rsa-sha2-256") == 0)
61 return SSH_DIGEST_SHA256; 64 return SSH_DIGEST_SHA256;
@@ -64,6 +67,27 @@ rsa_hash_alg_from_ident(const char *ident)
64 return -1; 67 return -1;
65} 68}
66 69
70/*
71 * Return the hash algorithm ID for the specified key name. This includes
72 * all the cases of rsa_hash_id_from_ident() but also the certificate key
73 * types.
74 */
75static int
76rsa_hash_id_from_keyname(const char *alg)
77{
78 int r;
79
80 if ((r = rsa_hash_id_from_ident(alg)) != -1)
81 return r;
82 if (strcmp(alg, "ssh-rsa-cert-v01@openssh.com") == 0)
83 return SSH_DIGEST_SHA1;
84 if (strcmp(alg, "rsa-sha2-256-cert-v01@openssh.com") == 0)
85 return SSH_DIGEST_SHA256;
86 if (strcmp(alg, "rsa-sha2-512-cert-v01@openssh.com") == 0)
87 return SSH_DIGEST_SHA512;
88 return -1;
89}
90
67static int 91static int
68rsa_hash_alg_nid(int type) 92rsa_hash_alg_nid(int type)
69{ 93{
@@ -135,7 +159,7 @@ ssh_rsa_sign(const struct sshkey *key, u_char **sigp, size_t *lenp,
135 if (alg_ident == NULL || strlen(alg_ident) == 0) 159 if (alg_ident == NULL || strlen(alg_ident) == 0)
136 hash_alg = SSH_DIGEST_SHA1; 160 hash_alg = SSH_DIGEST_SHA1;
137 else 161 else
138 hash_alg = rsa_hash_alg_from_ident(alg_ident); 162 hash_alg = rsa_hash_id_from_keyname(alg_ident);
139 if (key == NULL || key->rsa == NULL || hash_alg == -1 || 163 if (key == NULL || key->rsa == NULL || hash_alg == -1 ||
140 sshkey_type_plain(key->type) != KEY_RSA) 164 sshkey_type_plain(key->type) != KEY_RSA)
141 return SSH_ERR_INVALID_ARGUMENT; 165 return SSH_ERR_INVALID_ARGUMENT;
@@ -202,7 +226,7 @@ ssh_rsa_verify(const struct sshkey *key,
202 const char *alg) 226 const char *alg)
203{ 227{
204 char *sigtype = NULL; 228 char *sigtype = NULL;
205 int hash_alg, ret = SSH_ERR_INTERNAL_ERROR; 229 int hash_alg, want_alg, ret = SSH_ERR_INTERNAL_ERROR;
206 size_t len = 0, diff, modlen, dlen; 230 size_t len = 0, diff, modlen, dlen;
207 struct sshbuf *b = NULL; 231 struct sshbuf *b = NULL;
208 u_char digest[SSH_DIGEST_MAX_LENGTH], *osigblob, *sigblob = NULL; 232 u_char digest[SSH_DIGEST_MAX_LENGTH], *osigblob, *sigblob = NULL;
@@ -220,18 +244,24 @@ ssh_rsa_verify(const struct sshkey *key,
220 ret = SSH_ERR_INVALID_FORMAT; 244 ret = SSH_ERR_INVALID_FORMAT;
221 goto out; 245 goto out;
222 } 246 }
223 /* XXX djm: need cert types that reliably yield SHA-2 signatures */ 247 if ((hash_alg = rsa_hash_id_from_ident(sigtype)) == -1) {
224 if (alg != NULL && strcmp(alg, sigtype) != 0 &&
225 strcmp(alg, "ssh-rsa-cert-v01@openssh.com") != 0) {
226 error("%s: RSA signature type mismatch: "
227 "expected %s received %s", __func__, alg, sigtype);
228 ret = SSH_ERR_SIGNATURE_INVALID;
229 goto out;
230 }
231 if ((hash_alg = rsa_hash_alg_from_ident(sigtype)) == -1) {
232 ret = SSH_ERR_KEY_TYPE_MISMATCH; 248 ret = SSH_ERR_KEY_TYPE_MISMATCH;
233 goto out; 249 goto out;
234 } 250 }
251 /*
252 * Allow ssh-rsa-cert-v01 certs to generate SHA2 signatures for
253 * legacy reasons, but otherwise the signature type should match.
254 */
255 if (alg != NULL && strcmp(alg, "ssh-rsa-cert-v01@openssh.com") != 0) {
256 if ((want_alg = rsa_hash_id_from_keyname(alg)) == -1) {
257 ret = SSH_ERR_INVALID_ARGUMENT;
258 goto out;
259 }
260 if (hash_alg != want_alg) {
261 ret = SSH_ERR_SIGNATURE_INVALID;
262 goto out;
263 }
264 }
235 if (sshbuf_get_string(b, &sigblob, &len) != 0) { 265 if (sshbuf_get_string(b, &sigblob, &len) != 0) {
236 ret = SSH_ERR_INVALID_FORMAT; 266 ret = SSH_ERR_INVALID_FORMAT;
237 goto out; 267 goto out;
diff --git a/ssh.0 b/ssh.0
index 228553c8b..bab5eef3b 100644
--- a/ssh.0
+++ b/ssh.0
@@ -269,7 +269,6 @@ DESCRIPTION
269 IdentitiesOnly 269 IdentitiesOnly
270 IdentityAgent 270 IdentityAgent
271 IdentityFile 271 IdentityFile
272 Include
273 IPQoS 272 IPQoS
274 KbdInteractiveAuthentication 273 KbdInteractiveAuthentication
275 KbdInteractiveDevices 274 KbdInteractiveDevices
@@ -298,6 +297,7 @@ DESCRIPTION
298 SendEnv 297 SendEnv
299 ServerAliveInterval 298 ServerAliveInterval
300 ServerAliveCountMax 299 ServerAliveCountMax
300 SetEnv
301 StreamLocalBindMask 301 StreamLocalBindMask
302 StreamLocalBindUnlink 302 StreamLocalBindUnlink
303 StrictHostKeyChecking 303 StrictHostKeyChecking
@@ -305,7 +305,6 @@ DESCRIPTION
305 Tunnel 305 Tunnel
306 TunnelDevice 306 TunnelDevice
307 UpdateHostKeys 307 UpdateHostKeys
308 UsePrivilegedPort
309 User 308 User
310 UserKnownHostsFile 309 UserKnownHostsFile
311 VerifyHostKeyDNS 310 VerifyHostKeyDNS
@@ -405,9 +404,12 @@ DESCRIPTION
405 The devices may be specified by numerical ID or the keyword 404 The devices may be specified by numerical ID or the keyword
406 M-bM-^@M-^\anyM-bM-^@M-^], which uses the next available tunnel device. If 405 M-bM-^@M-^\anyM-bM-^@M-^], which uses the next available tunnel device. If
407 remote_tun is not specified, it defaults to M-bM-^@M-^\anyM-bM-^@M-^]. See also the 406 remote_tun is not specified, it defaults to M-bM-^@M-^\anyM-bM-^@M-^]. See also the
408 Tunnel and TunnelDevice directives in ssh_config(5). If the 407 Tunnel and TunnelDevice directives in ssh_config(5).
409 Tunnel directive is unset, it is set to the default tunnel mode, 408
410 which is M-bM-^@M-^\point-to-pointM-bM-^@M-^]. 409 If the Tunnel directive is unset, it will be set to the default
410 tunnel mode, which is M-bM-^@M-^\point-to-pointM-bM-^@M-^]. If a different Tunnel
411 forwarding mode it desired, then it should be specified before
412 -w.
411 413
412 -X Enables X11 forwarding. This can also be specified on a per-host 414 -X Enables X11 forwarding. This can also be specified on a per-host
413 basis in a configuration file. 415 basis in a configuration file.
@@ -973,4 +975,4 @@ AUTHORS
973 created OpenSSH. Markus Friedl contributed the support for SSH protocol 975 created OpenSSH. Markus Friedl contributed the support for SSH protocol
974 versions 1.5 and 2.0. 976 versions 1.5 and 2.0.
975 977
976OpenBSD 6.2 February 23, 2018 OpenBSD 6.2 978OpenBSD 6.4 July 19, 2018 OpenBSD 6.4
diff --git a/ssh.1 b/ssh.1
index 8a03db952..ba55aa665 100644
--- a/ssh.1
+++ b/ssh.1
@@ -33,8 +33,8 @@
33.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 33.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
34.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 34.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
35.\" 35.\"
36.\" $OpenBSD: ssh.1,v 1.391 2018/02/23 07:38:09 jmc Exp $ 36.\" $OpenBSD: ssh.1,v 1.396 2018/07/19 10:28:47 dtucker Exp $
37.Dd $Mdocdate: February 23 2018 $ 37.Dd $Mdocdate: July 19 2018 $
38.Dt SSH 1 38.Dt SSH 1
39.Os 39.Os
40.Sh NAME 40.Sh NAME
@@ -499,7 +499,6 @@ For full details of the options listed below, and their possible values, see
499.It IdentitiesOnly 499.It IdentitiesOnly
500.It IdentityAgent 500.It IdentityAgent
501.It IdentityFile 501.It IdentityFile
502.It Include
503.It IPQoS 502.It IPQoS
504.It KbdInteractiveAuthentication 503.It KbdInteractiveAuthentication
505.It KbdInteractiveDevices 504.It KbdInteractiveDevices
@@ -528,6 +527,7 @@ For full details of the options listed below, and their possible values, see
528.It SendEnv 527.It SendEnv
529.It ServerAliveInterval 528.It ServerAliveInterval
530.It ServerAliveCountMax 529.It ServerAliveCountMax
530.It SetEnv
531.It StreamLocalBindMask 531.It StreamLocalBindMask
532.It StreamLocalBindUnlink 532.It StreamLocalBindUnlink
533.It StrictHostKeyChecking 533.It StrictHostKeyChecking
@@ -535,7 +535,6 @@ For full details of the options listed below, and their possible values, see
535.It Tunnel 535.It Tunnel
536.It TunnelDevice 536.It TunnelDevice
537.It UpdateHostKeys 537.It UpdateHostKeys
538.It UsePrivilegedPort
539.It User 538.It User
540.It UserKnownHostsFile 539.It UserKnownHostsFile
541.It VerifyHostKeyDNS 540.It VerifyHostKeyDNS
@@ -742,10 +741,15 @@ and
742.Cm TunnelDevice 741.Cm TunnelDevice
743directives in 742directives in
744.Xr ssh_config 5 . 743.Xr ssh_config 5 .
744.Pp
745If the 745If the
746.Cm Tunnel 746.Cm Tunnel
747directive is unset, it is set to the default tunnel mode, which is 747directive is unset, it will be set to the default tunnel mode, which is
748.Dq point-to-point . 748.Dq point-to-point .
749If a different
750.Cm Tunnel
751forwarding mode it desired, then it should be specified before
752.Fl w .
749.Pp 753.Pp
750.It Fl X 754.It Fl X
751Enables X11 forwarding. 755Enables X11 forwarding.
diff --git a/ssh.c b/ssh.c
index e36debf6a..6ee0f8c68 100644
--- a/ssh.c
+++ b/ssh.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh.c,v 1.475 2018/02/23 15:58:38 markus Exp $ */ 1/* $OpenBSD: ssh.c,v 1.490 2018/07/27 05:34:42 dtucker Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -87,9 +87,9 @@
87#include "cipher.h" 87#include "cipher.h"
88#include "digest.h" 88#include "digest.h"
89#include "packet.h" 89#include "packet.h"
90#include "buffer.h" 90#include "sshbuf.h"
91#include "channels.h" 91#include "channels.h"
92#include "key.h" 92#include "sshkey.h"
93#include "authfd.h" 93#include "authfd.h"
94#include "authfile.h" 94#include "authfile.h"
95#include "pathnames.h" 95#include "pathnames.h"
@@ -104,7 +104,6 @@
104#include "sshpty.h" 104#include "sshpty.h"
105#include "match.h" 105#include "match.h"
106#include "msg.h" 106#include "msg.h"
107#include "uidswap.h"
108#include "version.h" 107#include "version.h"
109#include "ssherr.h" 108#include "ssherr.h"
110#include "myproposal.h" 109#include "myproposal.h"
@@ -178,12 +177,8 @@ struct sockaddr_storage hostaddr;
178/* Private host keys. */ 177/* Private host keys. */
179Sensitive sensitive_data; 178Sensitive sensitive_data;
180 179
181/* Original real UID. */
182uid_t original_real_uid;
183uid_t original_effective_uid;
184
185/* command to be executed */ 180/* command to be executed */
186Buffer command; 181struct sshbuf *command;
187 182
188/* Should we execute a command or invoke a subsystem? */ 183/* Should we execute a command or invoke a subsystem? */
189int subsystem_flag = 0; 184int subsystem_flag = 0;
@@ -224,7 +219,7 @@ tilde_expand_paths(char **paths, u_int num_paths)
224 char *cp; 219 char *cp;
225 220
226 for (i = 0; i < num_paths; i++) { 221 for (i = 0; i < num_paths; i++) {
227 cp = tilde_expand_filename(paths[i], original_real_uid); 222 cp = tilde_expand_filename(paths[i], getuid());
228 free(paths[i]); 223 free(paths[i]);
229 paths[i] = cp; 224 paths[i] = cp;
230 } 225 }
@@ -504,6 +499,30 @@ resolve_canonicalize(char **hostp, int port)
504} 499}
505 500
506/* 501/*
502 * Check the result of hostkey loading, ignoring some errors and
503 * fatal()ing for others.
504 */
505static void
506check_load(int r, const char *path, const char *message)
507{
508 switch (r) {
509 case 0:
510 break;
511 case SSH_ERR_INTERNAL_ERROR:
512 case SSH_ERR_ALLOC_FAIL:
513 fatal("load %s \"%s\": %s", message, path, ssh_err(r));
514 case SSH_ERR_SYSTEM_ERROR:
515 /* Ignore missing files */
516 if (errno == ENOENT)
517 break;
518 /* FALLTHROUGH */
519 default:
520 error("load %s \"%s\": %s", message, path, ssh_err(r));
521 break;
522 }
523}
524
525/*
507 * Read per-user configuration file. Ignore the system wide config 526 * Read per-user configuration file. Ignore the system wide config
508 * file if the user specifies a config file on the command line. 527 * file if the user specifies a config file on the command line.
509 */ 528 */
@@ -597,35 +616,10 @@ main(int ac, char **av)
597 */ 616 */
598 closefrom(STDERR_FILENO + 1); 617 closefrom(STDERR_FILENO + 1);
599 618
600 /*
601 * Save the original real uid. It will be needed later (uid-swapping
602 * may clobber the real uid).
603 */
604 original_real_uid = getuid();
605 original_effective_uid = geteuid();
606
607 /*
608 * Use uid-swapping to give up root privileges for the duration of
609 * option processing. We will re-instantiate the rights when we are
610 * ready to create the privileged port, and will permanently drop
611 * them when the port has been created (actually, when the connection
612 * has been made, as we may need to create the port several times).
613 */
614 PRIV_END;
615
616#ifdef HAVE_SETRLIMIT
617 /* If we are installed setuid root be careful to not drop core. */
618 if (original_real_uid != original_effective_uid) {
619 struct rlimit rlim;
620 rlim.rlim_cur = rlim.rlim_max = 0;
621 if (setrlimit(RLIMIT_CORE, &rlim) < 0)
622 fatal("setrlimit failed: %.100s", strerror(errno));
623 }
624#endif
625 /* Get user data. */ 619 /* Get user data. */
626 pw = getpwuid(original_real_uid); 620 pw = getpwuid(getuid());
627 if (!pw) { 621 if (!pw) {
628 logit("No user exists for uid %lu", (u_long)original_real_uid); 622 logit("No user exists for uid %lu", (u_long)getuid());
629 exit(255); 623 exit(255);
630 } 624 }
631 /* Take a copy of the returned structure. */ 625 /* Take a copy of the returned structure. */
@@ -728,7 +722,6 @@ main(int ac, char **av)
728 fatal("Invalid multiplex command."); 722 fatal("Invalid multiplex command.");
729 break; 723 break;
730 case 'P': /* deprecated */ 724 case 'P': /* deprecated */
731 options.use_privileged_port = 0;
732 break; 725 break;
733 case 'Q': 726 case 'Q':
734 cp = NULL; 727 cp = NULL;
@@ -769,7 +762,7 @@ main(int ac, char **av)
769 options.gss_deleg_creds = 1; 762 options.gss_deleg_creds = 1;
770 break; 763 break;
771 case 'i': 764 case 'i':
772 p = tilde_expand_filename(optarg, original_real_uid); 765 p = tilde_expand_filename(optarg, getuid());
773 if (stat(p, &st) < 0) 766 if (stat(p, &st) < 0)
774 fprintf(stderr, "Warning: Identity file %s " 767 fprintf(stderr, "Warning: Identity file %s "
775 "not accessible: %s.\n", p, 768 "not accessible: %s.\n", p,
@@ -1042,7 +1035,8 @@ main(int ac, char **av)
1042#endif 1035#endif
1043 1036
1044 /* Initialize the command to execute on remote host. */ 1037 /* Initialize the command to execute on remote host. */
1045 buffer_init(&command); 1038 if ((command = sshbuf_new()) == NULL)
1039 fatal("sshbuf_new failed");
1046 1040
1047 /* 1041 /*
1048 * Save the command to execute on the remote host in a buffer. There 1042 * Save the command to execute on the remote host in a buffer. There
@@ -1059,9 +1053,10 @@ main(int ac, char **av)
1059 } else { 1053 } else {
1060 /* A command has been specified. Store it into the buffer. */ 1054 /* A command has been specified. Store it into the buffer. */
1061 for (i = 0; i < ac; i++) { 1055 for (i = 0; i < ac; i++) {
1062 if (i) 1056 if ((r = sshbuf_putf(command, "%s%s",
1063 buffer_append(&command, " ", 1); 1057 i ? " " : "", av[i])) != 0)
1064 buffer_append(&command, av[i], strlen(av[i])); 1058 fatal("%s: buffer error: %s",
1059 __func__, ssh_err(r));
1065 } 1060 }
1066 } 1061 }
1067 1062
@@ -1171,6 +1166,14 @@ main(int ac, char **av)
1171 */ 1166 */
1172 if (options.jump_host != NULL) { 1167 if (options.jump_host != NULL) {
1173 char port_s[8]; 1168 char port_s[8];
1169 const char *sshbin = argv0;
1170
1171 /*
1172 * Try to use SSH indicated by argv[0], but fall back to
1173 * "ssh" if it appears unavailable.
1174 */
1175 if (strchr(argv0, '/') != NULL && access(argv0, X_OK) != 0)
1176 sshbin = "ssh";
1174 1177
1175 /* Consistency check */ 1178 /* Consistency check */
1176 if (options.proxy_command != NULL) 1179 if (options.proxy_command != NULL)
@@ -1179,7 +1182,8 @@ main(int ac, char **av)
1179 options.proxy_use_fdpass = 0; 1182 options.proxy_use_fdpass = 0;
1180 snprintf(port_s, sizeof(port_s), "%d", options.jump_port); 1183 snprintf(port_s, sizeof(port_s), "%d", options.jump_port);
1181 xasprintf(&options.proxy_command, 1184 xasprintf(&options.proxy_command,
1182 "ssh%s%s%s%s%s%s%s%s%s%.*s -W '[%%h]:%%p' %s", 1185 "%s%s%s%s%s%s%s%s%s%s%.*s -W '[%%h]:%%p' %s",
1186 sshbin,
1183 /* Optional "-l user" argument if jump_user set */ 1187 /* Optional "-l user" argument if jump_user set */
1184 options.jump_user == NULL ? "" : " -l ", 1188 options.jump_user == NULL ? "" : " -l ",
1185 options.jump_user == NULL ? "" : options.jump_user, 1189 options.jump_user == NULL ? "" : options.jump_user,
@@ -1220,16 +1224,12 @@ main(int ac, char **av)
1220 } 1224 }
1221 if (options.connection_attempts <= 0) 1225 if (options.connection_attempts <= 0)
1222 fatal("Invalid number of ConnectionAttempts"); 1226 fatal("Invalid number of ConnectionAttempts");
1223#ifndef HAVE_CYGWIN
1224 if (original_effective_uid != 0)
1225 options.use_privileged_port = 0;
1226#endif
1227 1227
1228 if (buffer_len(&command) != 0 && options.remote_command != NULL) 1228 if (sshbuf_len(command) != 0 && options.remote_command != NULL)
1229 fatal("Cannot execute command-line and remote command."); 1229 fatal("Cannot execute command-line and remote command.");
1230 1230
1231 /* Cannot fork to background if no command. */ 1231 /* Cannot fork to background if no command. */
1232 if (fork_after_authentication_flag && buffer_len(&command) == 0 && 1232 if (fork_after_authentication_flag && sshbuf_len(command) == 0 &&
1233 options.remote_command == NULL && !no_shell_flag) 1233 options.remote_command == NULL && !no_shell_flag)
1234 fatal("Cannot fork into background without a command " 1234 fatal("Cannot fork into background without a command "
1235 "to execute."); 1235 "to execute.");
@@ -1242,7 +1242,7 @@ main(int ac, char **av)
1242 tty_flag = 1; 1242 tty_flag = 1;
1243 1243
1244 /* Allocate a tty by default if no command specified. */ 1244 /* Allocate a tty by default if no command specified. */
1245 if (buffer_len(&command) == 0 && options.remote_command == NULL) 1245 if (sshbuf_len(command) == 0 && options.remote_command == NULL)
1246 tty_flag = options.request_tty != REQUEST_TTY_NO; 1246 tty_flag = options.request_tty != REQUEST_TTY_NO;
1247 1247
1248 /* Force no tty */ 1248 /* Force no tty */
@@ -1269,7 +1269,8 @@ main(int ac, char **av)
1269 strlcpy(shorthost, thishost, sizeof(shorthost)); 1269 strlcpy(shorthost, thishost, sizeof(shorthost));
1270 shorthost[strcspn(thishost, ".")] = '\0'; 1270 shorthost[strcspn(thishost, ".")] = '\0';
1271 snprintf(portstr, sizeof(portstr), "%d", options.port); 1271 snprintf(portstr, sizeof(portstr), "%d", options.port);
1272 snprintf(uidstr, sizeof(uidstr), "%d", pw->pw_uid); 1272 snprintf(uidstr, sizeof(uidstr), "%llu",
1273 (unsigned long long)pw->pw_uid);
1273 1274
1274 if ((md = ssh_digest_start(SSH_DIGEST_SHA1)) == NULL || 1275 if ((md = ssh_digest_start(SSH_DIGEST_SHA1)) == NULL ||
1275 ssh_digest_update(md, thishost, strlen(thishost)) < 0 || 1276 ssh_digest_update(md, thishost, strlen(thishost)) < 0 ||
@@ -1294,6 +1295,7 @@ main(int ac, char **av)
1294 "L", shorthost, 1295 "L", shorthost,
1295 "d", pw->pw_dir, 1296 "d", pw->pw_dir,
1296 "h", host, 1297 "h", host,
1298 "i", uidstr,
1297 "l", thishost, 1299 "l", thishost,
1298 "n", host_arg, 1300 "n", host_arg,
1299 "p", portstr, 1301 "p", portstr,
@@ -1302,18 +1304,19 @@ main(int ac, char **av)
1302 (char *)NULL); 1304 (char *)NULL);
1303 debug3("expanded RemoteCommand: %s", options.remote_command); 1305 debug3("expanded RemoteCommand: %s", options.remote_command);
1304 free(cp); 1306 free(cp);
1305 buffer_append(&command, options.remote_command, 1307 if ((r = sshbuf_put(command, options.remote_command,
1306 strlen(options.remote_command)); 1308 strlen(options.remote_command))) != 0)
1309 fatal("%s: buffer error: %s", __func__, ssh_err(r));
1307 } 1310 }
1308 1311
1309 if (options.control_path != NULL) { 1312 if (options.control_path != NULL) {
1310 cp = tilde_expand_filename(options.control_path, 1313 cp = tilde_expand_filename(options.control_path, getuid());
1311 original_real_uid);
1312 free(options.control_path); 1314 free(options.control_path);
1313 options.control_path = percent_expand(cp, 1315 options.control_path = percent_expand(cp,
1314 "C", conn_hash_hex, 1316 "C", conn_hash_hex,
1315 "L", shorthost, 1317 "L", shorthost,
1316 "h", host, 1318 "h", host,
1319 "i", uidstr,
1317 "l", thishost, 1320 "l", thishost,
1318 "n", host_arg, 1321 "n", host_arg,
1319 "p", portstr, 1322 "p", portstr,
@@ -1323,7 +1326,6 @@ main(int ac, char **av)
1323 (char *)NULL); 1326 (char *)NULL);
1324 free(cp); 1327 free(cp);
1325 } 1328 }
1326 free(conn_hash_hex);
1327 1329
1328 if (config_test) { 1330 if (config_test) {
1329 dump_client_config(&options, host); 1331 dump_client_config(&options, host);
@@ -1357,8 +1359,7 @@ main(int ac, char **av)
1357 /* Open a connection to the remote host. */ 1359 /* Open a connection to the remote host. */
1358 if (ssh_connect(ssh, host, addrs, &hostaddr, options.port, 1360 if (ssh_connect(ssh, host, addrs, &hostaddr, options.port,
1359 options.address_family, options.connection_attempts, 1361 options.address_family, options.connection_attempts,
1360 &timeout_ms, options.tcp_keep_alive, 1362 &timeout_ms, options.tcp_keep_alive) != 0)
1361 options.use_privileged_port) != 0)
1362 exit(255); 1363 exit(255);
1363 1364
1364 if (addrs != NULL) 1365 if (addrs != NULL)
@@ -1373,100 +1374,45 @@ main(int ac, char **av)
1373 debug3("timeout: %d ms remain after connect", timeout_ms); 1374 debug3("timeout: %d ms remain after connect", timeout_ms);
1374 1375
1375 /* 1376 /*
1376 * If we successfully made the connection, load the host private key 1377 * If we successfully made the connection and we have hostbased auth
1377 * in case we will need it later for combined rsa-rhosts 1378 * enabled, load the public keys so we can later use the ssh-keysign
1378 * authentication. This must be done before releasing extra 1379 * helper to sign challenges.
1379 * privileges, because the file is only readable by root.
1380 * If we cannot access the private keys, load the public keys
1381 * instead and try to execute the ssh-keysign helper instead.
1382 */ 1380 */
1383 sensitive_data.nkeys = 0; 1381 sensitive_data.nkeys = 0;
1384 sensitive_data.keys = NULL; 1382 sensitive_data.keys = NULL;
1385 sensitive_data.external_keysign = 0;
1386 if (options.hostbased_authentication) { 1383 if (options.hostbased_authentication) {
1387 sensitive_data.nkeys = 11; 1384 sensitive_data.nkeys = 10;
1388 sensitive_data.keys = xcalloc(sensitive_data.nkeys, 1385 sensitive_data.keys = xcalloc(sensitive_data.nkeys,
1389 sizeof(struct sshkey)); /* XXX */ 1386 sizeof(struct sshkey));
1390 for (i = 0; i < sensitive_data.nkeys; i++) 1387
1391 sensitive_data.keys[i] = NULL; 1388 /* XXX check errors? */
1392 1389#define L_PUBKEY(p,o) do { \
1393 PRIV_START; 1390 if ((o) >= sensitive_data.nkeys) \
1394#ifdef OPENSSL_HAS_ECC 1391 fatal("%s pubkey out of array bounds", __func__); \
1395 sensitive_data.keys[1] = key_load_private_cert(KEY_ECDSA, 1392 check_load(sshkey_load_public(p, &(sensitive_data.keys[o]), NULL), \
1396 _PATH_HOST_ECDSA_KEY_FILE, "", NULL); 1393 p, "pubkey"); \
1397#endif 1394} while (0)
1398 sensitive_data.keys[2] = key_load_private_cert(KEY_ED25519, 1395#define L_CERT(p,o) do { \
1399 _PATH_HOST_ED25519_KEY_FILE, "", NULL); 1396 if ((o) >= sensitive_data.nkeys) \
1400 sensitive_data.keys[3] = key_load_private_cert(KEY_RSA, 1397 fatal("%s cert out of array bounds", __func__); \
1401 _PATH_HOST_RSA_KEY_FILE, "", NULL); 1398 check_load(sshkey_load_cert(p, &(sensitive_data.keys[o])), p, "cert"); \
1402 sensitive_data.keys[4] = key_load_private_cert(KEY_DSA, 1399} while (0)
1403 _PATH_HOST_DSA_KEY_FILE, "", NULL); 1400
1404#ifdef OPENSSL_HAS_ECC 1401 if (options.hostbased_authentication == 1) {
1405 sensitive_data.keys[5] = key_load_private_type(KEY_ECDSA, 1402 L_CERT(_PATH_HOST_ECDSA_KEY_FILE, 0);
1406 _PATH_HOST_ECDSA_KEY_FILE, "", NULL, NULL); 1403 L_CERT(_PATH_HOST_ED25519_KEY_FILE, 1);
1407#endif 1404 L_CERT(_PATH_HOST_RSA_KEY_FILE, 2);
1408 sensitive_data.keys[6] = key_load_private_type(KEY_ED25519, 1405 L_CERT(_PATH_HOST_DSA_KEY_FILE, 3);
1409 _PATH_HOST_ED25519_KEY_FILE, "", NULL, NULL); 1406 L_PUBKEY(_PATH_HOST_ECDSA_KEY_FILE, 4);
1410 sensitive_data.keys[7] = key_load_private_type(KEY_RSA, 1407 L_PUBKEY(_PATH_HOST_ED25519_KEY_FILE, 5);
1411 _PATH_HOST_RSA_KEY_FILE, "", NULL, NULL); 1408 L_PUBKEY(_PATH_HOST_RSA_KEY_FILE, 6);
1412 sensitive_data.keys[8] = key_load_private_type(KEY_DSA, 1409 L_PUBKEY(_PATH_HOST_DSA_KEY_FILE, 7);
1413 _PATH_HOST_DSA_KEY_FILE, "", NULL, NULL); 1410 L_CERT(_PATH_HOST_XMSS_KEY_FILE, 8);
1414 sensitive_data.keys[9] = key_load_private_cert(KEY_XMSS, 1411 L_PUBKEY(_PATH_HOST_XMSS_KEY_FILE, 9);
1415 _PATH_HOST_XMSS_KEY_FILE, "", NULL);
1416 sensitive_data.keys[10] = key_load_private_type(KEY_XMSS,
1417 _PATH_HOST_XMSS_KEY_FILE, "", NULL, NULL);
1418 PRIV_END;
1419
1420 if (options.hostbased_authentication == 1 &&
1421 sensitive_data.keys[0] == NULL &&
1422 sensitive_data.keys[5] == NULL &&
1423 sensitive_data.keys[6] == NULL &&
1424 sensitive_data.keys[7] == NULL &&
1425 sensitive_data.keys[8] == NULL &&
1426 sensitive_data.keys[9] == NULL) {
1427#ifdef OPENSSL_HAS_ECC
1428 sensitive_data.keys[1] = key_load_cert(
1429 _PATH_HOST_ECDSA_KEY_FILE);
1430#endif
1431 sensitive_data.keys[2] = key_load_cert(
1432 _PATH_HOST_ED25519_KEY_FILE);
1433 sensitive_data.keys[3] = key_load_cert(
1434 _PATH_HOST_RSA_KEY_FILE);
1435 sensitive_data.keys[4] = key_load_cert(
1436 _PATH_HOST_DSA_KEY_FILE);
1437#ifdef OPENSSL_HAS_ECC
1438 sensitive_data.keys[5] = key_load_public(
1439 _PATH_HOST_ECDSA_KEY_FILE, NULL);
1440#endif
1441 sensitive_data.keys[6] = key_load_public(
1442 _PATH_HOST_ED25519_KEY_FILE, NULL);
1443 sensitive_data.keys[7] = key_load_public(
1444 _PATH_HOST_RSA_KEY_FILE, NULL);
1445 sensitive_data.keys[8] = key_load_public(
1446 _PATH_HOST_DSA_KEY_FILE, NULL);
1447 sensitive_data.keys[9] = key_load_cert(
1448 _PATH_HOST_XMSS_KEY_FILE);
1449 sensitive_data.keys[10] = key_load_public(
1450 _PATH_HOST_XMSS_KEY_FILE, NULL);
1451 sensitive_data.external_keysign = 1;
1452 } 1412 }
1453 } 1413 }
1454 /*
1455 * Get rid of any extra privileges that we may have. We will no
1456 * longer need them. Also, extra privileges could make it very hard
1457 * to read identity files and other non-world-readable files from the
1458 * user's home directory if it happens to be on a NFS volume where
1459 * root is mapped to nobody.
1460 */
1461 if (original_effective_uid == 0) {
1462 PRIV_START;
1463 permanently_set_uid(pw);
1464 }
1465 1414
1466 /* 1415 /* Create ~/.ssh * directory if it doesn't already exist. */
1467 * Now that we are back to our own permissions, create ~/.ssh
1468 * directory if it doesn't already exist.
1469 */
1470 if (config == NULL) { 1416 if (config == NULL) {
1471 r = snprintf(buf, sizeof buf, "%s%s%s", pw->pw_dir, 1417 r = snprintf(buf, sizeof buf, "%s%s%s", pw->pw_dir,
1472 strcmp(pw->pw_dir, "/") ? "/" : "", _PATH_SSH_USER_DIR); 1418 strcmp(pw->pw_dir, "/") ? "/" : "", _PATH_SSH_USER_DIR);
@@ -1485,17 +1431,22 @@ main(int ac, char **av)
1485 /* load options.identity_files */ 1431 /* load options.identity_files */
1486 load_public_identity_files(pw); 1432 load_public_identity_files(pw);
1487 1433
1488 /* optionally set the SSH_AUTHSOCKET_ENV_NAME varibale */ 1434 /* optionally set the SSH_AUTHSOCKET_ENV_NAME variable */
1489 if (options.identity_agent && 1435 if (options.identity_agent &&
1490 strcmp(options.identity_agent, SSH_AUTHSOCKET_ENV_NAME) != 0) { 1436 strcmp(options.identity_agent, SSH_AUTHSOCKET_ENV_NAME) != 0) {
1491 if (strcmp(options.identity_agent, "none") == 0) { 1437 if (strcmp(options.identity_agent, "none") == 0) {
1492 unsetenv(SSH_AUTHSOCKET_ENV_NAME); 1438 unsetenv(SSH_AUTHSOCKET_ENV_NAME);
1493 } else { 1439 } else {
1494 p = tilde_expand_filename(options.identity_agent, 1440 p = tilde_expand_filename(options.identity_agent,
1495 original_real_uid); 1441 getuid());
1496 cp = percent_expand(p, "d", pw->pw_dir, 1442 cp = percent_expand(p,
1497 "u", pw->pw_name, "l", thishost, "h", host, 1443 "d", pw->pw_dir,
1498 "r", options.user, (char *)NULL); 1444 "h", host,
1445 "i", uidstr,
1446 "l", thishost,
1447 "r", options.user,
1448 "u", pw->pw_name,
1449 (char *)NULL);
1499 setenv(SSH_AUTHSOCKET_ENV_NAME, cp, 1); 1450 setenv(SSH_AUTHSOCKET_ENV_NAME, cp, 1);
1500 free(cp); 1451 free(cp);
1501 free(p); 1452 free(p);
@@ -1527,7 +1478,7 @@ main(int ac, char **av)
1527 if (sensitive_data.keys[i] != NULL) { 1478 if (sensitive_data.keys[i] != NULL) {
1528 /* Destroys contents safely */ 1479 /* Destroys contents safely */
1529 debug3("clear hostkey %d", i); 1480 debug3("clear hostkey %d", i);
1530 key_free(sensitive_data.keys[i]); 1481 sshkey_free(sensitive_data.keys[i]);
1531 sensitive_data.keys[i] = NULL; 1482 sensitive_data.keys[i] = NULL;
1532 } 1483 }
1533 } 1484 }
@@ -1537,7 +1488,7 @@ main(int ac, char **av)
1537 free(options.identity_files[i]); 1488 free(options.identity_files[i]);
1538 options.identity_files[i] = NULL; 1489 options.identity_files[i] = NULL;
1539 if (options.identity_keys[i]) { 1490 if (options.identity_keys[i]) {
1540 key_free(options.identity_keys[i]); 1491 sshkey_free(options.identity_keys[i]);
1541 options.identity_keys[i] = NULL; 1492 options.identity_keys[i] = NULL;
1542 } 1493 }
1543 } 1494 }
@@ -1638,10 +1589,10 @@ ssh_confirm_remote_forward(struct ssh *ssh, int type, u_int32_t seq, void *ctxt)
1638 logit("Allocated port %u for remote forward to %s:%d", 1589 logit("Allocated port %u for remote forward to %s:%d",
1639 rfwd->allocated_port, 1590 rfwd->allocated_port,
1640 rfwd->connect_host, rfwd->connect_port); 1591 rfwd->connect_host, rfwd->connect_port);
1641 channel_update_permitted_opens(ssh, 1592 channel_update_permission(ssh,
1642 rfwd->handle, rfwd->allocated_port); 1593 rfwd->handle, rfwd->allocated_port);
1643 } else { 1594 } else {
1644 channel_update_permitted_opens(ssh, rfwd->handle, -1); 1595 channel_update_permission(ssh, rfwd->handle, -1);
1645 } 1596 }
1646 } 1597 }
1647 1598
@@ -1830,7 +1781,7 @@ ssh_session2_setup(struct ssh *ssh, int id, int success, void *arg)
1830 options.ip_qos_interactive, options.ip_qos_bulk); 1781 options.ip_qos_interactive, options.ip_qos_bulk);
1831 1782
1832 client_session2_setup(ssh, id, tty_flag, subsystem_flag, getenv("TERM"), 1783 client_session2_setup(ssh, id, tty_flag, subsystem_flag, getenv("TERM"),
1833 NULL, fileno(stdin), &command, environ); 1784 NULL, fileno(stdin), command, environ);
1834} 1785}
1835 1786
1836/* open new channel for a session */ 1787/* open new channel for a session */
@@ -1900,6 +1851,7 @@ ssh_session2(struct ssh *ssh, struct passwd *pw)
1900 "L", shorthost, 1851 "L", shorthost,
1901 "d", pw->pw_dir, 1852 "d", pw->pw_dir,
1902 "h", host, 1853 "h", host,
1854 "i", uidstr,
1903 "l", thishost, 1855 "l", thishost,
1904 "n", host_arg, 1856 "n", host_arg,
1905 "p", portstr, 1857 "p", portstr,
@@ -2009,8 +1961,10 @@ load_public_identity_files(struct passwd *pw)
2009 u_int n_ids, n_certs; 1961 u_int n_ids, n_certs;
2010 char *identity_files[SSH_MAX_IDENTITY_FILES]; 1962 char *identity_files[SSH_MAX_IDENTITY_FILES];
2011 struct sshkey *identity_keys[SSH_MAX_IDENTITY_FILES]; 1963 struct sshkey *identity_keys[SSH_MAX_IDENTITY_FILES];
1964 int identity_file_userprovided[SSH_MAX_IDENTITY_FILES];
2012 char *certificate_files[SSH_MAX_CERTIFICATE_FILES]; 1965 char *certificate_files[SSH_MAX_CERTIFICATE_FILES];
2013 struct sshkey *certificates[SSH_MAX_CERTIFICATE_FILES]; 1966 struct sshkey *certificates[SSH_MAX_CERTIFICATE_FILES];
1967 int certificate_file_userprovided[SSH_MAX_CERTIFICATE_FILES];
2014#ifdef ENABLE_PKCS11 1968#ifdef ENABLE_PKCS11
2015 struct sshkey **keys; 1969 struct sshkey **keys;
2016 int nkeys; 1970 int nkeys;
@@ -2019,8 +1973,12 @@ load_public_identity_files(struct passwd *pw)
2019 n_ids = n_certs = 0; 1973 n_ids = n_certs = 0;
2020 memset(identity_files, 0, sizeof(identity_files)); 1974 memset(identity_files, 0, sizeof(identity_files));
2021 memset(identity_keys, 0, sizeof(identity_keys)); 1975 memset(identity_keys, 0, sizeof(identity_keys));
1976 memset(identity_file_userprovided, 0,
1977 sizeof(identity_file_userprovided));
2022 memset(certificate_files, 0, sizeof(certificate_files)); 1978 memset(certificate_files, 0, sizeof(certificate_files));
2023 memset(certificates, 0, sizeof(certificates)); 1979 memset(certificates, 0, sizeof(certificates));
1980 memset(certificate_file_userprovided, 0,
1981 sizeof(certificate_file_userprovided));
2024 1982
2025#ifdef ENABLE_PKCS11 1983#ifdef ENABLE_PKCS11
2026 if (options.pkcs11_provider != NULL && 1984 if (options.pkcs11_provider != NULL &&
@@ -2030,7 +1988,7 @@ load_public_identity_files(struct passwd *pw)
2030 &keys)) > 0) { 1988 &keys)) > 0) {
2031 for (i = 0; i < nkeys; i++) { 1989 for (i = 0; i < nkeys; i++) {
2032 if (n_ids >= SSH_MAX_IDENTITY_FILES) { 1990 if (n_ids >= SSH_MAX_IDENTITY_FILES) {
2033 key_free(keys[i]); 1991 sshkey_free(keys[i]);
2034 continue; 1992 continue;
2035 } 1993 }
2036 identity_keys[n_ids] = keys[i]; 1994 identity_keys[n_ids] = keys[i];
@@ -2041,8 +1999,6 @@ load_public_identity_files(struct passwd *pw)
2041 free(keys); 1999 free(keys);
2042 } 2000 }
2043#endif /* ENABLE_PKCS11 */ 2001#endif /* ENABLE_PKCS11 */
2044 if ((pw = getpwuid(original_real_uid)) == NULL)
2045 fatal("load_public_identity_files: getpwuid failed");
2046 for (i = 0; i < options.num_identity_files; i++) { 2002 for (i = 0; i < options.num_identity_files; i++) {
2047 if (n_ids >= SSH_MAX_IDENTITY_FILES || 2003 if (n_ids >= SSH_MAX_IDENTITY_FILES ||
2048 strcasecmp(options.identity_files[i], "none") == 0) { 2004 strcasecmp(options.identity_files[i], "none") == 0) {
@@ -2050,19 +2006,20 @@ load_public_identity_files(struct passwd *pw)
2050 options.identity_files[i] = NULL; 2006 options.identity_files[i] = NULL;
2051 continue; 2007 continue;
2052 } 2008 }
2053 cp = tilde_expand_filename(options.identity_files[i], 2009 cp = tilde_expand_filename(options.identity_files[i], getuid());
2054 original_real_uid);
2055 filename = percent_expand(cp, "d", pw->pw_dir, 2010 filename = percent_expand(cp, "d", pw->pw_dir,
2056 "u", pw->pw_name, "l", thishost, "h", host, 2011 "u", pw->pw_name, "l", thishost, "h", host,
2057 "r", options.user, (char *)NULL); 2012 "r", options.user, (char *)NULL);
2058 free(cp); 2013 free(cp);
2059 public = key_load_public(filename, NULL); 2014 check_load(sshkey_load_public(filename, &public, NULL),
2015 filename, "pubkey");
2060 debug("identity file %s type %d", filename, 2016 debug("identity file %s type %d", filename,
2061 public ? public->type : -1); 2017 public ? public->type : -1);
2062 free(options.identity_files[i]); 2018 free(options.identity_files[i]);
2063 identity_files[n_ids] = filename; 2019 identity_files[n_ids] = filename;
2064 identity_keys[n_ids] = public; 2020 identity_keys[n_ids] = public;
2065 2021 identity_file_userprovided[n_ids] =
2022 options.identity_file_userprovided[i];
2066 if (++n_ids >= SSH_MAX_IDENTITY_FILES) 2023 if (++n_ids >= SSH_MAX_IDENTITY_FILES)
2067 continue; 2024 continue;
2068 2025
@@ -2073,23 +2030,26 @@ load_public_identity_files(struct passwd *pw)
2073 if (options.num_certificate_files != 0) 2030 if (options.num_certificate_files != 0)
2074 continue; 2031 continue;
2075 xasprintf(&cp, "%s-cert", filename); 2032 xasprintf(&cp, "%s-cert", filename);
2076 public = key_load_public(cp, NULL); 2033 check_load(sshkey_load_public(cp, &public, NULL),
2034 filename, "pubkey");
2077 debug("identity file %s type %d", cp, 2035 debug("identity file %s type %d", cp,
2078 public ? public->type : -1); 2036 public ? public->type : -1);
2079 if (public == NULL) { 2037 if (public == NULL) {
2080 free(cp); 2038 free(cp);
2081 continue; 2039 continue;
2082 } 2040 }
2083 if (!key_is_cert(public)) { 2041 if (!sshkey_is_cert(public)) {
2084 debug("%s: key %s type %s is not a certificate", 2042 debug("%s: key %s type %s is not a certificate",
2085 __func__, cp, key_type(public)); 2043 __func__, cp, sshkey_type(public));
2086 key_free(public); 2044 sshkey_free(public);
2087 free(cp); 2045 free(cp);
2088 continue; 2046 continue;
2089 } 2047 }
2090 /* NB. leave filename pointing to private key */ 2048 /* NB. leave filename pointing to private key */
2091 identity_files[n_ids] = xstrdup(filename); 2049 identity_files[n_ids] = xstrdup(filename);
2092 identity_keys[n_ids] = public; 2050 identity_keys[n_ids] = public;
2051 identity_file_userprovided[n_ids] =
2052 options.identity_file_userprovided[i];
2093 n_ids++; 2053 n_ids++;
2094 } 2054 }
2095 2055
@@ -2097,13 +2057,19 @@ load_public_identity_files(struct passwd *pw)
2097 fatal("%s: too many certificates", __func__); 2057 fatal("%s: too many certificates", __func__);
2098 for (i = 0; i < options.num_certificate_files; i++) { 2058 for (i = 0; i < options.num_certificate_files; i++) {
2099 cp = tilde_expand_filename(options.certificate_files[i], 2059 cp = tilde_expand_filename(options.certificate_files[i],
2100 original_real_uid); 2060 getuid());
2101 filename = percent_expand(cp, "d", pw->pw_dir, 2061 filename = percent_expand(cp,
2102 "u", pw->pw_name, "l", thishost, "h", host, 2062 "d", pw->pw_dir,
2103 "r", options.user, (char *)NULL); 2063 "h", host,
2064 "i", uidstr,
2065 "l", thishost,
2066 "r", options.user,
2067 "u", pw->pw_name,
2068 (char *)NULL);
2104 free(cp); 2069 free(cp);
2105 2070
2106 public = key_load_public(filename, NULL); 2071 check_load(sshkey_load_public(filename, &public, NULL),
2072 filename, "certificate");
2107 debug("certificate file %s type %d", filename, 2073 debug("certificate file %s type %d", filename,
2108 public ? public->type : -1); 2074 public ? public->type : -1);
2109 free(options.certificate_files[i]); 2075 free(options.certificate_files[i]);
@@ -2112,26 +2078,33 @@ load_public_identity_files(struct passwd *pw)
2112 free(filename); 2078 free(filename);
2113 continue; 2079 continue;
2114 } 2080 }
2115 if (!key_is_cert(public)) { 2081 if (!sshkey_is_cert(public)) {
2116 debug("%s: key %s type %s is not a certificate", 2082 debug("%s: key %s type %s is not a certificate",
2117 __func__, filename, key_type(public)); 2083 __func__, filename, sshkey_type(public));
2118 key_free(public); 2084 sshkey_free(public);
2119 free(filename); 2085 free(filename);
2120 continue; 2086 continue;
2121 } 2087 }
2122 certificate_files[n_certs] = filename; 2088 certificate_files[n_certs] = filename;
2123 certificates[n_certs] = public; 2089 certificates[n_certs] = public;
2090 certificate_file_userprovided[n_certs] =
2091 options.certificate_file_userprovided[i];
2124 ++n_certs; 2092 ++n_certs;
2125 } 2093 }
2126 2094
2127 options.num_identity_files = n_ids; 2095 options.num_identity_files = n_ids;
2128 memcpy(options.identity_files, identity_files, sizeof(identity_files)); 2096 memcpy(options.identity_files, identity_files, sizeof(identity_files));
2129 memcpy(options.identity_keys, identity_keys, sizeof(identity_keys)); 2097 memcpy(options.identity_keys, identity_keys, sizeof(identity_keys));
2098 memcpy(options.identity_file_userprovided,
2099 identity_file_userprovided, sizeof(identity_file_userprovided));
2130 2100
2131 options.num_certificate_files = n_certs; 2101 options.num_certificate_files = n_certs;
2132 memcpy(options.certificate_files, 2102 memcpy(options.certificate_files,
2133 certificate_files, sizeof(certificate_files)); 2103 certificate_files, sizeof(certificate_files));
2134 memcpy(options.certificates, certificates, sizeof(certificates)); 2104 memcpy(options.certificates, certificates, sizeof(certificates));
2105 memcpy(options.certificate_file_userprovided,
2106 certificate_file_userprovided,
2107 sizeof(certificate_file_userprovided));
2135} 2108}
2136 2109
2137static void 2110static void
diff --git a/ssh.h b/ssh.h
index 12d800922..5abfd7a68 100644
--- a/ssh.h
+++ b/ssh.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh.h,v 1.87 2017/05/07 23:15:59 djm Exp $ */ 1/* $OpenBSD: ssh.h,v 1.88 2018/06/06 18:29:18 markus Exp $ */
2 2
3/* 3/*
4 * Author: Tatu Ylonen <ylo@cs.hut.fi> 4 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -31,13 +31,6 @@
31#define SSH_MAX_IDENTITY_FILES 100 31#define SSH_MAX_IDENTITY_FILES 100
32 32
33/* 33/*
34 * Maximum length of lines in authorized_keys file.
35 * Current value permits 16kbit RSA keys and 8kbit DSA keys, with
36 * some room for options and comments.
37 */
38#define SSH_MAX_PUBKEY_BYTES 16384
39
40/*
41 * Major protocol version. Different version indicates major incompatibility 34 * Major protocol version. Different version indicates major incompatibility
42 * that prevents communication. 35 * that prevents communication.
43 * 36 *
diff --git a/ssh_api.h b/ssh_api.h
index 642acd5b2..584f896a7 100644
--- a/ssh_api.h
+++ b/ssh_api.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh_api.h,v 1.1 2015/01/19 20:30:23 markus Exp $ */ 1/* $OpenBSD: ssh_api.h,v 1.2 2018/04/10 00:10:49 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2012 Markus Friedl. All rights reserved. 3 * Copyright (c) 2012 Markus Friedl. All rights reserved.
4 * 4 *
@@ -81,7 +81,7 @@ int ssh_set_verify_host_key_callback(struct ssh *ssh,
81 * ssh_packet_next() sets typep if there is no new packet available. 81 * ssh_packet_next() sets typep if there is no new packet available.
82 * in this case the caller must fill the input byte-stream by passing 82 * in this case the caller must fill the input byte-stream by passing
83 * the data received over network to ssh_input_append(). 83 * the data received over network to ssh_input_append().
84 * additinally, the caller needs to send the resulting output 84 * additionally, the caller needs to send the resulting output
85 * byte-stream back over the network. otherwise the key exchange 85 * byte-stream back over the network. otherwise the key exchange
86 * would not proceed. the output byte-stream is accessed through 86 * would not proceed. the output byte-stream is accessed through
87 * ssh_output_ptr(). 87 * ssh_output_ptr().
diff --git a/ssh_config.0 b/ssh_config.0
index 4109b1909..00afda1ca 100644
--- a/ssh_config.0
+++ b/ssh_config.0
@@ -109,13 +109,11 @@ DESCRIPTION
109 BindAddress 109 BindAddress
110 Use the specified address on the local machine as the source 110 Use the specified address on the local machine as the source
111 address of the connection. Only useful on systems with more than 111 address of the connection. Only useful on systems with more than
112 one address. Note that this option does not work if 112 one address.
113 UsePrivilegedPort is set to yes.
114 113
115 BindInterface 114 BindInterface
116 Use the address of the specified interface on the local machine 115 Use the address of the specified interface on the local machine
117 as the source address of the connection. Note that this option 116 as the source address of the connection.
118 does not work if UsePrivilegedPort is set to yes.
119 117
120 CanonicalDomains 118 CanonicalDomains
121 When CanonicalizeHostname is enabled, this option specifies the 119 When CanonicalizeHostname is enabled, this option specifies the
@@ -216,8 +214,7 @@ DESCRIPTION
216 214
217 chacha20-poly1305@openssh.com, 215 chacha20-poly1305@openssh.com,
218 aes128-ctr,aes192-ctr,aes256-ctr, 216 aes128-ctr,aes192-ctr,aes256-ctr,
219 aes128-gcm@openssh.com,aes256-gcm@openssh.com, 217 aes128-gcm@openssh.com,aes256-gcm@openssh.com
220 aes128-cbc,aes192-cbc,aes256-cbc
221 218
222 The list of available ciphers may also be obtained using "ssh -Q 219 The list of available ciphers may also be obtained using "ssh -Q
223 cipher". 220 cipher".
@@ -429,11 +426,11 @@ DESCRIPTION
429 426
430 HostbasedKeyTypes 427 HostbasedKeyTypes
431 Specifies the key types that will be used for hostbased 428 Specifies the key types that will be used for hostbased
432 authentication as a comma-separated pattern list. Alternately if 429 authentication as a comma-separated list of patterns.
433 the specified value begins with a M-bM-^@M-^X+M-bM-^@M-^Y character, then the 430 Alternately if the specified value begins with a M-bM-^@M-^X+M-bM-^@M-^Y character,
434 specified key types will be appended to the default set instead 431 then the specified key types will be appended to the default set
435 of replacing them. If the specified value begins with a M-bM-^@M-^X-M-bM-^@M-^Y 432 instead of replacing them. If the specified value begins with a
436 character, then the specified key types (including wildcards) 433 M-bM-^@M-^X-M-bM-^@M-^Y character, then the specified key types (including wildcards)
437 will be removed from the default set instead of replacing them. 434 will be removed from the default set instead of replacing them.
438 The default for this option is: 435 The default for this option is:
439 436
@@ -441,9 +438,10 @@ DESCRIPTION
441 ecdsa-sha2-nistp384-cert-v01@openssh.com, 438 ecdsa-sha2-nistp384-cert-v01@openssh.com,
442 ecdsa-sha2-nistp521-cert-v01@openssh.com, 439 ecdsa-sha2-nistp521-cert-v01@openssh.com,
443 ssh-ed25519-cert-v01@openssh.com, 440 ssh-ed25519-cert-v01@openssh.com,
441 rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,
444 ssh-rsa-cert-v01@openssh.com, 442 ssh-rsa-cert-v01@openssh.com,
445 ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, 443 ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
446 ssh-ed25519,ssh-rsa 444 ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
447 445
448 The -Q option of ssh(1) may be used to list supported key types. 446 The -Q option of ssh(1) may be used to list supported key types.
449 447
@@ -460,9 +458,10 @@ DESCRIPTION
460 ecdsa-sha2-nistp384-cert-v01@openssh.com, 458 ecdsa-sha2-nistp384-cert-v01@openssh.com,
461 ecdsa-sha2-nistp521-cert-v01@openssh.com, 459 ecdsa-sha2-nistp521-cert-v01@openssh.com,
462 ssh-ed25519-cert-v01@openssh.com, 460 ssh-ed25519-cert-v01@openssh.com,
461 rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,
463 ssh-rsa-cert-v01@openssh.com, 462 ssh-rsa-cert-v01@openssh.com,
464 ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, 463 ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
465 ssh-ed25519,ssh-rsa 464 ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
466 465
467 If hostkeys are known for the destination host then this default 466 If hostkeys are known for the destination host then this default
468 is modified to prefer their algorithms. 467 is modified to prefer their algorithms.
@@ -544,7 +543,7 @@ DESCRIPTION
544 543
545 Include 544 Include
546 Include the specified configuration file(s). Multiple pathnames 545 Include the specified configuration file(s). Multiple pathnames
547 may be specified and each pathname may contain glob(3) wildcards 546 may be specified and each pathname may contain glob(7) wildcards
548 and, for user configurations, shell-like M-bM-^@M-^X~M-bM-^@M-^Y references to user 547 and, for user configurations, shell-like M-bM-^@M-^X~M-bM-^@M-^Y references to user
549 home directories. Files without absolute paths are assumed to be 548 home directories. Files without absolute paths are assumed to be
550 in ~/.ssh if included in a user configuration file or /etc/ssh if 549 in ~/.ssh if included in a user configuration file or /etc/ssh if
@@ -561,8 +560,8 @@ DESCRIPTION
561 is specified, it is used as the packet class unconditionally. If 560 is specified, it is used as the packet class unconditionally. If
562 two values are specified, the first is automatically selected for 561 two values are specified, the first is automatically selected for
563 interactive sessions and the second for non-interactive sessions. 562 interactive sessions and the second for non-interactive sessions.
564 The default is lowdelay for interactive sessions and throughput 563 The default is af21 (Low-Latency Data) for interactive sessions
565 for non-interactive sessions. 564 and cs1 (Lower Effort) for non-interactive sessions.
566 565
567 KbdInteractiveAuthentication 566 KbdInteractiveAuthentication
568 Specifies whether to use keyboard-interactive authentication. 567 Specifies whether to use keyboard-interactive authentication.
@@ -573,8 +572,7 @@ DESCRIPTION
573 authentication. Multiple method names must be comma-separated. 572 authentication. Multiple method names must be comma-separated.
574 The default is to use the server specified list. The methods 573 The default is to use the server specified list. The methods
575 available vary depending on what the server supports. For an 574 available vary depending on what the server supports. For an
576 OpenSSH server, it may be zero or more of: bsdauth, pam, and 575 OpenSSH server, it may be zero or more of: bsdauth and pam.
577 skey.
578 576
579 KexAlgorithms 577 KexAlgorithms
580 Specifies the available KEX (Key Exchange) algorithms. Multiple 578 Specifies the available KEX (Key Exchange) algorithms. Multiple
@@ -735,11 +733,11 @@ DESCRIPTION
735 733
736 PubkeyAcceptedKeyTypes 734 PubkeyAcceptedKeyTypes
737 Specifies the key types that will be used for public key 735 Specifies the key types that will be used for public key
738 authentication as a comma-separated pattern list. Alternately if 736 authentication as a comma-separated list of patterns.
739 the specified value begins with a M-bM-^@M-^X+M-bM-^@M-^Y character, then the key 737 Alternately if the specified value begins with a M-bM-^@M-^X+M-bM-^@M-^Y character,
740 types after it will be appended to the default instead of 738 then the key types after it will be appended to the default
741 replacing it. If the specified value begins with a M-bM-^@M-^X-M-bM-^@M-^Y 739 instead of replacing it. If the specified value begins with a
742 character, then the specified key types (including wildcards) 740 M-bM-^@M-^X-M-bM-^@M-^Y character, then the specified key types (including wildcards)
743 will be removed from the default set instead of replacing them. 741 will be removed from the default set instead of replacing them.
744 The default for this option is: 742 The default for this option is:
745 743
@@ -747,9 +745,10 @@ DESCRIPTION
747 ecdsa-sha2-nistp384-cert-v01@openssh.com, 745 ecdsa-sha2-nistp384-cert-v01@openssh.com,
748 ecdsa-sha2-nistp521-cert-v01@openssh.com, 746 ecdsa-sha2-nistp521-cert-v01@openssh.com,
749 ssh-ed25519-cert-v01@openssh.com, 747 ssh-ed25519-cert-v01@openssh.com,
748 rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,
750 ssh-rsa-cert-v01@openssh.com, 749 ssh-rsa-cert-v01@openssh.com,
751 ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, 750 ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
752 ssh-ed25519,ssh-rsa 751 ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
753 752
754 The list of available key types may also be obtained using "ssh 753 The list of available key types may also be obtained using "ssh
755 -Q key". 754 -Q key".
@@ -781,7 +780,7 @@ DESCRIPTION
781 780
782 RemoteForward 781 RemoteForward
783 Specifies that a TCP port on the remote machine be forwarded over 782 Specifies that a TCP port on the remote machine be forwarded over
784 the secure channel. The remote port may either be fowarded to a 783 the secure channel. The remote port may either be forwarded to a
785 specified host and port from the local machine, or may act as a 784 specified host and port from the local machine, or may act as a
786 SOCKS 4/5 proxy that allows a remote client to connect to 785 SOCKS 4/5 proxy that allows a remote client to connect to
787 arbitrary destinations from the local machine. The first 786 arbitrary destinations from the local machine. The first
@@ -832,11 +831,14 @@ DESCRIPTION
832 server. Variables are specified by name, which may contain 831 server. Variables are specified by name, which may contain
833 wildcard characters. Multiple environment variables may be 832 wildcard characters. Multiple environment variables may be
834 separated by whitespace or spread across multiple SendEnv 833 separated by whitespace or spread across multiple SendEnv
835 directives. The default is not to send any environment 834 directives.
836 variables.
837 835
838 See PATTERNS for more information on patterns. 836 See PATTERNS for more information on patterns.
839 837
838 It is possible to clear previously set SendEnv variable names by
839 prefixing patterns with -. The default is not to send any
840 environment variables.
841
840 ServerAliveCountMax 842 ServerAliveCountMax
841 Sets the number of server alive messages (see below) which may be 843 Sets the number of server alive messages (see below) which may be
842 sent without ssh(1) receiving any messages back from the server. 844 sent without ssh(1) receiving any messages back from the server.
@@ -862,6 +864,10 @@ DESCRIPTION
862 default is 0, indicating that these messages will not be sent to 864 default is 0, indicating that these messages will not be sent to
863 the server. 865 the server.
864 866
867 SetEnv Directly specify one or more environment variables and their
868 contents to be sent to the server. Similarly to SendEnv, the
869 server must be prepared to accept the environment variable.
870
865 StreamLocalBindMask 871 StreamLocalBindMask
866 Sets the octal file creation mode mask (umask) used when creating 872 Sets the octal file creation mode mask (umask) used when creating
867 a Unix-domain socket file for local or remote port forwarding. 873 a Unix-domain socket file for local or remote port forwarding.
@@ -956,11 +962,6 @@ DESCRIPTION
956 "hostkeys@openssh.com" protocol extension used to inform the 962 "hostkeys@openssh.com" protocol extension used to inform the
957 client of all the server's hostkeys. 963 client of all the server's hostkeys.
958 964
959 UsePrivilegedPort
960 Specifies whether to use a privileged port for outgoing
961 connections. The argument must be yes or no (the default). If
962 set to yes, ssh(1) must be setuid root.
963
964 User Specifies the user to log in as. This can be useful when a 965 User Specifies the user to log in as. This can be useful when a
965 different user name is used on different machines. This saves 966 different user name is used on different machines. This saves
966 the trouble of having to remember to give the user name on the 967 the trouble of having to remember to give the user name on the
@@ -1046,24 +1047,25 @@ TOKENS
1046 tunnel forwarding was requested, or "NONE" otherwise. 1047 tunnel forwarding was requested, or "NONE" otherwise.
1047 %u The local username. 1048 %u The local username.
1048 1049
1049 Match exec accepts the tokens %%, %h, %L, %l, %n, %p, %r, and %u. 1050 Match exec accepts the tokens %%, %h, %i, %L, %l, %n, %p, %r, and %u.
1050 1051
1051 CertificateFile accepts the tokens %%, %d, %h, %l, %r, and %u. 1052 CertificateFile accepts the tokens %%, %d, %h, %i, %l, %r, and %u.
1052 1053
1053 ControlPath accepts the tokens %%, %C, %h, %i, %L, %l, %n, %p, %r, and 1054 ControlPath accepts the tokens %%, %C, %h, %i, %L, %l, %n, %p, %r, and
1054 %u. 1055 %u.
1055 1056
1056 HostName accepts the tokens %% and %h. 1057 HostName accepts the tokens %% and %h.
1057 1058
1058 IdentityAgent and IdentityFile accept the tokens %%, %d, %h, %l, %r, and 1059 IdentityAgent and IdentityFile accept the tokens %%, %d, %h, %i, %l, %r,
1059 %u. 1060 and %u.
1060 1061
1061 LocalCommand accepts the tokens %%, %C, %d, %h, %l, %n, %p, %r, %T, and 1062 LocalCommand accepts the tokens %%, %C, %d, %h, %i, %l, %n, %p, %r, %T,
1062 %u. 1063 and %u.
1063 1064
1064 ProxyCommand accepts the tokens %%, %h, %p, and %r. 1065 ProxyCommand accepts the tokens %%, %h, %p, and %r.
1065 1066
1066 RemoteCommand accepts the tokens %%, %C, %d, %h, %l, %n, %p, %r, and %u. 1067 RemoteCommand accepts the tokens %%, %C, %d, %h, %i, %l, %n, %p, %r, and
1068 %u.
1067 1069
1068FILES 1070FILES
1069 ~/.ssh/config 1071 ~/.ssh/config
@@ -1089,4 +1091,4 @@ AUTHORS
1089 created OpenSSH. Markus Friedl contributed the support for SSH protocol 1091 created OpenSSH. Markus Friedl contributed the support for SSH protocol
1090 versions 1.5 and 2.0. 1092 versions 1.5 and 2.0.
1091 1093
1092OpenBSD 6.2 February 23, 2018 OpenBSD 6.2 1094OpenBSD 6.4 July 23, 2018 OpenBSD 6.4
diff --git a/ssh_config.5 b/ssh_config.5
index ed6e5d026..35c578c3b 100644
--- a/ssh_config.5
+++ b/ssh_config.5
@@ -33,8 +33,8 @@
33.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 33.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
34.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 34.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
35.\" 35.\"
36.\" $OpenBSD: ssh_config.5,v 1.268 2018/02/23 07:38:09 jmc Exp $ 36.\" $OpenBSD: ssh_config.5,v 1.281 2018/07/23 19:02:49 kn Exp $
37.Dd $Mdocdate: February 23 2018 $ 37.Dd $Mdocdate: July 23 2018 $
38.Dt SSH_CONFIG 5 38.Dt SSH_CONFIG 5
39.Os 39.Os
40.Sh NAME 40.Sh NAME
@@ -278,17 +278,9 @@ or
278Use the specified address on the local machine as the source address of 278Use the specified address on the local machine as the source address of
279the connection. 279the connection.
280Only useful on systems with more than one address. 280Only useful on systems with more than one address.
281Note that this option does not work if
282.Cm UsePrivilegedPort
283is set to
284.Cm yes .
285.It Cm BindInterface 281.It Cm BindInterface
286Use the address of the specified interface on the local machine as the 282Use the address of the specified interface on the local machine as the
287source address of the connection. 283source address of the connection.
288Note that this option does not work if
289.Cm UsePrivilegedPort
290is set to
291.Cm yes .
292.It Cm CanonicalDomains 284.It Cm CanonicalDomains
293When 285When
294.Cm CanonicalizeHostname 286.Cm CanonicalizeHostname
@@ -445,8 +437,7 @@ The default is:
445.Bd -literal -offset indent 437.Bd -literal -offset indent
446chacha20-poly1305@openssh.com, 438chacha20-poly1305@openssh.com,
447aes128-ctr,aes192-ctr,aes256-ctr, 439aes128-ctr,aes192-ctr,aes256-ctr,
448aes128-gcm@openssh.com,aes256-gcm@openssh.com, 440aes128-gcm@openssh.com,aes256-gcm@openssh.com
449aes128-cbc,aes192-cbc,aes256-cbc
450.Ed 441.Ed
451.Pp 442.Pp
452The list of available ciphers may also be obtained using 443The list of available ciphers may also be obtained using
@@ -814,7 +805,7 @@ or
814(the default). 805(the default).
815.It Cm HostbasedKeyTypes 806.It Cm HostbasedKeyTypes
816Specifies the key types that will be used for hostbased authentication 807Specifies the key types that will be used for hostbased authentication
817as a comma-separated pattern list. 808as a comma-separated list of patterns.
818Alternately if the specified value begins with a 809Alternately if the specified value begins with a
819.Sq + 810.Sq +
820character, then the specified key types will be appended to the default set 811character, then the specified key types will be appended to the default set
@@ -829,9 +820,10 @@ ecdsa-sha2-nistp256-cert-v01@openssh.com,
829ecdsa-sha2-nistp384-cert-v01@openssh.com, 820ecdsa-sha2-nistp384-cert-v01@openssh.com,
830ecdsa-sha2-nistp521-cert-v01@openssh.com, 821ecdsa-sha2-nistp521-cert-v01@openssh.com,
831ssh-ed25519-cert-v01@openssh.com, 822ssh-ed25519-cert-v01@openssh.com,
823rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,
832ssh-rsa-cert-v01@openssh.com, 824ssh-rsa-cert-v01@openssh.com,
833ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, 825ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
834ssh-ed25519,ssh-rsa 826ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
835.Ed 827.Ed
836.Pp 828.Pp
837The 829The
@@ -856,9 +848,10 @@ ecdsa-sha2-nistp256-cert-v01@openssh.com,
856ecdsa-sha2-nistp384-cert-v01@openssh.com, 848ecdsa-sha2-nistp384-cert-v01@openssh.com,
857ecdsa-sha2-nistp521-cert-v01@openssh.com, 849ecdsa-sha2-nistp521-cert-v01@openssh.com,
858ssh-ed25519-cert-v01@openssh.com, 850ssh-ed25519-cert-v01@openssh.com,
851rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,
859ssh-rsa-cert-v01@openssh.com, 852ssh-rsa-cert-v01@openssh.com,
860ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, 853ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
861ssh-ed25519,ssh-rsa 854ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
862.Ed 855.Ed
863.Pp 856.Pp
864If hostkeys are known for the destination host then this default is modified 857If hostkeys are known for the destination host then this default is modified
@@ -989,7 +982,7 @@ to unknown options that appear before it.
989.It Cm Include 982.It Cm Include
990Include the specified configuration file(s). 983Include the specified configuration file(s).
991Multiple pathnames may be specified and each pathname may contain 984Multiple pathnames may be specified and each pathname may contain
992.Xr glob 3 985.Xr glob 7
993wildcards and, for user configurations, shell-like 986wildcards and, for user configurations, shell-like
994.Sq ~ 987.Sq ~
995references to user home directories. 988references to user home directories.
@@ -1040,9 +1033,11 @@ If one argument is specified, it is used as the packet class unconditionally.
1040If two values are specified, the first is automatically selected for 1033If two values are specified, the first is automatically selected for
1041interactive sessions and the second for non-interactive sessions. 1034interactive sessions and the second for non-interactive sessions.
1042The default is 1035The default is
1043.Cm lowdelay 1036.Cm af21
1037(Low-Latency Data)
1044for interactive sessions and 1038for interactive sessions and
1045.Cm throughput 1039.Cm cs1
1040(Lower Effort)
1046for non-interactive sessions. 1041for non-interactive sessions.
1047.It Cm KbdInteractiveAuthentication 1042.It Cm KbdInteractiveAuthentication
1048Specifies whether to use keyboard-interactive authentication. 1043Specifies whether to use keyboard-interactive authentication.
@@ -1058,10 +1053,9 @@ The default is to use the server specified list.
1058The methods available vary depending on what the server supports. 1053The methods available vary depending on what the server supports.
1059For an OpenSSH server, 1054For an OpenSSH server,
1060it may be zero or more of: 1055it may be zero or more of:
1061.Cm bsdauth , 1056.Cm bsdauth
1062.Cm pam ,
1063and 1057and
1064.Cm skey . 1058.Cm pam .
1065.It Cm KexAlgorithms 1059.It Cm KexAlgorithms
1066Specifies the available KEX (Key Exchange) algorithms. 1060Specifies the available KEX (Key Exchange) algorithms.
1067Multiple algorithms must be comma-separated. 1061Multiple algorithms must be comma-separated.
@@ -1295,7 +1289,7 @@ The default is
1295.Cm no . 1289.Cm no .
1296.It Cm PubkeyAcceptedKeyTypes 1290.It Cm PubkeyAcceptedKeyTypes
1297Specifies the key types that will be used for public key authentication 1291Specifies the key types that will be used for public key authentication
1298as a comma-separated pattern list. 1292as a comma-separated list of patterns.
1299Alternately if the specified value begins with a 1293Alternately if the specified value begins with a
1300.Sq + 1294.Sq +
1301character, then the key types after it will be appended to the default 1295character, then the key types after it will be appended to the default
@@ -1310,9 +1304,10 @@ ecdsa-sha2-nistp256-cert-v01@openssh.com,
1310ecdsa-sha2-nistp384-cert-v01@openssh.com, 1304ecdsa-sha2-nistp384-cert-v01@openssh.com,
1311ecdsa-sha2-nistp521-cert-v01@openssh.com, 1305ecdsa-sha2-nistp521-cert-v01@openssh.com,
1312ssh-ed25519-cert-v01@openssh.com, 1306ssh-ed25519-cert-v01@openssh.com,
1307rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,
1313ssh-rsa-cert-v01@openssh.com, 1308ssh-rsa-cert-v01@openssh.com,
1314ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, 1309ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
1315ssh-ed25519,ssh-rsa 1310ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
1316.Ed 1311.Ed
1317.Pp 1312.Pp
1318The list of available key types may also be obtained using 1313The list of available key types may also be obtained using
@@ -1363,7 +1358,7 @@ section.
1363.It Cm RemoteForward 1358.It Cm RemoteForward
1364Specifies that a TCP port on the remote machine be forwarded over 1359Specifies that a TCP port on the remote machine be forwarded over
1365the secure channel. 1360the secure channel.
1366The remote port may either be fowarded to a specified host and port 1361The remote port may either be forwarded to a specified host and port
1367from the local machine, or may act as a SOCKS 4/5 proxy that allows a remote 1362from the local machine, or may act as a SOCKS 4/5 proxy that allows a remote
1368client to connect to arbitrary destinations from the local machine. 1363client to connect to arbitrary destinations from the local machine.
1369The first argument must be 1364The first argument must be
@@ -1449,11 +1444,16 @@ Multiple environment variables may be separated by whitespace or spread
1449across multiple 1444across multiple
1450.Cm SendEnv 1445.Cm SendEnv
1451directives. 1446directives.
1452The default is not to send any environment variables.
1453.Pp 1447.Pp
1454See 1448See
1455.Sx PATTERNS 1449.Sx PATTERNS
1456for more information on patterns. 1450for more information on patterns.
1451.Pp
1452It is possible to clear previously set
1453.Cm SendEnv
1454variable names by prefixing patterns with
1455.Pa - .
1456The default is not to send any environment variables.
1457.It Cm ServerAliveCountMax 1457.It Cm ServerAliveCountMax
1458Sets the number of server alive messages (see below) which may be 1458Sets the number of server alive messages (see below) which may be
1459sent without 1459sent without
@@ -1495,6 +1495,12 @@ option is set (Debian-specific).
1495and 1495and
1496.Cm SetupTimeOut 1496.Cm SetupTimeOut
1497are Debian-specific compatibility aliases for this option. 1497are Debian-specific compatibility aliases for this option.
1498.It Cm SetEnv
1499Directly specify one or more environment variables and their contents to
1500be sent to the server.
1501Similarly to
1502.Cm SendEnv ,
1503the server must be prepared to accept the environment variable.
1498.It Cm StreamLocalBindMask 1504.It Cm StreamLocalBindMask
1499Sets the octal file creation mode mask 1505Sets the octal file creation mode mask
1500.Pq umask 1506.Pq umask
@@ -1657,17 +1663,6 @@ Presently, only
1657from OpenSSH 6.8 and greater support the 1663from OpenSSH 6.8 and greater support the
1658.Qq hostkeys@openssh.com 1664.Qq hostkeys@openssh.com
1659protocol extension used to inform the client of all the server's hostkeys. 1665protocol extension used to inform the client of all the server's hostkeys.
1660.It Cm UsePrivilegedPort
1661Specifies whether to use a privileged port for outgoing connections.
1662The argument must be
1663.Cm yes
1664or
1665.Cm no
1666(the default).
1667If set to
1668.Cm yes ,
1669.Xr ssh 1
1670must be setuid root.
1671.It Cm User 1666.It Cm User
1672Specifies the user to log in as. 1667Specifies the user to log in as.
1673This can be useful when a different user name is used on different machines. 1668This can be useful when a different user name is used on different machines.
@@ -1806,10 +1801,10 @@ The local username.
1806.El 1801.El
1807.Pp 1802.Pp
1808.Cm Match exec 1803.Cm Match exec
1809accepts the tokens %%, %h, %L, %l, %n, %p, %r, and %u. 1804accepts the tokens %%, %h, %i, %L, %l, %n, %p, %r, and %u.
1810.Pp 1805.Pp
1811.Cm CertificateFile 1806.Cm CertificateFile
1812accepts the tokens %%, %d, %h, %l, %r, and %u. 1807accepts the tokens %%, %d, %h, %i, %l, %r, and %u.
1813.Pp 1808.Pp
1814.Cm ControlPath 1809.Cm ControlPath
1815accepts the tokens %%, %C, %h, %i, %L, %l, %n, %p, %r, and %u. 1810accepts the tokens %%, %C, %h, %i, %L, %l, %n, %p, %r, and %u.
@@ -1820,16 +1815,16 @@ accepts the tokens %% and %h.
1820.Cm IdentityAgent 1815.Cm IdentityAgent
1821and 1816and
1822.Cm IdentityFile 1817.Cm IdentityFile
1823accept the tokens %%, %d, %h, %l, %r, and %u. 1818accept the tokens %%, %d, %h, %i, %l, %r, and %u.
1824.Pp 1819.Pp
1825.Cm LocalCommand 1820.Cm LocalCommand
1826accepts the tokens %%, %C, %d, %h, %l, %n, %p, %r, %T, and %u. 1821accepts the tokens %%, %C, %d, %h, %i, %l, %n, %p, %r, %T, and %u.
1827.Pp 1822.Pp
1828.Cm ProxyCommand 1823.Cm ProxyCommand
1829accepts the tokens %%, %h, %p, and %r. 1824accepts the tokens %%, %h, %p, and %r.
1830.Pp 1825.Pp
1831.Cm RemoteCommand 1826.Cm RemoteCommand
1832accepts the tokens %%, %C, %d, %h, %l, %n, %p, %r, and %u. 1827accepts the tokens %%, %C, %d, %h, %i, %l, %n, %p, %r, and %u.
1833.Sh FILES 1828.Sh FILES
1834.Bl -tag -width Ds 1829.Bl -tag -width Ds
1835.It Pa ~/.ssh/config 1830.It Pa ~/.ssh/config
diff --git a/sshbuf.c b/sshbuf.c
index de783a363..20ddf9eb6 100644
--- a/sshbuf.c
+++ b/sshbuf.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: sshbuf.c,v 1.11 2017/06/01 06:58:25 djm Exp $ */ 1/* $OpenBSD: sshbuf.c,v 1.12 2018/07/09 21:56:06 markus Exp $ */
2/* 2/*
3 * Copyright (c) 2011 Damien Miller 3 * Copyright (c) 2011 Damien Miller
4 * 4 *
@@ -36,7 +36,6 @@ sshbuf_check_sanity(const struct sshbuf *buf)
36 (!buf->readonly && buf->d != buf->cd) || 36 (!buf->readonly && buf->d != buf->cd) ||
37 buf->refcount < 1 || buf->refcount > SSHBUF_REFS_MAX || 37 buf->refcount < 1 || buf->refcount > SSHBUF_REFS_MAX ||
38 buf->cd == NULL || 38 buf->cd == NULL ||
39 (buf->dont_free && (buf->readonly || buf->parent != NULL)) ||
40 buf->max_size > SSHBUF_SIZE_MAX || 39 buf->max_size > SSHBUF_SIZE_MAX ||
41 buf->alloc > buf->max_size || 40 buf->alloc > buf->max_size ||
42 buf->size > buf->alloc || 41 buf->size > buf->alloc ||
@@ -132,23 +131,8 @@ sshbuf_fromb(struct sshbuf *buf)
132} 131}
133 132
134void 133void
135sshbuf_init(struct sshbuf *ret)
136{
137 explicit_bzero(ret, sizeof(*ret));
138 ret->alloc = SSHBUF_SIZE_INIT;
139 ret->max_size = SSHBUF_SIZE_MAX;
140 ret->readonly = 0;
141 ret->dont_free = 1;
142 ret->refcount = 1;
143 if ((ret->cd = ret->d = calloc(1, ret->alloc)) == NULL)
144 ret->alloc = 0;
145}
146
147void
148sshbuf_free(struct sshbuf *buf) 134sshbuf_free(struct sshbuf *buf)
149{ 135{
150 int dont_free = 0;
151
152 if (buf == NULL) 136 if (buf == NULL)
153 return; 137 return;
154 /* 138 /*
@@ -173,14 +157,12 @@ sshbuf_free(struct sshbuf *buf)
173 buf->refcount--; 157 buf->refcount--;
174 if (buf->refcount > 0) 158 if (buf->refcount > 0)
175 return; 159 return;
176 dont_free = buf->dont_free;
177 if (!buf->readonly) { 160 if (!buf->readonly) {
178 explicit_bzero(buf->d, buf->alloc); 161 explicit_bzero(buf->d, buf->alloc);
179 free(buf->d); 162 free(buf->d);
180 } 163 }
181 explicit_bzero(buf, sizeof(*buf)); 164 explicit_bzero(buf, sizeof(*buf));
182 if (!dont_free) 165 free(buf);
183 free(buf);
184} 166}
185 167
186void 168void
diff --git a/sshbuf.h b/sshbuf.h
index 77f1e9e6d..a43598cac 100644
--- a/sshbuf.h
+++ b/sshbuf.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: sshbuf.h,v 1.9 2017/09/12 06:32:07 djm Exp $ */ 1/* $OpenBSD: sshbuf.h,v 1.11 2018/07/09 21:56:06 markus Exp $ */
2/* 2/*
3 * Copyright (c) 2011 Damien Miller 3 * Copyright (c) 2011 Damien Miller
4 * 4 *
@@ -50,15 +50,6 @@ struct sshbuf {
50 struct sshbuf *parent; /* If child, pointer to parent */ 50 struct sshbuf *parent; /* If child, pointer to parent */
51}; 51};
52 52
53#ifndef SSHBUF_NO_DEPREACTED
54/*
55 * NB. Please do not use sshbuf_init() in new code. Please use sshbuf_new()
56 * instead. sshbuf_init() is deprectated and will go away soon (it is
57 * only included to allow compat with buffer_* in OpenSSH)
58 */
59void sshbuf_init(struct sshbuf *buf);
60#endif
61
62/* 53/*
63 * Create a new sshbuf buffer. 54 * Create a new sshbuf buffer.
64 * Returns pointer to buffer on success, or NULL on allocation failure. 55 * Returns pointer to buffer on success, or NULL on allocation failure.
diff --git a/sshconnect.c b/sshconnect.c
index 15d8b807e..d3656e47a 100644
--- a/sshconnect.c
+++ b/sshconnect.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: sshconnect.c,v 1.297 2018/02/23 15:58:38 markus Exp $ */ 1/* $OpenBSD: sshconnect.c,v 1.304 2018/07/27 05:34:42 dtucker Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -49,14 +49,12 @@
49#endif 49#endif
50 50
51#include "xmalloc.h" 51#include "xmalloc.h"
52#include "key.h"
53#include "hostfile.h" 52#include "hostfile.h"
54#include "ssh.h" 53#include "ssh.h"
55#include "buffer.h" 54#include "sshbuf.h"
56#include "packet.h" 55#include "packet.h"
57#include "uidswap.h"
58#include "compat.h" 56#include "compat.h"
59#include "key.h" 57#include "sshkey.h"
60#include "sshconnect.h" 58#include "sshconnect.h"
61#include "hostfile.h" 59#include "hostfile.h"
62#include "log.h" 60#include "log.h"
@@ -82,8 +80,6 @@ static pid_t proxy_command_pid = 0;
82/* import */ 80/* import */
83extern Options options; 81extern Options options;
84extern char *__progname; 82extern char *__progname;
85extern uid_t original_real_uid;
86extern uid_t original_effective_uid;
87 83
88static int show_other_keys(struct hostkeys *, struct sshkey *); 84static int show_other_keys(struct hostkeys *, struct sshkey *);
89static void warn_changed_key(struct sshkey *); 85static void warn_changed_key(struct sshkey *);
@@ -131,9 +127,6 @@ ssh_proxy_fdpass_connect(struct ssh *ssh, const char *host, u_short port,
131 if ((pid = fork()) == 0) { 127 if ((pid = fork()) == 0) {
132 char *argv[10]; 128 char *argv[10];
133 129
134 /* Child. Permanently give up superuser privileges. */
135 permanently_drop_suid(original_real_uid);
136
137 close(sp[1]); 130 close(sp[1]);
138 /* Redirect stdin and stdout. */ 131 /* Redirect stdin and stdout. */
139 if (sp[0] != 0) { 132 if (sp[0] != 0) {
@@ -213,9 +206,6 @@ ssh_proxy_connect(struct ssh *ssh, const char *host, u_short port,
213 if ((pid = fork()) == 0) { 206 if ((pid = fork()) == 0) {
214 char *argv[10]; 207 char *argv[10];
215 208
216 /* Child. Permanently give up superuser privileges. */
217 permanently_drop_suid(original_real_uid);
218
219 /* Redirect stdin and stdout. */ 209 /* Redirect stdin and stdout. */
220 close(pin[1]); 210 close(pin[1]);
221 if (pin[0] != 0) { 211 if (pin[0] != 0) {
@@ -277,7 +267,7 @@ ssh_kill_proxy_command(void)
277#ifdef HAVE_IFADDRS_H 267#ifdef HAVE_IFADDRS_H
278/* 268/*
279 * Search a interface address list (returned from getifaddrs(3)) for an 269 * Search a interface address list (returned from getifaddrs(3)) for an
280 * address that matches the desired address family on the specifed interface. 270 * address that matches the desired address family on the specified interface.
281 * Returns 0 and fills in *resultp and *rlenp on success. Returns -1 on failure. 271 * Returns 0 and fills in *resultp and *rlenp on success. Returns -1 on failure.
282 */ 272 */
283static int 273static int
@@ -338,12 +328,12 @@ check_ifaddrs(const char *ifname, int af, const struct ifaddrs *ifaddrs,
338#endif 328#endif
339 329
340/* 330/*
341 * Creates a (possibly privileged) socket for use as the ssh connection. 331 * Creates a socket for use as the ssh connection.
342 */ 332 */
343static int 333static int
344ssh_create_socket(int privileged, struct addrinfo *ai) 334ssh_create_socket(struct addrinfo *ai)
345{ 335{
346 int sock, r, oerrno; 336 int sock, r;
347 struct sockaddr_storage bindaddr; 337 struct sockaddr_storage bindaddr;
348 socklen_t bindaddrlen = 0; 338 socklen_t bindaddrlen = 0;
349 struct addrinfo hints, *res = NULL; 339 struct addrinfo hints, *res = NULL;
@@ -360,8 +350,7 @@ ssh_create_socket(int privileged, struct addrinfo *ai)
360 fcntl(sock, F_SETFD, FD_CLOEXEC); 350 fcntl(sock, F_SETFD, FD_CLOEXEC);
361 351
362 /* Bind the socket to an alternative local IP address */ 352 /* Bind the socket to an alternative local IP address */
363 if (options.bind_address == NULL && options.bind_interface == NULL && 353 if (options.bind_address == NULL && options.bind_interface == NULL)
364 !privileged)
365 return sock; 354 return sock;
366 355
367 if (options.bind_address != NULL) { 356 if (options.bind_address != NULL) {
@@ -410,22 +399,7 @@ ssh_create_socket(int privileged, struct addrinfo *ai)
410 ssh_gai_strerror(r)); 399 ssh_gai_strerror(r));
411 goto fail; 400 goto fail;
412 } 401 }
413 /* 402 if (bind(sock, (struct sockaddr *)&bindaddr, bindaddrlen) != 0) {
414 * If we are running as root and want to connect to a privileged
415 * port, bind our own socket to a privileged port.
416 */
417 if (privileged) {
418 PRIV_START;
419 r = bindresvport_sa(sock,
420 bindaddrlen == 0 ? NULL : (struct sockaddr *)&bindaddr);
421 oerrno = errno;
422 PRIV_END;
423 if (r < 0) {
424 error("bindresvport_sa %s: %s", ntop,
425 strerror(oerrno));
426 goto fail;
427 }
428 } else if (bind(sock, (struct sockaddr *)&bindaddr, bindaddrlen) != 0) {
429 error("bind %s: %s", ntop, strerror(errno)); 403 error("bind %s: %s", ntop, strerror(errno));
430 goto fail; 404 goto fail;
431 } 405 }
@@ -515,9 +489,7 @@ timeout_connect(int sockfd, const struct sockaddr *serv_addr,
515/* 489/*
516 * Opens a TCP/IP connection to the remote server on the given host. 490 * Opens a TCP/IP connection to the remote server on the given host.
517 * The address of the remote host will be returned in hostaddr. 491 * The address of the remote host will be returned in hostaddr.
518 * If port is 0, the default port will be used. If needpriv is true, 492 * If port is 0, the default port will be used.
519 * a privileged port will be allocated to make the connection.
520 * This requires super-user privileges if needpriv is true.
521 * Connection_attempts specifies the maximum number of tries (one per 493 * Connection_attempts specifies the maximum number of tries (one per
522 * second). If proxy_command is non-NULL, it specifies the command (with %h 494 * second). If proxy_command is non-NULL, it specifies the command (with %h
523 * and %p substituted for host and port, respectively) to use to contact 495 * and %p substituted for host and port, respectively) to use to contact
@@ -526,14 +498,14 @@ timeout_connect(int sockfd, const struct sockaddr *serv_addr,
526static int 498static int
527ssh_connect_direct(struct ssh *ssh, const char *host, struct addrinfo *aitop, 499ssh_connect_direct(struct ssh *ssh, const char *host, struct addrinfo *aitop,
528 struct sockaddr_storage *hostaddr, u_short port, int family, 500 struct sockaddr_storage *hostaddr, u_short port, int family,
529 int connection_attempts, int *timeout_ms, int want_keepalive, int needpriv) 501 int connection_attempts, int *timeout_ms, int want_keepalive)
530{ 502{
531 int on = 1; 503 int on = 1;
532 int oerrno, sock = -1, attempt; 504 int oerrno, sock = -1, attempt;
533 char ntop[NI_MAXHOST], strport[NI_MAXSERV]; 505 char ntop[NI_MAXHOST], strport[NI_MAXSERV];
534 struct addrinfo *ai; 506 struct addrinfo *ai;
535 507
536 debug2("%s: needpriv %d", __func__, needpriv); 508 debug2("%s", __func__);
537 memset(ntop, 0, sizeof(ntop)); 509 memset(ntop, 0, sizeof(ntop));
538 memset(strport, 0, sizeof(strport)); 510 memset(strport, 0, sizeof(strport));
539 511
@@ -565,7 +537,7 @@ ssh_connect_direct(struct ssh *ssh, const char *host, struct addrinfo *aitop,
565 host, ntop, strport); 537 host, ntop, strport);
566 538
567 /* Create a socket for connecting. */ 539 /* Create a socket for connecting. */
568 sock = ssh_create_socket(needpriv, ai); 540 sock = ssh_create_socket(ai);
569 if (sock < 0) { 541 if (sock < 0) {
570 /* Any error is already output */ 542 /* Any error is already output */
571 errno = 0; 543 errno = 0;
@@ -615,12 +587,11 @@ ssh_connect_direct(struct ssh *ssh, const char *host, struct addrinfo *aitop,
615int 587int
616ssh_connect(struct ssh *ssh, const char *host, struct addrinfo *addrs, 588ssh_connect(struct ssh *ssh, const char *host, struct addrinfo *addrs,
617 struct sockaddr_storage *hostaddr, u_short port, int family, 589 struct sockaddr_storage *hostaddr, u_short port, int family,
618 int connection_attempts, int *timeout_ms, int want_keepalive, int needpriv) 590 int connection_attempts, int *timeout_ms, int want_keepalive)
619{ 591{
620 if (options.proxy_command == NULL) { 592 if (options.proxy_command == NULL) {
621 return ssh_connect_direct(ssh, host, addrs, hostaddr, port, 593 return ssh_connect_direct(ssh, host, addrs, hostaddr, port,
622 family, connection_attempts, timeout_ms, want_keepalive, 594 family, connection_attempts, timeout_ms, want_keepalive);
623 needpriv);
624 } else if (strcmp(options.proxy_command, "-") == 0) { 595 } else if (strcmp(options.proxy_command, "-") == 0) {
625 if ((ssh_packet_set_connection(ssh, 596 if ((ssh_packet_set_connection(ssh,
626 STDIN_FILENO, STDOUT_FILENO)) == NULL) 597 STDIN_FILENO, STDOUT_FILENO)) == NULL)
@@ -767,11 +738,11 @@ check_host_cert(const char *host, const struct sshkey *host_key)
767{ 738{
768 const char *reason; 739 const char *reason;
769 740
770 if (key_cert_check_authority(host_key, 1, 0, host, &reason) != 0) { 741 if (sshkey_cert_check_authority(host_key, 1, 0, host, &reason) != 0) {
771 error("%s", reason); 742 error("%s", reason);
772 return 0; 743 return 0;
773 } 744 }
774 if (buffer_len(host_key->cert->critical) != 0) { 745 if (sshbuf_len(host_key->cert->critical) != 0) {
775 error("Certificate for %s contains unsupported " 746 error("Certificate for %s contains unsupported "
776 "critical options(s)", host); 747 "critical options(s)", host);
777 return 0; 748 return 0;
@@ -1503,9 +1474,9 @@ show_other_keys(struct hostkeys *hostkeys, struct sshkey *key)
1503 logit("WARNING: %s key found for host %s\n" 1474 logit("WARNING: %s key found for host %s\n"
1504 "in %s:%lu\n" 1475 "in %s:%lu\n"
1505 "%s key fingerprint %s.", 1476 "%s key fingerprint %s.",
1506 key_type(found->key), 1477 sshkey_type(found->key),
1507 found->host, found->file, found->line, 1478 found->host, found->file, found->line,
1508 key_type(found->key), fp); 1479 sshkey_type(found->key), fp);
1509 if (options.visual_host_key) 1480 if (options.visual_host_key)
1510 logit("%s", ra); 1481 logit("%s", ra);
1511 free(ra); 1482 free(ra);
@@ -1532,7 +1503,7 @@ warn_changed_key(struct sshkey *host_key)
1532 error("Someone could be eavesdropping on you right now (man-in-the-middle attack)!"); 1503 error("Someone could be eavesdropping on you right now (man-in-the-middle attack)!");
1533 error("It is also possible that a host key has just been changed."); 1504 error("It is also possible that a host key has just been changed.");
1534 error("The fingerprint for the %s key sent by the remote host is\n%s.", 1505 error("The fingerprint for the %s key sent by the remote host is\n%s.",
1535 key_type(host_key), fp); 1506 sshkey_type(host_key), fp);
1536 error("Please contact your system administrator."); 1507 error("Please contact your system administrator.");
1537 1508
1538 free(fp); 1509 free(fp);
diff --git a/sshconnect.h b/sshconnect.h
index dd648b096..890d85733 100644
--- a/sshconnect.h
+++ b/sshconnect.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: sshconnect.h,v 1.32 2018/02/10 09:25:35 djm Exp $ */ 1/* $OpenBSD: sshconnect.h,v 1.35 2018/07/19 10:28:47 dtucker Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2000 Markus Friedl. All rights reserved. 4 * Copyright (c) 2000 Markus Friedl. All rights reserved.
@@ -28,14 +28,13 @@ typedef struct Sensitive Sensitive;
28struct Sensitive { 28struct Sensitive {
29 struct sshkey **keys; 29 struct sshkey **keys;
30 int nkeys; 30 int nkeys;
31 int external_keysign;
32}; 31};
33 32
34struct addrinfo; 33struct addrinfo;
35struct ssh; 34struct ssh;
36 35
37int ssh_connect(struct ssh *, const char *, struct addrinfo *, 36int ssh_connect(struct ssh *, const char *, struct addrinfo *,
38 struct sockaddr_storage *, u_short, int, int, int *, int, int); 37 struct sockaddr_storage *, u_short, int, int, int *, int);
39void ssh_kill_proxy_command(void); 38void ssh_kill_proxy_command(void);
40 39
41void ssh_login(Sensitive *, const char *, struct sockaddr *, u_short, 40void ssh_login(Sensitive *, const char *, struct sockaddr *, u_short,
@@ -58,22 +57,3 @@ void ssh_put_password(char *);
58int ssh_local_cmd(const char *); 57int ssh_local_cmd(const char *);
59 58
60void maybe_add_key_to_agent(char *, const struct sshkey *, char *, char *); 59void maybe_add_key_to_agent(char *, const struct sshkey *, char *, char *);
61
62/*
63 * Macros to raise/lower permissions.
64 */
65#define PRIV_START do { \
66 int save_errno = errno; \
67 if (seteuid(original_effective_uid) != 0) \
68 fatal("PRIV_START: seteuid: %s", \
69 strerror(errno)); \
70 errno = save_errno; \
71} while (0)
72
73#define PRIV_END do { \
74 int save_errno = errno; \
75 if (seteuid(original_real_uid) != 0) \
76 fatal("PRIV_END: seteuid: %s", \
77 strerror(errno)); \
78 errno = save_errno; \
79} while (0)
diff --git a/sshconnect2.c b/sshconnect2.c
index 83562c688..c6a1b1271 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: sshconnect2.c,v 1.270 2018/03/24 19:28:43 markus Exp $ */ 1/* $OpenBSD: sshconnect2.c,v 1.284 2018/08/13 02:41:05 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2000 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000 Markus Friedl. All rights reserved.
4 * Copyright (c) 2008 Damien Miller. All rights reserved. 4 * Copyright (c) 2008 Damien Miller. All rights reserved.
@@ -49,11 +49,11 @@
49#include "xmalloc.h" 49#include "xmalloc.h"
50#include "ssh.h" 50#include "ssh.h"
51#include "ssh2.h" 51#include "ssh2.h"
52#include "buffer.h" 52#include "sshbuf.h"
53#include "packet.h" 53#include "packet.h"
54#include "compat.h" 54#include "compat.h"
55#include "cipher.h" 55#include "cipher.h"
56#include "key.h" 56#include "sshkey.h"
57#include "kex.h" 57#include "kex.h"
58#include "myproposal.h" 58#include "myproposal.h"
59#include "sshconnect.h" 59#include "sshconnect.h"
@@ -158,7 +158,7 @@ void
158ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port) 158ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port)
159{ 159{
160 char *myproposal[PROPOSAL_MAX] = { KEX_CLIENT }; 160 char *myproposal[PROPOSAL_MAX] = { KEX_CLIENT };
161 char *s; 161 char *s, *all_key;
162 struct kex *kex; 162 struct kex *kex;
163 int r; 163 int r;
164 164
@@ -183,9 +183,11 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port)
183 myproposal[PROPOSAL_MAC_ALGS_CTOS] = 183 myproposal[PROPOSAL_MAC_ALGS_CTOS] =
184 myproposal[PROPOSAL_MAC_ALGS_STOC] = options.macs; 184 myproposal[PROPOSAL_MAC_ALGS_STOC] = options.macs;
185 if (options.hostkeyalgorithms != NULL) { 185 if (options.hostkeyalgorithms != NULL) {
186 if (kex_assemble_names(KEX_DEFAULT_PK_ALG, 186 all_key = sshkey_alg_list(0, 0, 1, ',');
187 &options.hostkeyalgorithms) != 0) 187 if (kex_assemble_names(&options.hostkeyalgorithms,
188 KEX_DEFAULT_PK_ALG, all_key) != 0)
188 fatal("%s: kex_assemble_namelist", __func__); 189 fatal("%s: kex_assemble_namelist", __func__);
190 free(all_key);
189 myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = 191 myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] =
190 compat_pkalg_proposal(options.hostkeyalgorithms); 192 compat_pkalg_proposal(options.hostkeyalgorithms);
191 } else { 193 } else {
@@ -290,10 +292,11 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port)
290 292
291#ifdef DEBUG_KEXDH 293#ifdef DEBUG_KEXDH
292 /* send 1st encrypted/maced/compressed message */ 294 /* send 1st encrypted/maced/compressed message */
293 packet_start(SSH2_MSG_IGNORE); 295 if ((r = sshpkt_start(ssh, SSH2_MSG_IGNORE)) != 0 ||
294 packet_put_cstring("markus"); 296 (r = sshpkt_put_cstring(ssh, "markus")) != 0 ||
295 packet_send(); 297 (r = sshpkt_send(ssh)) != 0 ||
296 packet_write_wait(); 298 (r = ssh_packet_write_wait(ssh)) != 0)
299 fatal("%s: %s", __func__, ssh_err(r));
297#endif 300#endif
298} 301}
299 302
@@ -376,7 +379,7 @@ int userauth_gsskeyex(Authctxt *authctxt);
376 379
377void userauth(Authctxt *, char *); 380void userauth(Authctxt *, char *);
378 381
379static int sign_and_send_pubkey(Authctxt *, Identity *); 382static int sign_and_send_pubkey(struct ssh *ssh, Authctxt *, Identity *);
380static void pubkey_prepare(Authctxt *); 383static void pubkey_prepare(Authctxt *);
381static void pubkey_cleanup(Authctxt *); 384static void pubkey_cleanup(Authctxt *);
382static void pubkey_reset(Authctxt *); 385static void pubkey_reset(Authctxt *);
@@ -521,6 +524,8 @@ input_userauth_ext_info(int type, u_int32_t seqnr, struct ssh *ssh)
521void 524void
522userauth(Authctxt *authctxt, char *authlist) 525userauth(Authctxt *authctxt, char *authlist)
523{ 526{
527 struct ssh *ssh = active_state; /* XXX */
528
524 if (authctxt->method != NULL && authctxt->method->cleanup != NULL) 529 if (authctxt->method != NULL && authctxt->method->cleanup != NULL)
525 authctxt->method->cleanup(authctxt); 530 authctxt->method->cleanup(authctxt);
526 531
@@ -540,7 +545,7 @@ userauth(Authctxt *authctxt, char *authlist)
540 authctxt->method = method; 545 authctxt->method = method;
541 546
542 /* reset the per method handler */ 547 /* reset the per method handler */
543 dispatch_range(SSH2_MSG_USERAUTH_PER_METHOD_MIN, 548 ssh_dispatch_range(ssh, SSH2_MSG_USERAUTH_PER_METHOD_MIN,
544 SSH2_MSG_USERAUTH_PER_METHOD_MAX, NULL); 549 SSH2_MSG_USERAUTH_PER_METHOD_MAX, NULL);
545 550
546 /* and try new method */ 551 /* and try new method */
@@ -617,14 +622,16 @@ input_userauth_failure(int type, u_int32_t seq, struct ssh *ssh)
617{ 622{
618 Authctxt *authctxt = ssh->authctxt; 623 Authctxt *authctxt = ssh->authctxt;
619 char *authlist = NULL; 624 char *authlist = NULL;
620 int partial; 625 u_char partial;
626 int r;
621 627
622 if (authctxt == NULL) 628 if (authctxt == NULL)
623 fatal("input_userauth_failure: no authentication context"); 629 fatal("input_userauth_failure: no authentication context");
624 630
625 authlist = packet_get_string(NULL); 631 if ((r = sshpkt_get_cstring(ssh, &authlist, NULL)) != 0 ||
626 partial = packet_get_char(); 632 (r = sshpkt_get_u8(ssh, &partial)) != 0 ||
627 packet_check_eom(); 633 (r = sshpkt_get_end(ssh)) != 0)
634 goto out;
628 635
629 if (partial != 0) { 636 if (partial != 0) {
630 verbose("Authenticated with partial success."); 637 verbose("Authenticated with partial success.");
@@ -634,6 +641,9 @@ input_userauth_failure(int type, u_int32_t seq, struct ssh *ssh)
634 debug("Authentications that can continue: %s", authlist); 641 debug("Authentications that can continue: %s", authlist);
635 642
636 userauth(authctxt, authlist); 643 userauth(authctxt, authlist);
644 authlist = NULL;
645 out:
646 free(authlist);
637 return 0; 647 return 0;
638} 648}
639 649
@@ -645,25 +655,27 @@ input_userauth_pk_ok(int type, u_int32_t seq, struct ssh *ssh)
645 struct sshkey *key = NULL; 655 struct sshkey *key = NULL;
646 Identity *id = NULL; 656 Identity *id = NULL;
647 int pktype, sent = 0; 657 int pktype, sent = 0;
648 u_int alen, blen; 658 size_t blen;
649 char *pkalg, *fp; 659 char *pkalg = NULL, *fp;
650 u_char *pkblob; 660 u_char *pkblob = NULL;
661 int r;
651 662
652 if (authctxt == NULL) 663 if (authctxt == NULL)
653 fatal("input_userauth_pk_ok: no authentication context"); 664 fatal("input_userauth_pk_ok: no authentication context");
654 665
655 pkalg = packet_get_string(&alen); 666 if ((r = sshpkt_get_cstring(ssh, &pkalg, NULL)) != 0 ||
656 pkblob = packet_get_string(&blen); 667 (r = sshpkt_get_string(ssh, &pkblob, &blen)) != 0 ||
657 packet_check_eom(); 668 (r = sshpkt_get_end(ssh)) != 0)
669 goto done;
658 670
659 debug("Server accepts key: pkalg %s blen %u", pkalg, blen); 671 debug("Server accepts key: pkalg %s blen %zu", pkalg, blen);
660 672
661 if ((pktype = key_type_from_name(pkalg)) == KEY_UNSPEC) { 673 if ((pktype = sshkey_type_from_name(pkalg)) == KEY_UNSPEC) {
662 debug("unknown pkalg %s", pkalg); 674 debug("unknown pkalg %s", pkalg);
663 goto done; 675 goto done;
664 } 676 }
665 if ((key = key_from_blob(pkblob, blen)) == NULL) { 677 if ((r = sshkey_from_blob(pkblob, blen, &key)) != 0) {
666 debug("no key from blob. pkalg %s", pkalg); 678 debug("no key from blob. pkalg %s: %s", pkalg, ssh_err(r));
667 goto done; 679 goto done;
668 } 680 }
669 if (key->type != pktype) { 681 if (key->type != pktype) {
@@ -684,31 +696,33 @@ input_userauth_pk_ok(int type, u_int32_t seq, struct ssh *ssh)
684 * duplicate keys 696 * duplicate keys
685 */ 697 */
686 TAILQ_FOREACH_REVERSE(id, &authctxt->keys, idlist, next) { 698 TAILQ_FOREACH_REVERSE(id, &authctxt->keys, idlist, next) {
687 if (key_equal(key, id->key)) { 699 if (sshkey_equal(key, id->key)) {
688 sent = sign_and_send_pubkey(authctxt, id); 700 sent = sign_and_send_pubkey(ssh, authctxt, id);
689 break; 701 break;
690 } 702 }
691 } 703 }
692done: 704 r = 0;
693 key_free(key); 705 done:
706 sshkey_free(key);
694 free(pkalg); 707 free(pkalg);
695 free(pkblob); 708 free(pkblob);
696 709
697 /* try another method if we did not send a packet */ 710 /* try another method if we did not send a packet */
698 if (sent == 0) 711 if (r == 0 && sent == 0)
699 userauth(authctxt, NULL); 712 userauth(authctxt, NULL);
700 return 0; 713 return r;
701} 714}
702 715
703#ifdef GSSAPI 716#ifdef GSSAPI
704int 717int
705userauth_gssapi(Authctxt *authctxt) 718userauth_gssapi(Authctxt *authctxt)
706{ 719{
720 struct ssh *ssh = active_state; /* XXX */
707 Gssctxt *gssctxt = NULL; 721 Gssctxt *gssctxt = NULL;
708 static gss_OID_set gss_supported = NULL; 722 static gss_OID_set gss_supported = NULL;
709 static u_int mech = 0; 723 static u_int mech = 0;
710 OM_uint32 min; 724 OM_uint32 min;
711 int ok = 0; 725 int r, ok = 0;
712 char *gss_host; 726 char *gss_host;
713 727
714 if (options.gss_server_identity) 728 if (options.gss_server_identity)
@@ -732,8 +746,8 @@ userauth_gssapi(Authctxt *authctxt)
732 while (mech < gss_supported->count && !ok) { 746 while (mech < gss_supported->count && !ok) {
733 /* My DER encoding requires length<128 */ 747 /* My DER encoding requires length<128 */
734 if (gss_supported->elements[mech].length < 128 && 748 if (gss_supported->elements[mech].length < 128 &&
735 ssh_gssapi_check_mechanism(&gssctxt, 749 ssh_gssapi_check_mechanism(&gssctxt,
736 &gss_supported->elements[mech], gss_host, 750 &gss_supported->elements[mech], gss_host,
737 options.gss_client_identity)) { 751 options.gss_client_identity)) {
738 ok = 1; /* Mechanism works */ 752 ok = 1; /* Mechanism works */
739 } else { 753 } else {
@@ -748,25 +762,26 @@ userauth_gssapi(Authctxt *authctxt)
748 762
749 authctxt->methoddata=(void *)gssctxt; 763 authctxt->methoddata=(void *)gssctxt;
750 764
751 packet_start(SSH2_MSG_USERAUTH_REQUEST); 765 if ((r = sshpkt_start(ssh, SSH2_MSG_USERAUTH_REQUEST)) != 0 ||
752 packet_put_cstring(authctxt->server_user); 766 (r = sshpkt_put_cstring(ssh, authctxt->server_user)) != 0 ||
753 packet_put_cstring(authctxt->service); 767 (r = sshpkt_put_cstring(ssh, authctxt->service)) != 0 ||
754 packet_put_cstring(authctxt->method->name); 768 (r = sshpkt_put_cstring(ssh, authctxt->method->name)) != 0 ||
755 769 (r = sshpkt_put_u32(ssh, 1)) != 0 ||
756 packet_put_int(1); 770 (r = sshpkt_put_u32(ssh,
757 771 (gss_supported->elements[mech].length) + 2)) != 0 ||
758 packet_put_int((gss_supported->elements[mech].length) + 2); 772 (r = sshpkt_put_u8(ssh, SSH_GSS_OIDTYPE)) != 0 ||
759 packet_put_char(SSH_GSS_OIDTYPE); 773 (r = sshpkt_put_u8(ssh,
760 packet_put_char(gss_supported->elements[mech].length); 774 gss_supported->elements[mech].length)) != 0 ||
761 packet_put_raw(gss_supported->elements[mech].elements, 775 (r = sshpkt_put(ssh,
762 gss_supported->elements[mech].length); 776 gss_supported->elements[mech].elements,
763 777 gss_supported->elements[mech].length)) != 0 ||
764 packet_send(); 778 (r = sshpkt_send(ssh)) != 0)
779 fatal("%s: %s", __func__, ssh_err(r));
765 780
766 dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_RESPONSE, &input_gssapi_response); 781 ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_RESPONSE, &input_gssapi_response);
767 dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, &input_gssapi_token); 782 ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_TOKEN, &input_gssapi_token);
768 dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_ERROR, &input_gssapi_error); 783 ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_ERROR, &input_gssapi_error);
769 dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_ERRTOK, &input_gssapi_errtok); 784 ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_GSSAPI_ERRTOK, &input_gssapi_errtok);
770 785
771 mech++; /* Move along to next candidate */ 786 mech++; /* Move along to next candidate */
772 787
@@ -782,44 +797,56 @@ process_gssapi_token(struct ssh *ssh, gss_buffer_t recv_tok)
782 gss_buffer_desc mic = GSS_C_EMPTY_BUFFER; 797 gss_buffer_desc mic = GSS_C_EMPTY_BUFFER;
783 gss_buffer_desc gssbuf; 798 gss_buffer_desc gssbuf;
784 OM_uint32 status, ms, flags; 799 OM_uint32 status, ms, flags;
785 Buffer b; 800 int r;
786 801
787 status = ssh_gssapi_init_ctx(gssctxt, options.gss_deleg_creds, 802 status = ssh_gssapi_init_ctx(gssctxt, options.gss_deleg_creds,
788 recv_tok, &send_tok, &flags); 803 recv_tok, &send_tok, &flags);
789 804
790 if (send_tok.length > 0) { 805 if (send_tok.length > 0) {
791 if (GSS_ERROR(status)) 806 u_char type = GSS_ERROR(status) ?
792 packet_start(SSH2_MSG_USERAUTH_GSSAPI_ERRTOK); 807 SSH2_MSG_USERAUTH_GSSAPI_ERRTOK :
793 else 808 SSH2_MSG_USERAUTH_GSSAPI_TOKEN;
794 packet_start(SSH2_MSG_USERAUTH_GSSAPI_TOKEN); 809
810 if ((r = sshpkt_start(ssh, type)) != 0 ||
811 (r = sshpkt_put_string(ssh, send_tok.value,
812 send_tok.length)) != 0 ||
813 (r = sshpkt_send(ssh)) != 0)
814 fatal("%s: %s", __func__, ssh_err(r));
795 815
796 packet_put_string(send_tok.value, send_tok.length);
797 packet_send();
798 gss_release_buffer(&ms, &send_tok); 816 gss_release_buffer(&ms, &send_tok);
799 } 817 }
800 818
801 if (status == GSS_S_COMPLETE) { 819 if (status == GSS_S_COMPLETE) {
802 /* send either complete or MIC, depending on mechanism */ 820 /* send either complete or MIC, depending on mechanism */
803 if (!(flags & GSS_C_INTEG_FLAG)) { 821 if (!(flags & GSS_C_INTEG_FLAG)) {
804 packet_start(SSH2_MSG_USERAUTH_GSSAPI_EXCHANGE_COMPLETE); 822 if ((r = sshpkt_start(ssh,
805 packet_send(); 823 SSH2_MSG_USERAUTH_GSSAPI_EXCHANGE_COMPLETE)) != 0 ||
824 (r = sshpkt_send(ssh)) != 0)
825 fatal("%s: %s", __func__, ssh_err(r));
806 } else { 826 } else {
807 ssh_gssapi_buildmic(&b, authctxt->server_user, 827 struct sshbuf *b;
828
829 if ((b = sshbuf_new()) == NULL)
830 fatal("%s: sshbuf_new failed", __func__);
831 ssh_gssapi_buildmic(b, authctxt->server_user,
808 authctxt->service, "gssapi-with-mic"); 832 authctxt->service, "gssapi-with-mic");
809 833
810 gssbuf.value = buffer_ptr(&b); 834 if ((gssbuf.value = sshbuf_mutable_ptr(b)) == NULL)
811 gssbuf.length = buffer_len(&b); 835 fatal("%s: sshbuf_mutable_ptr failed", __func__);
836 gssbuf.length = sshbuf_len(b);
812 837
813 status = ssh_gssapi_sign(gssctxt, &gssbuf, &mic); 838 status = ssh_gssapi_sign(gssctxt, &gssbuf, &mic);
814 839
815 if (!GSS_ERROR(status)) { 840 if (!GSS_ERROR(status)) {
816 packet_start(SSH2_MSG_USERAUTH_GSSAPI_MIC); 841 if ((r = sshpkt_start(ssh,
817 packet_put_string(mic.value, mic.length); 842 SSH2_MSG_USERAUTH_GSSAPI_MIC)) != 0 ||
818 843 (r = sshpkt_put_string(ssh, mic.value,
819 packet_send(); 844 mic.length)) != 0 ||
845 (r = sshpkt_send(ssh)) != 0)
846 fatal("%s: %s", __func__, ssh_err(r));
820 } 847 }
821 848
822 buffer_free(&b); 849 sshbuf_free(b);
823 gss_release_buffer(&ms, &mic); 850 gss_release_buffer(&ms, &mic);
824 } 851 }
825 } 852 }
@@ -833,39 +860,43 @@ input_gssapi_response(int type, u_int32_t plen, struct ssh *ssh)
833{ 860{
834 Authctxt *authctxt = ssh->authctxt; 861 Authctxt *authctxt = ssh->authctxt;
835 Gssctxt *gssctxt; 862 Gssctxt *gssctxt;
836 u_int oidlen; 863 size_t oidlen;
837 u_char *oidv; 864 u_char *oidv = NULL;
865 int r;
838 866
839 if (authctxt == NULL) 867 if (authctxt == NULL)
840 fatal("input_gssapi_response: no authentication context"); 868 fatal("input_gssapi_response: no authentication context");
841 gssctxt = authctxt->methoddata; 869 gssctxt = authctxt->methoddata;
842 870
843 /* Setup our OID */ 871 /* Setup our OID */
844 oidv = packet_get_string(&oidlen); 872 if ((r = sshpkt_get_string(ssh, &oidv, &oidlen)) != 0)
873 goto done;
845 874
846 if (oidlen <= 2 || 875 if (oidlen <= 2 ||
847 oidv[0] != SSH_GSS_OIDTYPE || 876 oidv[0] != SSH_GSS_OIDTYPE ||
848 oidv[1] != oidlen - 2) { 877 oidv[1] != oidlen - 2) {
849 free(oidv);
850 debug("Badly encoded mechanism OID received"); 878 debug("Badly encoded mechanism OID received");
851 userauth(authctxt, NULL); 879 userauth(authctxt, NULL);
852 return 0; 880 goto ok;
853 } 881 }
854 882
855 if (!ssh_gssapi_check_oid(gssctxt, oidv + 2, oidlen - 2)) 883 if (!ssh_gssapi_check_oid(gssctxt, oidv + 2, oidlen - 2))
856 fatal("Server returned different OID than expected"); 884 fatal("Server returned different OID than expected");
857 885
858 packet_check_eom(); 886 if ((r = sshpkt_get_end(ssh)) != 0)
859 887 goto done;
860 free(oidv);
861 888
862 if (GSS_ERROR(process_gssapi_token(ssh, GSS_C_NO_BUFFER))) { 889 if (GSS_ERROR(process_gssapi_token(ssh, GSS_C_NO_BUFFER))) {
863 /* Start again with next method on list */ 890 /* Start again with next method on list */
864 debug("Trying to start again"); 891 debug("Trying to start again");
865 userauth(authctxt, NULL); 892 userauth(authctxt, NULL);
866 return 0; 893 goto ok;
867 } 894 }
868 return 0; 895 ok:
896 r = 0;
897 done:
898 free(oidv);
899 return r;
869} 900}
870 901
871/* ARGSUSED */ 902/* ARGSUSED */
@@ -874,27 +905,31 @@ input_gssapi_token(int type, u_int32_t plen, struct ssh *ssh)
874{ 905{
875 Authctxt *authctxt = ssh->authctxt; 906 Authctxt *authctxt = ssh->authctxt;
876 gss_buffer_desc recv_tok; 907 gss_buffer_desc recv_tok;
908 u_char *p = NULL;
909 size_t len;
877 OM_uint32 status; 910 OM_uint32 status;
878 u_int slen; 911 int r;
879 912
880 if (authctxt == NULL) 913 if (authctxt == NULL)
881 fatal("input_gssapi_response: no authentication context"); 914 fatal("input_gssapi_response: no authentication context");
882 915
883 recv_tok.value = packet_get_string(&slen); 916 if ((r = sshpkt_get_string(ssh, &p, &len)) != 0 ||
884 recv_tok.length = slen; /* safe typecast */ 917 (r = sshpkt_get_end(ssh)) != 0)
885 918 goto out;
886 packet_check_eom();
887 919
920 recv_tok.value = p;
921 recv_tok.length = len;
888 status = process_gssapi_token(ssh, &recv_tok); 922 status = process_gssapi_token(ssh, &recv_tok);
889 923
890 free(recv_tok.value); 924 /* Start again with the next method in the list */
891
892 if (GSS_ERROR(status)) { 925 if (GSS_ERROR(status)) {
893 /* Start again with the next method in the list */
894 userauth(authctxt, NULL); 926 userauth(authctxt, NULL);
895 return 0; 927 /* ok */
896 } 928 }
897 return 0; 929 r = 0;
930 out:
931 free(p);
932 return r;
898} 933}
899 934
900/* ARGSUSED */ 935/* ARGSUSED */
@@ -906,22 +941,26 @@ input_gssapi_errtok(int type, u_int32_t plen, struct ssh *ssh)
906 gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER; 941 gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER;
907 gss_buffer_desc recv_tok; 942 gss_buffer_desc recv_tok;
908 OM_uint32 ms; 943 OM_uint32 ms;
909 u_int len; 944 u_char *p = NULL;
945 size_t len;
946 int r;
910 947
911 if (authctxt == NULL) 948 if (authctxt == NULL)
912 fatal("input_gssapi_response: no authentication context"); 949 fatal("input_gssapi_response: no authentication context");
913 gssctxt = authctxt->methoddata; 950 gssctxt = authctxt->methoddata;
914 951
915 recv_tok.value = packet_get_string(&len); 952 if ((r = sshpkt_get_string(ssh, &p, &len)) != 0 ||
916 recv_tok.length = len; 953 (r = sshpkt_get_end(ssh)) != 0) {
917 954 free(p);
918 packet_check_eom(); 955 return r;
956 }
919 957
920 /* Stick it into GSSAPI and see what it says */ 958 /* Stick it into GSSAPI and see what it says */
959 recv_tok.value = p;
960 recv_tok.length = len;
921 (void)ssh_gssapi_init_ctx(gssctxt, options.gss_deleg_creds, 961 (void)ssh_gssapi_init_ctx(gssctxt, options.gss_deleg_creds,
922 &recv_tok, &send_tok, NULL); 962 &recv_tok, &send_tok, NULL);
923 963 free(p);
924 free(recv_tok.value);
925 gss_release_buffer(&ms, &send_tok); 964 gss_release_buffer(&ms, &send_tok);
926 965
927 /* Server will be returning a failed packet after this one */ 966 /* Server will be returning a failed packet after this one */
@@ -932,29 +971,32 @@ input_gssapi_errtok(int type, u_int32_t plen, struct ssh *ssh)
932int 971int
933input_gssapi_error(int type, u_int32_t plen, struct ssh *ssh) 972input_gssapi_error(int type, u_int32_t plen, struct ssh *ssh)
934{ 973{
935 char *msg; 974 char *msg = NULL;
936 char *lang; 975 char *lang = NULL;
937 976 int r;
938 /* maj */(void)packet_get_int();
939 /* min */(void)packet_get_int();
940 msg=packet_get_string(NULL);
941 lang=packet_get_string(NULL);
942
943 packet_check_eom();
944 977
978 if ((r = sshpkt_get_u32(ssh, NULL)) != 0 || /* maj */
979 (r = sshpkt_get_u32(ssh, NULL)) != 0 || /* min */
980 (r = sshpkt_get_cstring(ssh, &msg, NULL)) != 0 ||
981 (r = sshpkt_get_cstring(ssh, &lang, NULL)) != 0)
982 goto out;
983 r = sshpkt_get_end(ssh);
945 debug("Server GSSAPI Error:\n%s", msg); 984 debug("Server GSSAPI Error:\n%s", msg);
985 out:
946 free(msg); 986 free(msg);
947 free(lang); 987 free(lang);
948 return 0; 988 return r;
949} 989}
950 990
951int 991int
952userauth_gsskeyex(Authctxt *authctxt) 992userauth_gsskeyex(Authctxt *authctxt)
953{ 993{
954 Buffer b; 994 struct ssh *ssh = active_state; /* XXX */
995 struct sshbuf *b;
955 gss_buffer_desc gssbuf; 996 gss_buffer_desc gssbuf;
956 gss_buffer_desc mic = GSS_C_EMPTY_BUFFER; 997 gss_buffer_desc mic = GSS_C_EMPTY_BUFFER;
957 OM_uint32 ms; 998 OM_uint32 ms;
999 int r;
958 1000
959 static int attempt = 0; 1001 static int attempt = 0;
960 if (attempt++ >= 1) 1002 if (attempt++ >= 1)
@@ -965,25 +1007,29 @@ userauth_gsskeyex(Authctxt *authctxt)
965 return (0); 1007 return (0);
966 } 1008 }
967 1009
968 ssh_gssapi_buildmic(&b, authctxt->server_user, authctxt->service, 1010 if ((b = sshbuf_new()) == NULL)
1011 fatal("%s: sshbuf_new failed", __func__);
1012 ssh_gssapi_buildmic(b, authctxt->server_user, authctxt->service,
969 "gssapi-keyex"); 1013 "gssapi-keyex");
970 1014
971 gssbuf.value = buffer_ptr(&b); 1015 if ((gssbuf.value = sshbuf_mutable_ptr(b)) == NULL)
972 gssbuf.length = buffer_len(&b); 1016 fatal("%s: sshbuf_mutable_ptr failed", __func__);
1017 gssbuf.length = sshbuf_len(b);
973 1018
974 if (GSS_ERROR(ssh_gssapi_sign(gss_kex_context, &gssbuf, &mic))) { 1019 if (GSS_ERROR(ssh_gssapi_sign(gss_kex_context, &gssbuf, &mic))) {
975 buffer_free(&b); 1020 sshbuf_free(b);
976 return (0); 1021 return (0);
977 } 1022 }
978 1023
979 packet_start(SSH2_MSG_USERAUTH_REQUEST); 1024 if ((r = sshpkt_start(ssh, SSH2_MSG_USERAUTH_REQUEST)) != 0 ||
980 packet_put_cstring(authctxt->server_user); 1025 (r = sshpkt_put_cstring(ssh, authctxt->server_user)) != 0 ||
981 packet_put_cstring(authctxt->service); 1026 (r = sshpkt_put_cstring(ssh, authctxt->service)) != 0 ||
982 packet_put_cstring(authctxt->method->name); 1027 (r = sshpkt_put_cstring(ssh, authctxt->method->name)) != 0 ||
983 packet_put_string(mic.value, mic.length); 1028 (r = sshpkt_put_string(ssh, mic.value, mic.length)) != 0 ||
984 packet_send(); 1029 (r = sshpkt_send(ssh)) != 0)
1030 fatal("%s: %s", __func__, ssh_err(r));
985 1031
986 buffer_free(&b); 1032 sshbuf_free(b);
987 gss_release_buffer(&ms, &mic); 1033 gss_release_buffer(&ms, &mic);
988 1034
989 return (1); 1035 return (1);
@@ -994,23 +1040,29 @@ userauth_gsskeyex(Authctxt *authctxt)
994int 1040int
995userauth_none(Authctxt *authctxt) 1041userauth_none(Authctxt *authctxt)
996{ 1042{
1043 struct ssh *ssh = active_state; /* XXX */
1044 int r;
1045
997 /* initial userauth request */ 1046 /* initial userauth request */
998 packet_start(SSH2_MSG_USERAUTH_REQUEST); 1047 if ((r = sshpkt_start(ssh, SSH2_MSG_USERAUTH_REQUEST)) != 0 ||
999 packet_put_cstring(authctxt->server_user); 1048 (r = sshpkt_put_cstring(ssh, authctxt->server_user)) != 0 ||
1000 packet_put_cstring(authctxt->service); 1049 (r = sshpkt_put_cstring(ssh, authctxt->service)) != 0 ||
1001 packet_put_cstring(authctxt->method->name); 1050 (r = sshpkt_put_cstring(ssh, authctxt->method->name)) != 0 ||
1002 packet_send(); 1051 (r = sshpkt_send(ssh)) != 0)
1052 fatal("%s: %s", __func__, ssh_err(r));
1003 return 1; 1053 return 1;
1004} 1054}
1005 1055
1006int 1056int
1007userauth_passwd(Authctxt *authctxt) 1057userauth_passwd(Authctxt *authctxt)
1008{ 1058{
1059 struct ssh *ssh = active_state; /* XXX */
1009 static int attempt = 0; 1060 static int attempt = 0;
1010 char prompt[256]; 1061 char prompt[256];
1011 char *password; 1062 char *password;
1012 const char *host = options.host_key_alias ? options.host_key_alias : 1063 const char *host = options.host_key_alias ? options.host_key_alias :
1013 authctxt->host; 1064 authctxt->host;
1065 int r;
1014 1066
1015 if (attempt++ >= options.number_of_password_prompts) 1067 if (attempt++ >= options.number_of_password_prompts)
1016 return 0; 1068 return 0;
@@ -1021,18 +1073,20 @@ userauth_passwd(Authctxt *authctxt)
1021 snprintf(prompt, sizeof(prompt), "%.30s@%.128s's password: ", 1073 snprintf(prompt, sizeof(prompt), "%.30s@%.128s's password: ",
1022 authctxt->server_user, host); 1074 authctxt->server_user, host);
1023 password = read_passphrase(prompt, 0); 1075 password = read_passphrase(prompt, 0);
1024 packet_start(SSH2_MSG_USERAUTH_REQUEST); 1076 if ((r = sshpkt_start(ssh, SSH2_MSG_USERAUTH_REQUEST)) != 0 ||
1025 packet_put_cstring(authctxt->server_user); 1077 (r = sshpkt_put_cstring(ssh, authctxt->server_user)) != 0 ||
1026 packet_put_cstring(authctxt->service); 1078 (r = sshpkt_put_cstring(ssh, authctxt->service)) != 0 ||
1027 packet_put_cstring(authctxt->method->name); 1079 (r = sshpkt_put_cstring(ssh, authctxt->method->name)) != 0 ||
1028 packet_put_char(0); 1080 (r = sshpkt_put_u8(ssh, 0)) != 0 ||
1029 packet_put_cstring(password); 1081 (r = sshpkt_put_cstring(ssh, password)) != 0 ||
1030 explicit_bzero(password, strlen(password)); 1082 (r = sshpkt_add_padding(ssh, 64)) != 0 ||
1031 free(password); 1083 (r = sshpkt_send(ssh)) != 0)
1032 packet_add_padding(64); 1084 fatal("%s: %s", __func__, ssh_err(r));
1033 packet_send(); 1085
1034 1086 if (password)
1035 dispatch_set(SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ, 1087 freezero(password, strlen(password));
1088
1089 ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ,
1036 &input_userauth_passwd_changereq); 1090 &input_userauth_passwd_changereq);
1037 1091
1038 return 1; 1092 return 1;
@@ -1046,9 +1100,10 @@ int
1046input_userauth_passwd_changereq(int type, u_int32_t seqnr, struct ssh *ssh) 1100input_userauth_passwd_changereq(int type, u_int32_t seqnr, struct ssh *ssh)
1047{ 1101{
1048 Authctxt *authctxt = ssh->authctxt; 1102 Authctxt *authctxt = ssh->authctxt;
1049 char *info, *lang, *password = NULL, *retype = NULL; 1103 char *info = NULL, *lang = NULL, *password = NULL, *retype = NULL;
1050 char prompt[256]; 1104 char prompt[256];
1051 const char *host; 1105 const char *host;
1106 int r;
1052 1107
1053 debug2("input_userauth_passwd_changereq"); 1108 debug2("input_userauth_passwd_changereq");
1054 1109
@@ -1057,24 +1112,26 @@ input_userauth_passwd_changereq(int type, u_int32_t seqnr, struct ssh *ssh)
1057 "no authentication context"); 1112 "no authentication context");
1058 host = options.host_key_alias ? options.host_key_alias : authctxt->host; 1113 host = options.host_key_alias ? options.host_key_alias : authctxt->host;
1059 1114
1060 info = packet_get_string(NULL); 1115 if ((r = sshpkt_get_cstring(ssh, &info, NULL)) != 0 ||
1061 lang = packet_get_string(NULL); 1116 (r = sshpkt_get_cstring(ssh, &lang, NULL)) != 0)
1117 goto out;
1062 if (strlen(info) > 0) 1118 if (strlen(info) > 0)
1063 logit("%s", info); 1119 logit("%s", info);
1064 free(info); 1120 if ((r = sshpkt_start(ssh, SSH2_MSG_USERAUTH_REQUEST)) != 0 ||
1065 free(lang); 1121 (r = sshpkt_put_cstring(ssh, authctxt->server_user)) != 0 ||
1066 packet_start(SSH2_MSG_USERAUTH_REQUEST); 1122 (r = sshpkt_put_cstring(ssh, authctxt->service)) != 0 ||
1067 packet_put_cstring(authctxt->server_user); 1123 (r = sshpkt_put_cstring(ssh, authctxt->method->name)) != 0 ||
1068 packet_put_cstring(authctxt->service); 1124 (r = sshpkt_put_u8(ssh, 1)) != 0) /* additional info */
1069 packet_put_cstring(authctxt->method->name); 1125 goto out;
1070 packet_put_char(1); /* additional info */ 1126
1071 snprintf(prompt, sizeof(prompt), 1127 snprintf(prompt, sizeof(prompt),
1072 "Enter %.30s@%.128s's old password: ", 1128 "Enter %.30s@%.128s's old password: ",
1073 authctxt->server_user, host); 1129 authctxt->server_user, host);
1074 password = read_passphrase(prompt, 0); 1130 password = read_passphrase(prompt, 0);
1075 packet_put_cstring(password); 1131 if ((r = sshpkt_put_cstring(ssh, password)) != 0)
1076 explicit_bzero(password, strlen(password)); 1132 goto out;
1077 free(password); 1133
1134 freezero(password, strlen(password));
1078 password = NULL; 1135 password = NULL;
1079 while (password == NULL) { 1136 while (password == NULL) {
1080 snprintf(prompt, sizeof(prompt), 1137 snprintf(prompt, sizeof(prompt),
@@ -1083,99 +1140,113 @@ input_userauth_passwd_changereq(int type, u_int32_t seqnr, struct ssh *ssh)
1083 password = read_passphrase(prompt, RP_ALLOW_EOF); 1140 password = read_passphrase(prompt, RP_ALLOW_EOF);
1084 if (password == NULL) { 1141 if (password == NULL) {
1085 /* bail out */ 1142 /* bail out */
1086 return 0; 1143 r = 0;
1144 goto out;
1087 } 1145 }
1088 snprintf(prompt, sizeof(prompt), 1146 snprintf(prompt, sizeof(prompt),
1089 "Retype %.30s@%.128s's new password: ", 1147 "Retype %.30s@%.128s's new password: ",
1090 authctxt->server_user, host); 1148 authctxt->server_user, host);
1091 retype = read_passphrase(prompt, 0); 1149 retype = read_passphrase(prompt, 0);
1092 if (strcmp(password, retype) != 0) { 1150 if (strcmp(password, retype) != 0) {
1093 explicit_bzero(password, strlen(password)); 1151 freezero(password, strlen(password));
1094 free(password);
1095 logit("Mismatch; try again, EOF to quit."); 1152 logit("Mismatch; try again, EOF to quit.");
1096 password = NULL; 1153 password = NULL;
1097 } 1154 }
1098 explicit_bzero(retype, strlen(retype)); 1155 freezero(retype, strlen(retype));
1099 free(retype);
1100 } 1156 }
1101 packet_put_cstring(password); 1157 if ((r = sshpkt_put_cstring(ssh, password)) != 0 ||
1102 explicit_bzero(password, strlen(password)); 1158 (r = sshpkt_add_padding(ssh, 64)) != 0 ||
1103 free(password); 1159 (r = sshpkt_send(ssh)) != 0)
1104 packet_add_padding(64); 1160 goto out;
1105 packet_send();
1106 1161
1107 dispatch_set(SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ, 1162 ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ,
1108 &input_userauth_passwd_changereq); 1163 &input_userauth_passwd_changereq);
1109 return 0; 1164 r = 0;
1110} 1165 out:
1111 1166 if (password)
1112static const char * 1167 freezero(password, strlen(password));
1113key_sign_encode(const struct sshkey *key) 1168 free(info);
1114{ 1169 free(lang);
1115 struct ssh *ssh = active_state; 1170 return r;
1116
1117 if (key->type == KEY_RSA) {
1118 switch (ssh->kex->rsa_sha2) {
1119 case 256:
1120 return "rsa-sha2-256";
1121 case 512:
1122 return "rsa-sha2-512";
1123 }
1124 }
1125 return key_ssh_name(key);
1126} 1171}
1127 1172
1128/* 1173/*
1129 * Some agents will return ssh-rsa signatures when asked to make a 1174 * Select an algorithm for publickey signatures.
1130 * rsa-sha2-* signature. Check what they actually gave back and warn the 1175 * Returns algorithm (caller must free) or NULL if no mutual algorithm found.
1131 * user if the agent has returned an unexpected type. 1176 *
1177 * Call with ssh==NULL to ignore server-sig-algs extension list and
1178 * only attempt with the key's base signature type.
1132 */ 1179 */
1133static int 1180static char *
1134check_sigtype(const struct sshkey *key, const u_char *sig, size_t len) 1181key_sig_algorithm(struct ssh *ssh, const struct sshkey *key)
1135{ 1182{
1136 int r; 1183 char *allowed, *oallowed, *cp, *tmp, *alg = NULL;
1137 char *sigtype = NULL;
1138 const char *alg = key_sign_encode(key);
1139 1184
1140 if (sshkey_is_cert(key)) 1185 /*
1141 return 0; 1186 * The signature algorithm will only differ from the key algorithm
1142 if ((r = sshkey_sigtype(sig, len, &sigtype)) != 0) 1187 * for RSA keys/certs and when the server advertises support for
1143 return r; 1188 * newer (SHA2) algorithms.
1144 if (strcmp(sigtype, alg) != 0) { 1189 */
1145 logit("warning: agent returned different signature type %s " 1190 if (ssh == NULL || ssh->kex->server_sig_algs == NULL ||
1146 "(expected %s)", sigtype, alg); 1191 (key->type != KEY_RSA && key->type != KEY_RSA_CERT)) {
1192 /* Filter base key signature alg against our configuration */
1193 return match_list(sshkey_ssh_name(key),
1194 options.pubkey_key_types, NULL);
1147 } 1195 }
1148 free(sigtype); 1196
1149 /* Incorrect signature types aren't an error ... yet */ 1197 /*
1150 return 0; 1198 * For RSA keys/certs, since these might have a different sig type:
1199 * find the first entry in PubkeyAcceptedKeyTypes of the right type
1200 * that also appears in the supported signature algorithms list from
1201 * the server.
1202 */
1203 oallowed = allowed = xstrdup(options.pubkey_key_types);
1204 while ((cp = strsep(&allowed, ",")) != NULL) {
1205 if (sshkey_type_from_name(cp) != key->type)
1206 continue;
1207 tmp = match_list(sshkey_sigalg_by_name(cp), ssh->kex->server_sig_algs, NULL);
1208 if (tmp != NULL)
1209 alg = xstrdup(cp);
1210 free(tmp);
1211 if (alg != NULL)
1212 break;
1213 }
1214 free(oallowed);
1215 return alg;
1151} 1216}
1152 1217
1153static int 1218static int
1154identity_sign(struct identity *id, u_char **sigp, size_t *lenp, 1219identity_sign(struct identity *id, u_char **sigp, size_t *lenp,
1155 const u_char *data, size_t datalen, u_int compat) 1220 const u_char *data, size_t datalen, u_int compat, const char *alg)
1156{ 1221{
1157 struct sshkey *prv; 1222 struct sshkey *prv;
1158 int r; 1223 int r;
1159 1224
1160 /* the agent supports this key */ 1225 /* The agent supports this key. */
1161 if (id->key != NULL && id->agent_fd != -1) { 1226 if (id->key != NULL && id->agent_fd != -1) {
1162 if ((r = ssh_agent_sign(id->agent_fd, id->key, sigp, lenp, 1227 return ssh_agent_sign(id->agent_fd, id->key, sigp, lenp,
1163 data, datalen, key_sign_encode(id->key), compat)) != 0 || 1228 data, datalen, alg, compat);
1164 (r = check_sigtype(id->key, *sigp, *lenp)) != 0)
1165 return r;
1166 return 0;
1167 } 1229 }
1168 1230
1169 /* 1231 /*
1170 * we have already loaded the private key or 1232 * We have already loaded the private key or the private key is
1171 * the private key is stored in external hardware 1233 * stored in external hardware.
1172 */ 1234 */
1173 if (id->key != NULL && 1235 if (id->key != NULL &&
1174 (id->isprivate || (id->key->flags & SSHKEY_FLAG_EXT))) 1236 (id->isprivate || (id->key->flags & SSHKEY_FLAG_EXT))) {
1175 return (sshkey_sign(id->key, sigp, lenp, data, datalen, 1237 if ((r = sshkey_sign(id->key, sigp, lenp, data, datalen,
1176 key_sign_encode(id->key), compat)); 1238 alg, compat)) != 0)
1239 return r;
1240 /*
1241 * PKCS#11 tokens may not support all signature algorithms,
1242 * so check what we get back.
1243 */
1244 if ((r = sshkey_check_sigtype(*sigp, *lenp, alg)) != 0)
1245 return r;
1246 return 0;
1247 }
1177 1248
1178 /* load the private key from the file */ 1249 /* Load the private key from the file. */
1179 if ((prv = load_identity_file(id)) == NULL) 1250 if ((prv = load_identity_file(id)) == NULL)
1180 return SSH_ERR_KEY_NOT_FOUND; 1251 return SSH_ERR_KEY_NOT_FOUND;
1181 if (id->key != NULL && !sshkey_equal_public(prv, id->key)) { 1252 if (id->key != NULL && !sshkey_equal_public(prv, id->key)) {
@@ -1183,8 +1254,7 @@ identity_sign(struct identity *id, u_char **sigp, size_t *lenp,
1183 __func__, id->filename); 1254 __func__, id->filename);
1184 return SSH_ERR_KEY_NOT_FOUND; 1255 return SSH_ERR_KEY_NOT_FOUND;
1185 } 1256 }
1186 r = sshkey_sign(prv, sigp, lenp, data, datalen, 1257 r = sshkey_sign(prv, sigp, lenp, data, datalen, alg, compat);
1187 key_sign_encode(prv), compat);
1188 sshkey_free(prv); 1258 sshkey_free(prv);
1189 return r; 1259 return r;
1190} 1260}
@@ -1209,57 +1279,35 @@ id_filename_matches(Identity *id, Identity *private_id)
1209} 1279}
1210 1280
1211static int 1281static int
1212sign_and_send_pubkey(Authctxt *authctxt, Identity *id) 1282sign_and_send_pubkey(struct ssh *ssh, Authctxt *authctxt, Identity *id)
1213{ 1283{
1214 Buffer b; 1284 struct sshbuf *b = NULL;
1215 Identity *private_id; 1285 Identity *private_id, *sign_id = NULL;
1216 u_char *blob, *signature; 1286 u_char *signature = NULL;
1217 size_t slen; 1287 size_t slen = 0, skip = 0;
1218 u_int bloblen, skip = 0; 1288 int r, fallback_sigtype, sent = 0;
1219 int matched, ret = -1, have_sig = 1; 1289 char *alg = NULL, *fp = NULL;
1220 char *fp; 1290 const char *loc = "";
1221 1291
1222 if ((fp = sshkey_fingerprint(id->key, options.fingerprint_hash, 1292 if ((fp = sshkey_fingerprint(id->key, options.fingerprint_hash,
1223 SSH_FP_DEFAULT)) == NULL) 1293 SSH_FP_DEFAULT)) == NULL)
1224 return 0; 1294 return 0;
1225 debug3("%s: %s %s", __func__, key_type(id->key), fp);
1226 free(fp);
1227 1295
1228 if (key_to_blob(id->key, &blob, &bloblen) == 0) { 1296 debug3("%s: %s %s", __func__, sshkey_type(id->key), fp);
1229 /* we cannot handle this key */
1230 debug3("sign_and_send_pubkey: cannot handle key");
1231 return 0;
1232 }
1233 /* data to be signed */
1234 buffer_init(&b);
1235 if (datafellows & SSH_OLD_SESSIONID) {
1236 buffer_append(&b, session_id2, session_id2_len);
1237 skip = session_id2_len;
1238 } else {
1239 buffer_put_string(&b, session_id2, session_id2_len);
1240 skip = buffer_len(&b);
1241 }
1242 buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST);
1243 buffer_put_cstring(&b, authctxt->server_user);
1244 buffer_put_cstring(&b, authctxt->service);
1245 buffer_put_cstring(&b, authctxt->method->name);
1246 buffer_put_char(&b, have_sig);
1247 buffer_put_cstring(&b, key_sign_encode(id->key));
1248 buffer_put_string(&b, blob, bloblen);
1249 1297
1250 /* 1298 /*
1251 * If the key is an certificate, try to find a matching private key 1299 * If the key is an certificate, try to find a matching private key
1252 * and use it to complete the signature. 1300 * and use it to complete the signature.
1253 * If no such private key exists, fall back to trying the certificate 1301 * If no such private key exists, fall back to trying the certificate
1254 * key itself in case it has a private half already loaded. 1302 * key itself in case it has a private half already loaded.
1303 * This will try to set sign_id to the private key that will perform
1304 * the signature.
1255 */ 1305 */
1256 if (key_is_cert(id->key)) { 1306 if (sshkey_is_cert(id->key)) {
1257 matched = 0;
1258 TAILQ_FOREACH(private_id, &authctxt->keys, next) { 1307 TAILQ_FOREACH(private_id, &authctxt->keys, next) {
1259 if (sshkey_equal_public(id->key, private_id->key) && 1308 if (sshkey_equal_public(id->key, private_id->key) &&
1260 id->key->type != private_id->key->type) { 1309 id->key->type != private_id->key->type) {
1261 id = private_id; 1310 sign_id = private_id;
1262 matched = 1;
1263 break; 1311 break;
1264 } 1312 }
1265 } 1313 }
@@ -1270,18 +1318,18 @@ sign_and_send_pubkey(Authctxt *authctxt, Identity *id)
1270 * of keeping just a private key file and public 1318 * of keeping just a private key file and public
1271 * certificate on disk. 1319 * certificate on disk.
1272 */ 1320 */
1273 if (!matched && !id->isprivate && id->agent_fd == -1 && 1321 if (sign_id == NULL &&
1322 !id->isprivate && id->agent_fd == -1 &&
1274 (id->key->flags & SSHKEY_FLAG_EXT) == 0) { 1323 (id->key->flags & SSHKEY_FLAG_EXT) == 0) {
1275 TAILQ_FOREACH(private_id, &authctxt->keys, next) { 1324 TAILQ_FOREACH(private_id, &authctxt->keys, next) {
1276 if (private_id->key == NULL && 1325 if (private_id->key == NULL &&
1277 id_filename_matches(id, private_id)) { 1326 id_filename_matches(id, private_id)) {
1278 id = private_id; 1327 sign_id = private_id;
1279 matched = 1;
1280 break; 1328 break;
1281 } 1329 }
1282 } 1330 }
1283 } 1331 }
1284 if (matched) { 1332 if (sign_id != NULL) {
1285 debug2("%s: using private key \"%s\"%s for " 1333 debug2("%s: using private key \"%s\"%s for "
1286 "certificate", __func__, id->filename, 1334 "certificate", __func__, id->filename,
1287 id->agent_fd != -1 ? " from agent" : ""); 1335 id->agent_fd != -1 ? " from agent" : "");
@@ -1291,65 +1339,141 @@ sign_and_send_pubkey(Authctxt *authctxt, Identity *id)
1291 } 1339 }
1292 } 1340 }
1293 1341
1294 /* generate signature */ 1342 /*
1295 ret = identity_sign(id, &signature, &slen, 1343 * If the above didn't select another identity to do the signing
1296 buffer_ptr(&b), buffer_len(&b), datafellows); 1344 * then default to the one we started with.
1297 if (ret != 0) { 1345 */
1298 if (ret != SSH_ERR_KEY_NOT_FOUND) 1346 if (sign_id == NULL)
1299 error("%s: signing failed: %s", __func__, ssh_err(ret)); 1347 sign_id = id;
1300 free(blob); 1348
1301 buffer_free(&b); 1349 /* assemble and sign data */
1302 return 0; 1350 for (fallback_sigtype = 0; fallback_sigtype <= 1; fallback_sigtype++) {
1351 free(alg);
1352 slen = 0;
1353 signature = NULL;
1354 if ((alg = key_sig_algorithm(fallback_sigtype ? NULL : ssh,
1355 id->key)) == NULL) {
1356 error("%s: no mutual signature supported", __func__);
1357 goto out;
1358 }
1359 debug3("%s: signing using %s", __func__, alg);
1360
1361 sshbuf_free(b);
1362 if ((b = sshbuf_new()) == NULL)
1363 fatal("%s: sshbuf_new failed", __func__);
1364 if (datafellows & SSH_OLD_SESSIONID) {
1365 if ((r = sshbuf_put(b, session_id2,
1366 session_id2_len)) != 0) {
1367 fatal("%s: sshbuf_put: %s",
1368 __func__, ssh_err(r));
1369 }
1370 } else {
1371 if ((r = sshbuf_put_string(b, session_id2,
1372 session_id2_len)) != 0) {
1373 fatal("%s: sshbuf_put_string: %s",
1374 __func__, ssh_err(r));
1375 }
1376 }
1377 skip = sshbuf_len(b);
1378 if ((r = sshbuf_put_u8(b, SSH2_MSG_USERAUTH_REQUEST)) != 0 ||
1379 (r = sshbuf_put_cstring(b, authctxt->server_user)) != 0 ||
1380 (r = sshbuf_put_cstring(b, authctxt->service)) != 0 ||
1381 (r = sshbuf_put_cstring(b, authctxt->method->name)) != 0 ||
1382 (r = sshbuf_put_u8(b, 1)) != 0 ||
1383 (r = sshbuf_put_cstring(b, alg)) != 0 ||
1384 (r = sshkey_puts(id->key, b)) != 0) {
1385 fatal("%s: assemble signed data: %s",
1386 __func__, ssh_err(r));
1387 }
1388
1389 /* generate signature */
1390 r = identity_sign(sign_id, &signature, &slen,
1391 sshbuf_ptr(b), sshbuf_len(b), datafellows, alg);
1392 if (r == 0)
1393 break;
1394 else if (r == SSH_ERR_KEY_NOT_FOUND)
1395 goto out; /* soft failure */
1396 else if (r == SSH_ERR_SIGN_ALG_UNSUPPORTED &&
1397 !fallback_sigtype) {
1398 if (sign_id->agent_fd != -1)
1399 loc = "agent ";
1400 else if ((sign_id->key->flags & SSHKEY_FLAG_EXT) != 0)
1401 loc = "token ";
1402 logit("%skey %s %s returned incorrect signature type",
1403 loc, sshkey_type(id->key), fp);
1404 continue;
1405 }
1406 error("%s: signing failed: %s", __func__, ssh_err(r));
1407 goto out;
1303 } 1408 }
1304#ifdef DEBUG_PK 1409 if (slen == 0 || signature == NULL) /* shouldn't happen */
1305 buffer_dump(&b); 1410 fatal("%s: no signature", __func__);
1306#endif
1307 free(blob);
1308 1411
1309 /* append signature */ 1412 /* append signature */
1310 buffer_put_string(&b, signature, slen); 1413 if ((r = sshbuf_put_string(b, signature, slen)) != 0)
1311 free(signature); 1414 fatal("%s: append signature: %s", __func__, ssh_err(r));
1312 1415
1416#ifdef DEBUG_PK
1417 sshbuf_dump(b, stderr);
1418#endif
1313 /* skip session id and packet type */ 1419 /* skip session id and packet type */
1314 if (buffer_len(&b) < skip + 1) 1420 if ((r = sshbuf_consume(b, skip + 1)) != 0)
1315 fatal("userauth_pubkey: internal error"); 1421 fatal("%s: consume: %s", __func__, ssh_err(r));
1316 buffer_consume(&b, skip + 1);
1317 1422
1318 /* put remaining data from buffer into packet */ 1423 /* put remaining data from buffer into packet */
1319 packet_start(SSH2_MSG_USERAUTH_REQUEST); 1424 if ((r = sshpkt_start(ssh, SSH2_MSG_USERAUTH_REQUEST)) != 0 ||
1320 packet_put_raw(buffer_ptr(&b), buffer_len(&b)); 1425 (r = sshpkt_putb(ssh, b)) != 0 ||
1321 buffer_free(&b); 1426 (r = sshpkt_send(ssh)) != 0)
1322 packet_send(); 1427 fatal("%s: enqueue request: %s", __func__, ssh_err(r));
1323 1428
1324 return 1; 1429 /* success */
1430 sent = 1;
1431
1432 out:
1433 free(fp);
1434 free(alg);
1435 sshbuf_free(b);
1436 freezero(signature, slen);
1437 return sent;
1325} 1438}
1326 1439
1327static int 1440static int
1328send_pubkey_test(Authctxt *authctxt, Identity *id) 1441send_pubkey_test(struct ssh *ssh, Authctxt *authctxt, Identity *id)
1329{ 1442{
1330 u_char *blob; 1443 u_char *blob = NULL;
1331 u_int bloblen, have_sig = 0; 1444 char *alg = NULL;
1332 1445 size_t bloblen;
1333 debug3("send_pubkey_test"); 1446 u_int have_sig = 0;
1447 int sent = 0, r;
1448
1449 if ((alg = key_sig_algorithm(ssh, id->key)) == NULL) {
1450 debug("%s: no mutual signature algorithm", __func__);
1451 goto out;
1452 }
1334 1453
1335 if (key_to_blob(id->key, &blob, &bloblen) == 0) { 1454 if ((r = sshkey_to_blob(id->key, &blob, &bloblen)) != 0) {
1336 /* we cannot handle this key */ 1455 /* we cannot handle this key */
1337 debug3("send_pubkey_test: cannot handle key"); 1456 debug3("%s: cannot handle key", __func__);
1338 return 0; 1457 goto out;
1339 } 1458 }
1340 /* register callback for USERAUTH_PK_OK message */ 1459 /* register callback for USERAUTH_PK_OK message */
1341 dispatch_set(SSH2_MSG_USERAUTH_PK_OK, &input_userauth_pk_ok); 1460 ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_PK_OK, &input_userauth_pk_ok);
1342 1461
1343 packet_start(SSH2_MSG_USERAUTH_REQUEST); 1462 if ((r = sshpkt_start(ssh, SSH2_MSG_USERAUTH_REQUEST)) != 0 ||
1344 packet_put_cstring(authctxt->server_user); 1463 (r = sshpkt_put_cstring(ssh, authctxt->server_user)) != 0 ||
1345 packet_put_cstring(authctxt->service); 1464 (r = sshpkt_put_cstring(ssh, authctxt->service)) != 0 ||
1346 packet_put_cstring(authctxt->method->name); 1465 (r = sshpkt_put_cstring(ssh, authctxt->method->name)) != 0 ||
1347 packet_put_char(have_sig); 1466 (r = sshpkt_put_u8(ssh, have_sig)) != 0 ||
1348 packet_put_cstring(key_sign_encode(id->key)); 1467 (r = sshpkt_put_cstring(ssh, alg)) != 0 ||
1349 packet_put_string(blob, bloblen); 1468 (r = sshpkt_put_string(ssh, blob, bloblen)) != 0 ||
1469 (r = sshpkt_send(ssh)) != 0)
1470 fatal("%s: %s", __func__, ssh_err(r));
1471 sent = 1;
1472
1473 out:
1474 free(alg);
1350 free(blob); 1475 free(blob);
1351 packet_send(); 1476 return sent;
1352 return 1;
1353} 1477}
1354 1478
1355static struct sshkey * 1479static struct sshkey *
@@ -1407,10 +1531,8 @@ load_identity_file(Identity *id)
1407 !(id->key && id->isprivate)) 1531 !(id->key && id->isprivate))
1408 maybe_add_key_to_agent(id->filename, private, comment, 1532 maybe_add_key_to_agent(id->filename, private, comment,
1409 passphrase); 1533 passphrase);
1410 if (i > 0) { 1534 if (i > 0)
1411 explicit_bzero(passphrase, strlen(passphrase)); 1535 freezero(passphrase, strlen(passphrase));
1412 free(passphrase);
1413 }
1414 free(comment); 1536 free(comment);
1415 if (private != NULL || quit) 1537 if (private != NULL || quit)
1416 break; 1538 break;
@@ -1418,6 +1540,36 @@ load_identity_file(Identity *id)
1418 return private; 1540 return private;
1419} 1541}
1420 1542
1543static int
1544key_type_allowed_by_config(struct sshkey *key)
1545{
1546 if (match_pattern_list(sshkey_ssh_name(key),
1547 options.pubkey_key_types, 0) == 1)
1548 return 1;
1549
1550 /* RSA keys/certs might be allowed by alternate signature types */
1551 switch (key->type) {
1552 case KEY_RSA:
1553 if (match_pattern_list("rsa-sha2-512",
1554 options.pubkey_key_types, 0) == 1)
1555 return 1;
1556 if (match_pattern_list("rsa-sha2-256",
1557 options.pubkey_key_types, 0) == 1)
1558 return 1;
1559 break;
1560 case KEY_RSA_CERT:
1561 if (match_pattern_list("rsa-sha2-512-cert-v01@openssh.com",
1562 options.pubkey_key_types, 0) == 1)
1563 return 1;
1564 if (match_pattern_list("rsa-sha2-256-cert-v01@openssh.com",
1565 options.pubkey_key_types, 0) == 1)
1566 return 1;
1567 break;
1568 }
1569 return 0;
1570}
1571
1572
1421/* 1573/*
1422 * try keys in the following order: 1574 * try keys in the following order:
1423 * 1. certificates listed in the config file 1575 * 1. certificates listed in the config file
@@ -1457,7 +1609,7 @@ pubkey_prepare(Authctxt *authctxt)
1457 /* list of certificates specified by user */ 1609 /* list of certificates specified by user */
1458 for (i = 0; i < options.num_certificate_files; i++) { 1610 for (i = 0; i < options.num_certificate_files; i++) {
1459 key = options.certificates[i]; 1611 key = options.certificates[i];
1460 if (!key_is_cert(key) || key->cert == NULL || 1612 if (!sshkey_is_cert(key) || key->cert == NULL ||
1461 key->cert->type != SSH2_CERT_TYPE_USER) 1613 key->cert->type != SSH2_CERT_TYPE_USER)
1462 continue; 1614 continue;
1463 id = xcalloc(1, sizeof(*id)); 1615 id = xcalloc(1, sizeof(*id));
@@ -1531,8 +1683,7 @@ pubkey_prepare(Authctxt *authctxt)
1531 /* If IdentitiesOnly set and key not found then don't use it */ 1683 /* If IdentitiesOnly set and key not found then don't use it */
1532 if (!found && options.identities_only) { 1684 if (!found && options.identities_only) {
1533 TAILQ_REMOVE(&files, id, next); 1685 TAILQ_REMOVE(&files, id, next);
1534 explicit_bzero(id, sizeof(*id)); 1686 freezero(id, sizeof(*id));
1535 free(id);
1536 } 1687 }
1537 } 1688 }
1538 /* append remaining keys from the config file */ 1689 /* append remaining keys from the config file */
@@ -1542,9 +1693,7 @@ pubkey_prepare(Authctxt *authctxt)
1542 } 1693 }
1543 /* finally, filter by PubkeyAcceptedKeyTypes */ 1694 /* finally, filter by PubkeyAcceptedKeyTypes */
1544 TAILQ_FOREACH_SAFE(id, preferred, next, id2) { 1695 TAILQ_FOREACH_SAFE(id, preferred, next, id2) {
1545 if (id->key != NULL && 1696 if (id->key != NULL && !key_type_allowed_by_config(id->key)) {
1546 match_pattern_list(sshkey_ssh_name(id->key),
1547 options.pubkey_key_types, 0) != 1) {
1548 debug("Skipping %s key %s - " 1697 debug("Skipping %s key %s - "
1549 "not in PubkeyAcceptedKeyTypes", 1698 "not in PubkeyAcceptedKeyTypes",
1550 sshkey_ssh_name(id->key), id->filename); 1699 sshkey_ssh_name(id->key), id->filename);
@@ -1590,10 +1739,10 @@ try_identity(Identity *id)
1590{ 1739{
1591 if (!id->key) 1740 if (!id->key)
1592 return (0); 1741 return (0);
1593 if (key_type_plain(id->key->type) == KEY_RSA && 1742 if (sshkey_type_plain(id->key->type) == KEY_RSA &&
1594 (datafellows & SSH_BUG_RSASIGMD5) != 0) { 1743 (datafellows & SSH_BUG_RSASIGMD5) != 0) {
1595 debug("Skipped %s key %s for RSA/MD5 server", 1744 debug("Skipped %s key %s for RSA/MD5 server",
1596 key_type(id->key), id->filename); 1745 sshkey_type(id->key), id->filename);
1597 return (0); 1746 return (0);
1598 } 1747 }
1599 return 1; 1748 return 1;
@@ -1602,6 +1751,7 @@ try_identity(Identity *id)
1602int 1751int
1603userauth_pubkey(Authctxt *authctxt) 1752userauth_pubkey(Authctxt *authctxt)
1604{ 1753{
1754 struct ssh *ssh = active_state; /* XXX */
1605 Identity *id; 1755 Identity *id;
1606 int sent = 0; 1756 int sent = 0;
1607 char *fp; 1757 char *fp;
@@ -1629,7 +1779,7 @@ userauth_pubkey(Authctxt *authctxt)
1629 debug("Offering public key: %s %s %s", 1779 debug("Offering public key: %s %s %s",
1630 sshkey_type(id->key), fp, id->filename); 1780 sshkey_type(id->key), fp, id->filename);
1631 free(fp); 1781 free(fp);
1632 sent = send_pubkey_test(authctxt, id); 1782 sent = send_pubkey_test(ssh, authctxt, id);
1633 } 1783 }
1634 } else { 1784 } else {
1635 debug("Trying private key: %s", id->filename); 1785 debug("Trying private key: %s", id->filename);
@@ -1637,10 +1787,10 @@ userauth_pubkey(Authctxt *authctxt)
1637 if (id->key != NULL) { 1787 if (id->key != NULL) {
1638 if (try_identity(id)) { 1788 if (try_identity(id)) {
1639 id->isprivate = 1; 1789 id->isprivate = 1;
1640 sent = sign_and_send_pubkey( 1790 sent = sign_and_send_pubkey(ssh,
1641 authctxt, id); 1791 authctxt, id);
1642 } 1792 }
1643 key_free(id->key); 1793 sshkey_free(id->key);
1644 id->key = NULL; 1794 id->key = NULL;
1645 id->isprivate = 0; 1795 id->isprivate = 0;
1646 } 1796 }
@@ -1657,28 +1807,31 @@ userauth_pubkey(Authctxt *authctxt)
1657int 1807int
1658userauth_kbdint(Authctxt *authctxt) 1808userauth_kbdint(Authctxt *authctxt)
1659{ 1809{
1810 struct ssh *ssh = active_state; /* XXX */
1660 static int attempt = 0; 1811 static int attempt = 0;
1812 int r;
1661 1813
1662 if (attempt++ >= options.number_of_password_prompts) 1814 if (attempt++ >= options.number_of_password_prompts)
1663 return 0; 1815 return 0;
1664 /* disable if no SSH2_MSG_USERAUTH_INFO_REQUEST has been seen */ 1816 /* disable if no SSH2_MSG_USERAUTH_INFO_REQUEST has been seen */
1665 if (attempt > 1 && !authctxt->info_req_seen) { 1817 if (attempt > 1 && !authctxt->info_req_seen) {
1666 debug3("userauth_kbdint: disable: no info_req_seen"); 1818 debug3("userauth_kbdint: disable: no info_req_seen");
1667 dispatch_set(SSH2_MSG_USERAUTH_INFO_REQUEST, NULL); 1819 ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_INFO_REQUEST, NULL);
1668 return 0; 1820 return 0;
1669 } 1821 }
1670 1822
1671 debug2("userauth_kbdint"); 1823 debug2("userauth_kbdint");
1672 packet_start(SSH2_MSG_USERAUTH_REQUEST); 1824 if ((r = sshpkt_start(ssh, SSH2_MSG_USERAUTH_REQUEST)) != 0 ||
1673 packet_put_cstring(authctxt->server_user); 1825 (r = sshpkt_put_cstring(ssh, authctxt->server_user)) != 0 ||
1674 packet_put_cstring(authctxt->service); 1826 (r = sshpkt_put_cstring(ssh, authctxt->service)) != 0 ||
1675 packet_put_cstring(authctxt->method->name); 1827 (r = sshpkt_put_cstring(ssh, authctxt->method->name)) != 0 ||
1676 packet_put_cstring(""); /* lang */ 1828 (r = sshpkt_put_cstring(ssh, "")) != 0 || /* lang */
1677 packet_put_cstring(options.kbd_interactive_devices ? 1829 (r = sshpkt_put_cstring(ssh, options.kbd_interactive_devices ?
1678 options.kbd_interactive_devices : ""); 1830 options.kbd_interactive_devices : "")) != 0 ||
1679 packet_send(); 1831 (r = sshpkt_send(ssh)) != 0)
1680 1832 fatal("%s: %s", __func__, ssh_err(r));
1681 dispatch_set(SSH2_MSG_USERAUTH_INFO_REQUEST, &input_userauth_info_req); 1833
1834 ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_INFO_REQUEST, &input_userauth_info_req);
1682 return 1; 1835 return 1;
1683} 1836}
1684 1837
@@ -1689,9 +1842,11 @@ int
1689input_userauth_info_req(int type, u_int32_t seq, struct ssh *ssh) 1842input_userauth_info_req(int type, u_int32_t seq, struct ssh *ssh)
1690{ 1843{
1691 Authctxt *authctxt = ssh->authctxt; 1844 Authctxt *authctxt = ssh->authctxt;
1692 char *name, *inst, *lang, *prompt, *response; 1845 char *name = NULL, *inst = NULL, *lang = NULL, *prompt = NULL;
1846 char *response = NULL;
1847 u_char echo = 0;
1693 u_int num_prompts, i; 1848 u_int num_prompts, i;
1694 int echo = 0; 1849 int r;
1695 1850
1696 debug2("input_userauth_info_req"); 1851 debug2("input_userauth_info_req");
1697 1852
@@ -1700,44 +1855,52 @@ input_userauth_info_req(int type, u_int32_t seq, struct ssh *ssh)
1700 1855
1701 authctxt->info_req_seen = 1; 1856 authctxt->info_req_seen = 1;
1702 1857
1703 name = packet_get_string(NULL); 1858 if ((r = sshpkt_get_cstring(ssh, &name, NULL)) != 0 ||
1704 inst = packet_get_string(NULL); 1859 (r = sshpkt_get_cstring(ssh, &inst, NULL)) != 0 ||
1705 lang = packet_get_string(NULL); 1860 (r = sshpkt_get_cstring(ssh, &lang, NULL)) != 0)
1861 goto out;
1706 if (strlen(name) > 0) 1862 if (strlen(name) > 0)
1707 logit("%s", name); 1863 logit("%s", name);
1708 if (strlen(inst) > 0) 1864 if (strlen(inst) > 0)
1709 logit("%s", inst); 1865 logit("%s", inst);
1710 free(name);
1711 free(inst);
1712 free(lang);
1713 1866
1714 num_prompts = packet_get_int(); 1867 if ((r = sshpkt_get_u32(ssh, &num_prompts)) != 0)
1868 goto out;
1715 /* 1869 /*
1716 * Begin to build info response packet based on prompts requested. 1870 * Begin to build info response packet based on prompts requested.
1717 * We commit to providing the correct number of responses, so if 1871 * We commit to providing the correct number of responses, so if
1718 * further on we run into a problem that prevents this, we have to 1872 * further on we run into a problem that prevents this, we have to
1719 * be sure and clean this up and send a correct error response. 1873 * be sure and clean this up and send a correct error response.
1720 */ 1874 */
1721 packet_start(SSH2_MSG_USERAUTH_INFO_RESPONSE); 1875 if ((r = sshpkt_start(ssh, SSH2_MSG_USERAUTH_INFO_RESPONSE)) != 0 ||
1722 packet_put_int(num_prompts); 1876 (r = sshpkt_put_u32(ssh, num_prompts)) != 0)
1877 goto out;
1723 1878
1724 debug2("input_userauth_info_req: num_prompts %d", num_prompts); 1879 debug2("input_userauth_info_req: num_prompts %d", num_prompts);
1725 for (i = 0; i < num_prompts; i++) { 1880 for (i = 0; i < num_prompts; i++) {
1726 prompt = packet_get_string(NULL); 1881 if ((r = sshpkt_get_cstring(ssh, &prompt, NULL)) != 0 ||
1727 echo = packet_get_char(); 1882 (r = sshpkt_get_u8(ssh, &echo)) != 0)
1728 1883 goto out;
1729 response = read_passphrase(prompt, echo ? RP_ECHO : 0); 1884 response = read_passphrase(prompt, echo ? RP_ECHO : 0);
1730 1885 if ((r = sshpkt_put_cstring(ssh, response)) != 0)
1731 packet_put_cstring(response); 1886 goto out;
1732 explicit_bzero(response, strlen(response)); 1887 freezero(response, strlen(response));
1733 free(response);
1734 free(prompt); 1888 free(prompt);
1889 response = prompt = NULL;
1735 } 1890 }
1736 packet_check_eom(); /* done with parsing incoming message. */ 1891 /* done with parsing incoming message. */
1737 1892 if ((r = sshpkt_get_end(ssh)) != 0 ||
1738 packet_add_padding(64); 1893 (r = sshpkt_add_padding(ssh, 64)) != 0)
1739 packet_send(); 1894 goto out;
1740 return 0; 1895 r = sshpkt_send(ssh);
1896 out:
1897 if (response)
1898 freezero(response, strlen(response));
1899 free(prompt);
1900 free(name);
1901 free(inst);
1902 free(lang);
1903 return r;
1741} 1904}
1742 1905
1743static int 1906static int
@@ -1778,7 +1941,6 @@ ssh_keysign(struct sshkey *key, u_char **sigp, size_t *lenp,
1778 if (pid == 0) { 1941 if (pid == 0) {
1779 /* keep the socket on exec */ 1942 /* keep the socket on exec */
1780 fcntl(sock, F_SETFD, 0); 1943 fcntl(sock, F_SETFD, 0);
1781 permanently_drop_suid(getuid());
1782 close(from[0]); 1944 close(from[0]);
1783 if (dup2(from[1], STDOUT_FILENO) < 0) 1945 if (dup2(from[1], STDOUT_FILENO) < 0)
1784 fatal("%s: dup2: %s", __func__, strerror(errno)); 1946 fatal("%s: dup2: %s", __func__, strerror(errno));
@@ -1858,7 +2020,7 @@ ssh_keysign(struct sshkey *key, u_char **sigp, size_t *lenp,
1858int 2020int
1859userauth_hostbased(Authctxt *authctxt) 2021userauth_hostbased(Authctxt *authctxt)
1860{ 2022{
1861 struct ssh *ssh = active_state; 2023 struct ssh *ssh = active_state; /* XXX */
1862 struct sshkey *private = NULL; 2024 struct sshkey *private = NULL;
1863 struct sshbuf *b = NULL; 2025 struct sshbuf *b = NULL;
1864 u_char *sig = NULL, *keyblob = NULL; 2026 u_char *sig = NULL, *keyblob = NULL;
@@ -1945,7 +2107,7 @@ userauth_hostbased(Authctxt *authctxt)
1945 (r = sshbuf_put_cstring(b, authctxt->server_user)) != 0 || 2107 (r = sshbuf_put_cstring(b, authctxt->server_user)) != 0 ||
1946 (r = sshbuf_put_cstring(b, authctxt->service)) != 0 || 2108 (r = sshbuf_put_cstring(b, authctxt->service)) != 0 ||
1947 (r = sshbuf_put_cstring(b, authctxt->method->name)) != 0 || 2109 (r = sshbuf_put_cstring(b, authctxt->method->name)) != 0 ||
1948 (r = sshbuf_put_cstring(b, key_ssh_name(private))) != 0 || 2110 (r = sshbuf_put_cstring(b, sshkey_ssh_name(private))) != 0 ||
1949 (r = sshbuf_put_string(b, keyblob, keylen)) != 0 || 2111 (r = sshbuf_put_string(b, keyblob, keylen)) != 0 ||
1950 (r = sshbuf_put_cstring(b, chost)) != 0 || 2112 (r = sshbuf_put_cstring(b, chost)) != 0 ||
1951 (r = sshbuf_put_cstring(b, authctxt->local_user)) != 0) { 2113 (r = sshbuf_put_cstring(b, authctxt->local_user)) != 0) {
@@ -1956,12 +2118,8 @@ userauth_hostbased(Authctxt *authctxt)
1956#ifdef DEBUG_PK 2118#ifdef DEBUG_PK
1957 sshbuf_dump(b, stderr); 2119 sshbuf_dump(b, stderr);
1958#endif 2120#endif
1959 if (authctxt->sensitive->external_keysign) 2121 r = ssh_keysign(private, &sig, &siglen,
1960 r = ssh_keysign(private, &sig, &siglen, 2122 sshbuf_ptr(b), sshbuf_len(b));
1961 sshbuf_ptr(b), sshbuf_len(b));
1962 else if ((r = sshkey_sign(private, &sig, &siglen,
1963 sshbuf_ptr(b), sshbuf_len(b), NULL, datafellows)) != 0)
1964 debug("%s: sshkey_sign: %s", __func__, ssh_err(r));
1965 if (r != 0) { 2123 if (r != 0) {
1966 error("sign using hostkey %s %s failed", 2124 error("sign using hostkey %s %s failed",
1967 sshkey_ssh_name(private), fp); 2125 sshkey_ssh_name(private), fp);
@@ -1971,7 +2129,7 @@ userauth_hostbased(Authctxt *authctxt)
1971 (r = sshpkt_put_cstring(ssh, authctxt->server_user)) != 0 || 2129 (r = sshpkt_put_cstring(ssh, authctxt->server_user)) != 0 ||
1972 (r = sshpkt_put_cstring(ssh, authctxt->service)) != 0 || 2130 (r = sshpkt_put_cstring(ssh, authctxt->service)) != 0 ||
1973 (r = sshpkt_put_cstring(ssh, authctxt->method->name)) != 0 || 2131 (r = sshpkt_put_cstring(ssh, authctxt->method->name)) != 0 ||
1974 (r = sshpkt_put_cstring(ssh, key_ssh_name(private))) != 0 || 2132 (r = sshpkt_put_cstring(ssh, sshkey_ssh_name(private))) != 0 ||
1975 (r = sshpkt_put_string(ssh, keyblob, keylen)) != 0 || 2133 (r = sshpkt_put_string(ssh, keyblob, keylen)) != 0 ||
1976 (r = sshpkt_put_cstring(ssh, chost)) != 0 || 2134 (r = sshpkt_put_cstring(ssh, chost)) != 0 ||
1977 (r = sshpkt_put_cstring(ssh, authctxt->local_user)) != 0 || 2135 (r = sshpkt_put_cstring(ssh, authctxt->local_user)) != 0 ||
@@ -1983,10 +2141,8 @@ userauth_hostbased(Authctxt *authctxt)
1983 success = 1; 2141 success = 1;
1984 2142
1985 out: 2143 out:
1986 if (sig != NULL) { 2144 if (sig != NULL)
1987 explicit_bzero(sig, siglen); 2145 freezero(sig, siglen);
1988 free(sig);
1989 }
1990 free(keyblob); 2146 free(keyblob);
1991 free(lname); 2147 free(lname);
1992 free(fp); 2148 free(fp);
@@ -2083,20 +2239,22 @@ static char *
2083authmethods_get(void) 2239authmethods_get(void)
2084{ 2240{
2085 Authmethod *method = NULL; 2241 Authmethod *method = NULL;
2086 Buffer b; 2242 struct sshbuf *b;
2087 char *list; 2243 char *list;
2244 int r;
2088 2245
2089 buffer_init(&b); 2246 if ((b = sshbuf_new()) == NULL)
2247 fatal("%s: sshbuf_new failed", __func__);
2090 for (method = authmethods; method->name != NULL; method++) { 2248 for (method = authmethods; method->name != NULL; method++) {
2091 if (authmethod_is_enabled(method)) { 2249 if (authmethod_is_enabled(method)) {
2092 if (buffer_len(&b) > 0) 2250 if ((r = sshbuf_putf(b, "%s%s",
2093 buffer_append(&b, ",", 1); 2251 sshbuf_len(b) ? "," : "", method->name)) != 0)
2094 buffer_append(&b, method->name, strlen(method->name)); 2252 fatal("%s: buffer error: %s",
2253 __func__, ssh_err(r));
2095 } 2254 }
2096 } 2255 }
2097 if ((list = sshbuf_dup_string(&b)) == NULL) 2256 if ((list = sshbuf_dup_string(b)) == NULL)
2098 fatal("%s: sshbuf_dup_string failed", __func__); 2257 fatal("%s: sshbuf_dup_string failed", __func__);
2099 buffer_free(&b); 2258 sshbuf_free(b);
2100 return list; 2259 return list;
2101} 2260}
2102
diff --git a/sshd.0 b/sshd.0
index 999d160bf..ac7e70707 100644
--- a/sshd.0
+++ b/sshd.0
@@ -145,7 +145,7 @@ AUTHENTICATION
145 Regardless of the authentication type, the account is checked to ensure 145 Regardless of the authentication type, the account is checked to ensure
146 that it is accessible. An account is not accessible if it is locked, 146 that it is accessible. An account is not accessible if it is locked,
147 listed in DenyUsers or its group is listed in DenyGroups . The 147 listed in DenyUsers or its group is listed in DenyGroups . The
148 definition of a locked account is system dependant. Some platforms have 148 definition of a locked account is system dependent. Some platforms have
149 their own account database (eg AIX) and some modify the passwd field ( 149 their own account database (eg AIX) and some modify the passwd field (
150 M-bM-^@M-^X*LK*M-bM-^@M-^Y on Solaris and UnixWare, M-bM-^@M-^X*M-bM-^@M-^Y on HP-UX, containing M-bM-^@M-^XNologinM-bM-^@M-^Y on 150 M-bM-^@M-^X*LK*M-bM-^@M-^Y on Solaris and UnixWare, M-bM-^@M-^X*M-bM-^@M-^Y on HP-UX, containing M-bM-^@M-^XNologinM-bM-^@M-^Y on
151 Tru64, a leading M-bM-^@M-^X*LOCKED*M-bM-^@M-^Y on FreeBSD and a leading M-bM-^@M-^X!M-bM-^@M-^Y on most 151 Tru64, a leading M-bM-^@M-^X*LOCKED*M-bM-^@M-^Y on FreeBSD and a leading M-bM-^@M-^X!M-bM-^@M-^Y on most
@@ -341,14 +341,28 @@ AUTHORIZED_KEYS FILE FORMAT
341 Forbids X11 forwarding when this key is used for authentication. 341 Forbids X11 forwarding when this key is used for authentication.
342 Any X11 forward requests by the client will return an error. 342 Any X11 forward requests by the client will return an error.
343 343
344 permitlisten="[host:]port"
345 Limit remote port forwarding with the ssh(1) -R option such that
346 it may only listen on the specified host (optional) and port.
347 IPv6 addresses can be specified by enclosing the address in
348 square brackets. Multiple permitlisten options may be applied
349 separated by commas. Hostnames may include wildcards as
350 described in the PATTERNS section in ssh_config(5). A port
351 specification of * matches any port. Note that the setting of
352 GatewayPorts may further restrict listen addresses. Note that
353 ssh(1) will send a hostname of M-bM-^@M-^\localhostM-bM-^@M-^] if a listen host was
354 not specified when the forwarding was requested, and that this
355 name is treated differently to the explicit localhost addresses
356 M-bM-^@M-^\127.0.0.1M-bM-^@M-^] and M-bM-^@M-^\::1M-bM-^@M-^].
357
344 permitopen="host:port" 358 permitopen="host:port"
345 Limit local port forwarding with ssh(1) -L such that it may only 359 Limit local port forwarding with the ssh(1) -L option such that
346 connect to the specified host and port. IPv6 addresses can be 360 it may only connect to the specified host and port. IPv6
347 specified by enclosing the address in square brackets. Multiple 361 addresses can be specified by enclosing the address in square
348 permitopen options may be applied separated by commas. No 362 brackets. Multiple permitopen options may be applied separated
349 pattern matching is performed on the specified hostnames, they 363 by commas. No pattern matching is performed on the specified
350 must be literal domains or addresses. A port specification of * 364 hostnames, they must be literal domains or addresses. A port
351 matches any port. 365 specification of * matches any port.
352 366
353 port-forwarding 367 port-forwarding
354 Enable port forwarding previously disabled by the restrict 368 Enable port forwarding previously disabled by the restrict
@@ -390,9 +404,11 @@ AUTHORIZED_KEYS FILE FORMAT
390 ssh-rsa AAAAB3Nza...LiPk== user@example.net 404 ssh-rsa AAAAB3Nza...LiPk== user@example.net
391 from="*.sales.example.net,!pc.sales.example.net" ssh-rsa 405 from="*.sales.example.net,!pc.sales.example.net" ssh-rsa
392 AAAAB2...19Q== john@example.net 406 AAAAB2...19Q== john@example.net
393 command="dump /home",no-pty,no-port-forwarding ssh-dss 407 command="dump /home",no-pty,no-port-forwarding ssh-rsa
394 AAAAC3...51R== example.net 408 AAAAC3...51R== example.net
395 permitopen="192.0.2.1:80",permitopen="192.0.2.2:25" ssh-dss 409 permitopen="192.0.2.1:80",permitopen="192.0.2.2:25" ssh-rsa
410 AAAAB5...21S==
411 permitlisten="localhost:8080",permitopen="localhost:22000" ssh-rsa
396 AAAAB5...21S== 412 AAAAB5...21S==
397 tunnel="0",command="sh /etc/netstart tun0" ssh-rsa AAAA...== 413 tunnel="0",command="sh /etc/netstart tun0" ssh-rsa AAAA...==
398 jane@example.net 414 jane@example.net
@@ -634,4 +650,4 @@ AUTHORS
634 versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support 650 versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support
635 for privilege separation. 651 for privilege separation.
636 652
637OpenBSD 6.2 March 14, 2018 OpenBSD 6.2 653OpenBSD 6.4 July 22, 2018 OpenBSD 6.4
diff --git a/sshd.8 b/sshd.8
index 378aeb9f5..4abc01d66 100644
--- a/sshd.8
+++ b/sshd.8
@@ -33,8 +33,8 @@
33.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 33.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
34.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 34.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
35.\" 35.\"
36.\" $OpenBSD: sshd.8,v 1.299 2018/03/14 06:56:20 jmc Exp $ 36.\" $OpenBSD: sshd.8,v 1.304 2018/07/22 12:16:59 dtucker Exp $
37.Dd $Mdocdate: March 14 2018 $ 37.Dd $Mdocdate: July 22 2018 $
38.Dt SSHD 8 38.Dt SSHD 8
39.Os 39.Os
40.Sh NAME 40.Sh NAME
@@ -277,7 +277,7 @@ locked, listed in
277.Cm DenyUsers 277.Cm DenyUsers
278or its group is listed in 278or its group is listed in
279.Cm DenyGroups 279.Cm DenyGroups
280\&. The definition of a locked account is system dependant. Some platforms 280\&. The definition of a locked account is system dependent. Some platforms
281have their own account database (eg AIX) and some modify the passwd field ( 281have their own account database (eg AIX) and some modify the passwd field (
282.Ql \&*LK\&* 282.Ql \&*LK\&*
283on Solaris and UnixWare, 283on Solaris and UnixWare,
@@ -554,11 +554,37 @@ Disables execution of
554.It Cm no-X11-forwarding 554.It Cm no-X11-forwarding
555Forbids X11 forwarding when this key is used for authentication. 555Forbids X11 forwarding when this key is used for authentication.
556Any X11 forward requests by the client will return an error. 556Any X11 forward requests by the client will return an error.
557.It Cm permitlisten="[host:]port"
558Limit remote port forwarding with the
559.Xr ssh 1
560.Fl R
561option such that it may only listen on the specified host (optional) and port.
562IPv6 addresses can be specified by enclosing the address in square brackets.
563Multiple
564.Cm permitlisten
565options may be applied separated by commas.
566Hostnames may include wildcards as described in the PATTERNS section in
567.Xr ssh_config 5 .
568A port specification of
569.Cm *
570matches any port.
571Note that the setting of
572.Cm GatewayPorts
573may further restrict listen addresses.
574Note that
575.Xr ssh 1
576will send a hostname of
577.Dq localhost
578if a listen host was not specified when the forwarding was requested, and
579that this name is treated differently to the explicit localhost addresses
580.Dq 127.0.0.1
581and
582.Dq ::1 .
557.It Cm permitopen="host:port" 583.It Cm permitopen="host:port"
558Limit local port forwarding with 584Limit local port forwarding with the
559.Xr ssh 1 585.Xr ssh 1
560.Fl L 586.Fl L
561such that it may only connect to the specified host and port. 587option such that it may only connect to the specified host and port.
562IPv6 addresses can be specified by enclosing the address in square brackets. 588IPv6 addresses can be specified by enclosing the address in square brackets.
563Multiple 589Multiple
564.Cm permitopen 590.Cm permitopen
@@ -618,9 +644,11 @@ An example authorized_keys file:
618ssh-rsa AAAAB3Nza...LiPk== user@example.net 644ssh-rsa AAAAB3Nza...LiPk== user@example.net
619from="*.sales.example.net,!pc.sales.example.net" ssh-rsa 645from="*.sales.example.net,!pc.sales.example.net" ssh-rsa
620AAAAB2...19Q== john@example.net 646AAAAB2...19Q== john@example.net
621command="dump /home",no-pty,no-port-forwarding ssh-dss 647command="dump /home",no-pty,no-port-forwarding ssh-rsa
622AAAAC3...51R== example.net 648AAAAC3...51R== example.net
623permitopen="192.0.2.1:80",permitopen="192.0.2.2:25" ssh-dss 649permitopen="192.0.2.1:80",permitopen="192.0.2.2:25" ssh-rsa
650AAAAB5...21S==
651permitlisten="localhost:8080",permitopen="localhost:22000" ssh-rsa
624AAAAB5...21S== 652AAAAB5...21S==
625tunnel="0",command="sh /etc/netstart tun0" ssh-rsa AAAA...== 653tunnel="0",command="sh /etc/netstart tun0" ssh-rsa AAAA...==
626jane@example.net 654jane@example.net
diff --git a/sshd.c b/sshd.c
index 3a86e66e7..7ff109175 100644
--- a/sshd.c
+++ b/sshd.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: sshd.c,v 1.506 2018/03/03 03:15:51 djm Exp $ */ 1/* $OpenBSD: sshd.c,v 1.514 2018/08/13 02:41:05 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -95,7 +95,7 @@
95#include "sshpty.h" 95#include "sshpty.h"
96#include "packet.h" 96#include "packet.h"
97#include "log.h" 97#include "log.h"
98#include "buffer.h" 98#include "sshbuf.h"
99#include "misc.h" 99#include "misc.h"
100#include "match.h" 100#include "match.h"
101#include "servconf.h" 101#include "servconf.h"
@@ -103,7 +103,7 @@
103#include "compat.h" 103#include "compat.h"
104#include "cipher.h" 104#include "cipher.h"
105#include "digest.h" 105#include "digest.h"
106#include "key.h" 106#include "sshkey.h"
107#include "kex.h" 107#include "kex.h"
108#include "myproposal.h" 108#include "myproposal.h"
109#include "authfile.h" 109#include "authfile.h"
@@ -252,10 +252,10 @@ Authctxt *the_authctxt = NULL;
252struct sshauthopt *auth_opts = NULL; 252struct sshauthopt *auth_opts = NULL;
253 253
254/* sshd_config buffer */ 254/* sshd_config buffer */
255Buffer cfg; 255struct sshbuf *cfg;
256 256
257/* message to be displayed after login */ 257/* message to be displayed after login */
258Buffer loginmsg; 258struct sshbuf *loginmsg;
259 259
260/* Unprivileged user */ 260/* Unprivileged user */
261struct passwd *privsep_pw = NULL; 261struct passwd *privsep_pw = NULL;
@@ -489,11 +489,11 @@ destroy_sensitive_data(void)
489 489
490 for (i = 0; i < options.num_host_key_files; i++) { 490 for (i = 0; i < options.num_host_key_files; i++) {
491 if (sensitive_data.host_keys[i]) { 491 if (sensitive_data.host_keys[i]) {
492 key_free(sensitive_data.host_keys[i]); 492 sshkey_free(sensitive_data.host_keys[i]);
493 sensitive_data.host_keys[i] = NULL; 493 sensitive_data.host_keys[i] = NULL;
494 } 494 }
495 if (sensitive_data.host_certificates[i]) { 495 if (sensitive_data.host_certificates[i]) {
496 key_free(sensitive_data.host_certificates[i]); 496 sshkey_free(sensitive_data.host_certificates[i]);
497 sensitive_data.host_certificates[i] = NULL; 497 sensitive_data.host_certificates[i] = NULL;
498 } 498 }
499 } 499 }
@@ -505,11 +505,16 @@ demote_sensitive_data(void)
505{ 505{
506 struct sshkey *tmp; 506 struct sshkey *tmp;
507 u_int i; 507 u_int i;
508 int r;
508 509
509 for (i = 0; i < options.num_host_key_files; i++) { 510 for (i = 0; i < options.num_host_key_files; i++) {
510 if (sensitive_data.host_keys[i]) { 511 if (sensitive_data.host_keys[i]) {
511 tmp = key_demote(sensitive_data.host_keys[i]); 512 if ((r = sshkey_demote(sensitive_data.host_keys[i],
512 key_free(sensitive_data.host_keys[i]); 513 &tmp)) != 0)
514 fatal("could not demote host %s key: %s",
515 sshkey_type(sensitive_data.host_keys[i]),
516 ssh_err(r));
517 sshkey_free(sensitive_data.host_keys[i]);
513 sensitive_data.host_keys[i] = tmp; 518 sensitive_data.host_keys[i] = tmp;
514 } 519 }
515 /* Certs do not need demotion */ 520 /* Certs do not need demotion */
@@ -665,7 +670,7 @@ privsep_postauth(Authctxt *authctxt)
665 fatal("fork of unprivileged child failed"); 670 fatal("fork of unprivileged child failed");
666 else if (pmonitor->m_pid != 0) { 671 else if (pmonitor->m_pid != 0) {
667 verbose("User child is on pid %ld", (long)pmonitor->m_pid); 672 verbose("User child is on pid %ld", (long)pmonitor->m_pid);
668 buffer_clear(&loginmsg); 673 sshbuf_reset(loginmsg);
669 monitor_clear_keystate(pmonitor); 674 monitor_clear_keystate(pmonitor);
670 monitor_child_postauth(pmonitor); 675 monitor_child_postauth(pmonitor);
671 676
@@ -697,45 +702,47 @@ privsep_postauth(Authctxt *authctxt)
697 packet_set_authenticated(); 702 packet_set_authenticated();
698} 703}
699 704
705static void
706append_hostkey_type(struct sshbuf *b, const char *s)
707{
708 int r;
709
710 if (match_pattern_list(s, options.hostkeyalgorithms, 0) != 1) {
711 debug3("%s: %s key not permitted by HostkeyAlgorithms",
712 __func__, s);
713 return;
714 }
715 if ((r = sshbuf_putf(b, "%s%s", sshbuf_len(b) > 0 ? "," : "", s)) != 0)
716 fatal("%s: sshbuf_putf: %s", __func__, ssh_err(r));
717}
718
700static char * 719static char *
701list_hostkey_types(void) 720list_hostkey_types(void)
702{ 721{
703 Buffer b; 722 struct sshbuf *b;
704 const char *p; 723 struct sshkey *key;
705 char *ret; 724 char *ret;
706 u_int i; 725 u_int i;
707 struct sshkey *key;
708 726
709 buffer_init(&b); 727 if ((b = sshbuf_new()) == NULL)
728 fatal("%s: sshbuf_new failed", __func__);
710 for (i = 0; i < options.num_host_key_files; i++) { 729 for (i = 0; i < options.num_host_key_files; i++) {
711 key = sensitive_data.host_keys[i]; 730 key = sensitive_data.host_keys[i];
712 if (key == NULL) 731 if (key == NULL)
713 key = sensitive_data.host_pubkeys[i]; 732 key = sensitive_data.host_pubkeys[i];
714 if (key == NULL) 733 if (key == NULL)
715 continue; 734 continue;
716 /* Check that the key is accepted in HostkeyAlgorithms */
717 if (match_pattern_list(sshkey_ssh_name(key),
718 options.hostkeyalgorithms, 0) != 1) {
719 debug3("%s: %s key not permitted by HostkeyAlgorithms",
720 __func__, sshkey_ssh_name(key));
721 continue;
722 }
723 switch (key->type) { 735 switch (key->type) {
724 case KEY_RSA: 736 case KEY_RSA:
737 /* for RSA we also support SHA2 signatures */
738 append_hostkey_type(b, "rsa-sha2-512");
739 append_hostkey_type(b, "rsa-sha2-256");
740 /* FALLTHROUGH */
725 case KEY_DSA: 741 case KEY_DSA:
726 case KEY_ECDSA: 742 case KEY_ECDSA:
727 case KEY_ED25519: 743 case KEY_ED25519:
728 case KEY_XMSS: 744 case KEY_XMSS:
729 if (buffer_len(&b) > 0) 745 append_hostkey_type(b, sshkey_ssh_name(key));
730 buffer_append(&b, ",", 1);
731 p = key_ssh_name(key);
732 buffer_append(&b, p, strlen(p));
733
734 /* for RSA we also support SHA2 signatures */
735 if (key->type == KEY_RSA) {
736 p = ",rsa-sha2-512,rsa-sha2-256";
737 buffer_append(&b, p, strlen(p));
738 }
739 break; 746 break;
740 } 747 }
741 /* If the private key has a cert peer, then list that too */ 748 /* If the private key has a cert peer, then list that too */
@@ -744,21 +751,24 @@ list_hostkey_types(void)
744 continue; 751 continue;
745 switch (key->type) { 752 switch (key->type) {
746 case KEY_RSA_CERT: 753 case KEY_RSA_CERT:
754 /* for RSA we also support SHA2 signatures */
755 append_hostkey_type(b,
756 "rsa-sha2-512-cert-v01@openssh.com");
757 append_hostkey_type(b,
758 "rsa-sha2-256-cert-v01@openssh.com");
759 /* FALLTHROUGH */
747 case KEY_DSA_CERT: 760 case KEY_DSA_CERT:
748 case KEY_ECDSA_CERT: 761 case KEY_ECDSA_CERT:
749 case KEY_ED25519_CERT: 762 case KEY_ED25519_CERT:
750 case KEY_XMSS_CERT: 763 case KEY_XMSS_CERT:
751 if (buffer_len(&b) > 0) 764 append_hostkey_type(b, sshkey_ssh_name(key));
752 buffer_append(&b, ",", 1);
753 p = key_ssh_name(key);
754 buffer_append(&b, p, strlen(p));
755 break; 765 break;
756 } 766 }
757 } 767 }
758 if ((ret = sshbuf_dup_string(&b)) == NULL) 768 if ((ret = sshbuf_dup_string(b)) == NULL)
759 fatal("%s: sshbuf_dup_string failed", __func__); 769 fatal("%s: sshbuf_dup_string failed", __func__);
760 buffer_free(&b); 770 sshbuf_free(b);
761 debug("list_hostkey_types: %s", ret); 771 debug("%s: %s", __func__, ret);
762 return ret; 772 return ret;
763} 773}
764 774
@@ -825,7 +835,7 @@ get_hostkey_index(struct sshkey *key, int compare, struct ssh *ssh)
825 u_int i; 835 u_int i;
826 836
827 for (i = 0; i < options.num_host_key_files; i++) { 837 for (i = 0; i < options.num_host_key_files; i++) {
828 if (key_is_cert(key)) { 838 if (sshkey_is_cert(key)) {
829 if (key == sensitive_data.host_certificates[i] || 839 if (key == sensitive_data.host_certificates[i] ||
830 (compare && sensitive_data.host_certificates[i] && 840 (compare && sensitive_data.host_certificates[i] &&
831 sshkey_equal(key, 841 sshkey_equal(key,
@@ -969,31 +979,33 @@ send_rexec_state(int fd, struct sshbuf *conf)
969} 979}
970 980
971static void 981static void
972recv_rexec_state(int fd, Buffer *conf) 982recv_rexec_state(int fd, struct sshbuf *conf)
973{ 983{
974 Buffer m; 984 struct sshbuf *m;
975 char *cp; 985 u_char *cp, ver;
976 u_int len; 986 size_t len;
987 int r;
977 988
978 debug3("%s: entering fd = %d", __func__, fd); 989 debug3("%s: entering fd = %d", __func__, fd);
979 990
980 buffer_init(&m); 991 if ((m = sshbuf_new()) == NULL)
981 992 fatal("%s: sshbuf_new failed", __func__);
982 if (ssh_msg_recv(fd, &m) == -1) 993 if (ssh_msg_recv(fd, m) == -1)
983 fatal("%s: ssh_msg_recv failed", __func__); 994 fatal("%s: ssh_msg_recv failed", __func__);
984 if (buffer_get_char(&m) != 0) 995 if ((r = sshbuf_get_u8(m, &ver)) != 0)
996 fatal("%s: buffer error: %s", __func__, ssh_err(r));
997 if (ver != 0)
985 fatal("%s: rexec version mismatch", __func__); 998 fatal("%s: rexec version mismatch", __func__);
986 999 if ((r = sshbuf_get_string(m, &cp, &len)) != 0)
987 cp = buffer_get_string(&m, &len); 1000 fatal("%s: buffer error: %s", __func__, ssh_err(r));
988 if (conf != NULL) 1001 if (conf != NULL && (r = sshbuf_put(conf, cp, len)))
989 buffer_append(conf, cp, len); 1002 fatal("%s: buffer error: %s", __func__, ssh_err(r));
990 free(cp);
991
992#if defined(WITH_OPENSSL) && !defined(OPENSSL_PRNG_ONLY) 1003#if defined(WITH_OPENSSL) && !defined(OPENSSL_PRNG_ONLY)
993 rexec_recv_rng_seed(&m); 1004 rexec_recv_rng_seed(m);
994#endif 1005#endif
995 1006
996 buffer_free(&m); 1007 free(cp);
1008 sshbuf_free(m);
997 1009
998 debug3("%s: done", __func__); 1010 debug3("%s: done", __func__);
999} 1011}
@@ -1274,8 +1286,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s)
1274 startup_pipe = -1; 1286 startup_pipe = -1;
1275 pid = getpid(); 1287 pid = getpid();
1276 if (rexec_flag) { 1288 if (rexec_flag) {
1277 send_rexec_state(config_s[0], 1289 send_rexec_state(config_s[0], cfg);
1278 &cfg);
1279 close(config_s[0]); 1290 close(config_s[0]);
1280 } 1291 }
1281 break; 1292 break;
@@ -1321,7 +1332,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s)
1321 close(startup_p[1]); 1332 close(startup_p[1]);
1322 1333
1323 if (rexec_flag) { 1334 if (rexec_flag) {
1324 send_rexec_state(config_s[0], &cfg); 1335 send_rexec_state(config_s[0], cfg);
1325 close(config_s[0]); 1336 close(config_s[0]);
1326 close(config_s[1]); 1337 close(config_s[1]);
1327 } 1338 }
@@ -1352,7 +1363,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s)
1352 * return an error if any are found). Basically we are worried about 1363 * return an error if any are found). Basically we are worried about
1353 * source routing; it can be used to pretend you are somebody 1364 * source routing; it can be used to pretend you are somebody
1354 * (ip-address) you are not. That itself may be "almost acceptable" 1365 * (ip-address) you are not. That itself may be "almost acceptable"
1355 * under certain circumstances, but rhosts autentication is useless 1366 * under certain circumstances, but rhosts authentication is useless
1356 * if source routing is accepted. Notice also that if we just dropped 1367 * if source routing is accepted. Notice also that if we just dropped
1357 * source routing here, the other side could use IP spoofing to do 1368 * source routing here, the other side could use IP spoofing to do
1358 * rest of the interaction and could still bypass security. So we 1369 * rest of the interaction and could still bypass security. So we
@@ -1429,6 +1440,43 @@ set_process_rdomain(struct ssh *ssh, const char *name)
1429#endif 1440#endif
1430} 1441}
1431 1442
1443static void
1444accumulate_host_timing_secret(struct sshbuf *server_cfg,
1445 const struct sshkey *key)
1446{
1447 static struct ssh_digest_ctx *ctx;
1448 u_char *hash;
1449 size_t len;
1450 struct sshbuf *buf;
1451 int r;
1452
1453 if (ctx == NULL && (ctx = ssh_digest_start(SSH_DIGEST_SHA512)) == NULL)
1454 fatal("%s: ssh_digest_start", __func__);
1455 if (key == NULL) { /* finalize */
1456 /* add server config in case we are using agent for host keys */
1457 if (ssh_digest_update(ctx, sshbuf_ptr(server_cfg),
1458 sshbuf_len(server_cfg)) != 0)
1459 fatal("%s: ssh_digest_update", __func__);
1460 len = ssh_digest_bytes(SSH_DIGEST_SHA512);
1461 hash = xmalloc(len);
1462 if (ssh_digest_final(ctx, hash, len) != 0)
1463 fatal("%s: ssh_digest_final", __func__);
1464 options.timing_secret = PEEK_U64(hash);
1465 freezero(hash, len);
1466 ssh_digest_free(ctx);
1467 ctx = NULL;
1468 return;
1469 }
1470 if ((buf = sshbuf_new()) == NULL)
1471 fatal("%s could not allocate buffer", __func__);
1472 if ((r = sshkey_private_serialize(key, buf)) != 0)
1473 fatal("sshkey_private_serialize: %s", ssh_err(r));
1474 if (ssh_digest_update(ctx, sshbuf_ptr(buf), sshbuf_len(buf)) != 0)
1475 fatal("%s: ssh_digest_update", __func__);
1476 sshbuf_reset(buf);
1477 sshbuf_free(buf);
1478}
1479
1432/* 1480/*
1433 * Main program for the daemon. 1481 * Main program for the daemon.
1434 */ 1482 */
@@ -1636,14 +1684,15 @@ main(int ac, char **av)
1636 "test mode (-T)"); 1684 "test mode (-T)");
1637 1685
1638 /* Fetch our configuration */ 1686 /* Fetch our configuration */
1639 buffer_init(&cfg); 1687 if ((cfg = sshbuf_new()) == NULL)
1688 fatal("%s: sshbuf_new failed", __func__);
1640 if (rexeced_flag) 1689 if (rexeced_flag)
1641 recv_rexec_state(REEXEC_CONFIG_PASS_FD, &cfg); 1690 recv_rexec_state(REEXEC_CONFIG_PASS_FD, cfg);
1642 else if (strcasecmp(config_file_name, "none") != 0) 1691 else if (strcasecmp(config_file_name, "none") != 0)
1643 load_server_config(config_file_name, &cfg); 1692 load_server_config(config_file_name, cfg);
1644 1693
1645 parse_server_config(&options, rexeced_flag ? "rexec" : config_file_name, 1694 parse_server_config(&options, rexeced_flag ? "rexec" : config_file_name,
1646 &cfg, NULL); 1695 cfg, NULL);
1647 1696
1648 seed_rng(); 1697 seed_rng();
1649 1698
@@ -1730,11 +1779,18 @@ main(int ac, char **av)
1730 for (i = 0; i < options.num_host_key_files; i++) { 1779 for (i = 0; i < options.num_host_key_files; i++) {
1731 if (options.host_key_files[i] == NULL) 1780 if (options.host_key_files[i] == NULL)
1732 continue; 1781 continue;
1733 key = key_load_private(options.host_key_files[i], "", NULL); 1782 if ((r = sshkey_load_private(options.host_key_files[i], "",
1734 pubkey = key_load_public(options.host_key_files[i], NULL); 1783 &key, NULL)) != 0 && r != SSH_ERR_SYSTEM_ERROR)
1735 1784 error("Error loading host key \"%s\": %s",
1785 options.host_key_files[i], ssh_err(r));
1786 if ((r = sshkey_load_public(options.host_key_files[i],
1787 &pubkey, NULL)) != 0 && r != SSH_ERR_SYSTEM_ERROR)
1788 error("Error loading host key \"%s\": %s",
1789 options.host_key_files[i], ssh_err(r));
1736 if (pubkey == NULL && key != NULL) 1790 if (pubkey == NULL && key != NULL)
1737 pubkey = key_demote(key); 1791 if ((r = sshkey_demote(key, &pubkey)) != 0)
1792 fatal("Could not demote key: \"%s\": %s",
1793 options.host_key_files[i], ssh_err(r));
1738 sensitive_data.host_keys[i] = key; 1794 sensitive_data.host_keys[i] = key;
1739 sensitive_data.host_pubkeys[i] = pubkey; 1795 sensitive_data.host_pubkeys[i] = pubkey;
1740 1796
@@ -1744,6 +1800,7 @@ main(int ac, char **av)
1744 keytype = pubkey->type; 1800 keytype = pubkey->type;
1745 } else if (key != NULL) { 1801 } else if (key != NULL) {
1746 keytype = key->type; 1802 keytype = key->type;
1803 accumulate_host_timing_secret(cfg, key);
1747 } else { 1804 } else {
1748 error("Could not load host key: %s", 1805 error("Could not load host key: %s",
1749 options.host_key_files[i]); 1806 options.host_key_files[i]);
@@ -1769,6 +1826,7 @@ main(int ac, char **av)
1769 key ? "private" : "agent", i, sshkey_ssh_name(pubkey), fp); 1826 key ? "private" : "agent", i, sshkey_ssh_name(pubkey), fp);
1770 free(fp); 1827 free(fp);
1771 } 1828 }
1829 accumulate_host_timing_secret(cfg, NULL);
1772#ifndef GSSAPI 1830#ifndef GSSAPI
1773 /* The GSSAPI key exchange can run without a host key */ 1831 /* The GSSAPI key exchange can run without a host key */
1774 if (!sensitive_data.have_ssh2_key) { 1832 if (!sensitive_data.have_ssh2_key) {
@@ -1789,21 +1847,21 @@ main(int ac, char **av)
1789 for (i = 0; i < options.num_host_cert_files; i++) { 1847 for (i = 0; i < options.num_host_cert_files; i++) {
1790 if (options.host_cert_files[i] == NULL) 1848 if (options.host_cert_files[i] == NULL)
1791 continue; 1849 continue;
1792 key = key_load_public(options.host_cert_files[i], NULL); 1850 if ((r = sshkey_load_public(options.host_cert_files[i],
1793 if (key == NULL) { 1851 &key, NULL)) != 0) {
1794 error("Could not load host certificate: %s", 1852 error("Could not load host certificate \"%s\": %s",
1795 options.host_cert_files[i]); 1853 options.host_cert_files[i], ssh_err(r));
1796 continue; 1854 continue;
1797 } 1855 }
1798 if (!key_is_cert(key)) { 1856 if (!sshkey_is_cert(key)) {
1799 error("Certificate file is not a certificate: %s", 1857 error("Certificate file is not a certificate: %s",
1800 options.host_cert_files[i]); 1858 options.host_cert_files[i]);
1801 key_free(key); 1859 sshkey_free(key);
1802 continue; 1860 continue;
1803 } 1861 }
1804 /* Find matching private key */ 1862 /* Find matching private key */
1805 for (j = 0; j < options.num_host_key_files; j++) { 1863 for (j = 0; j < options.num_host_key_files; j++) {
1806 if (key_equal_public(key, 1864 if (sshkey_equal_public(key,
1807 sensitive_data.host_keys[j])) { 1865 sensitive_data.host_keys[j])) {
1808 sensitive_data.host_certificates[j] = key; 1866 sensitive_data.host_certificates[j] = key;
1809 break; 1867 break;
@@ -1812,12 +1870,12 @@ main(int ac, char **av)
1812 if (j >= options.num_host_key_files) { 1870 if (j >= options.num_host_key_files) {
1813 error("No matching private key for certificate: %s", 1871 error("No matching private key for certificate: %s",
1814 options.host_cert_files[i]); 1872 options.host_cert_files[i]);
1815 key_free(key); 1873 sshkey_free(key);
1816 continue; 1874 continue;
1817 } 1875 }
1818 sensitive_data.host_certificates[j] = key; 1876 sensitive_data.host_certificates[j] = key;
1819 debug("host certificate: #%u type %d %s", j, key->type, 1877 debug("host certificate: #%u type %d %s", j, key->type,
1820 key_type(key)); 1878 sshkey_type(key));
1821 } 1879 }
1822 1880
1823 if (privsep_chroot) { 1881 if (privsep_chroot) {
@@ -2161,7 +2219,7 @@ main(int ac, char **av)
2161 /* allocate authentication context */ 2219 /* allocate authentication context */
2162 authctxt = xcalloc(1, sizeof(*authctxt)); 2220 authctxt = xcalloc(1, sizeof(*authctxt));
2163 2221
2164 authctxt->loginmsg = &loginmsg; 2222 authctxt->loginmsg = loginmsg;
2165 2223
2166 /* XXX global for cleanup, access from other modules */ 2224 /* XXX global for cleanup, access from other modules */
2167 the_authctxt = authctxt; 2225 the_authctxt = authctxt;
@@ -2171,7 +2229,8 @@ main(int ac, char **av)
2171 fatal("allocation failed"); 2229 fatal("allocation failed");
2172 2230
2173 /* prepare buffer to collect messages to display to user after login */ 2231 /* prepare buffer to collect messages to display to user after login */
2174 buffer_init(&loginmsg); 2232 if ((loginmsg = sshbuf_new()) == NULL)
2233 fatal("%s: sshbuf_new failed", __func__);
2175 auth_debug_reset(); 2234 auth_debug_reset();
2176 2235
2177 if (use_privsep) { 2236 if (use_privsep) {
@@ -2274,26 +2333,21 @@ main(int ac, char **av)
2274 2333
2275int 2334int
2276sshd_hostkey_sign(struct sshkey *privkey, struct sshkey *pubkey, 2335sshd_hostkey_sign(struct sshkey *privkey, struct sshkey *pubkey,
2277 u_char **signature, size_t *slen, const u_char *data, size_t dlen, 2336 u_char **signature, size_t *slenp, const u_char *data, size_t dlen,
2278 const char *alg, u_int flag) 2337 const char *alg, u_int flag)
2279{ 2338{
2280 int r; 2339 int r;
2281 u_int xxx_slen, xxx_dlen = dlen;
2282 2340
2283 if (privkey) { 2341 if (privkey) {
2284 if (PRIVSEP(key_sign(privkey, signature, &xxx_slen, data, xxx_dlen, 2342 if (PRIVSEP(sshkey_sign(privkey, signature, slenp, data, dlen,
2285 alg) < 0)) 2343 alg, datafellows)) < 0)
2286 fatal("%s: key_sign failed", __func__); 2344 fatal("%s: key_sign failed", __func__);
2287 if (slen)
2288 *slen = xxx_slen;
2289 } else if (use_privsep) { 2345 } else if (use_privsep) {
2290 if (mm_key_sign(pubkey, signature, &xxx_slen, data, xxx_dlen, 2346 if (mm_sshkey_sign(pubkey, signature, slenp, data, dlen,
2291 alg) < 0) 2347 alg, datafellows) < 0)
2292 fatal("%s: pubkey_sign failed", __func__); 2348 fatal("%s: pubkey_sign failed", __func__);
2293 if (slen)
2294 *slen = xxx_slen;
2295 } else { 2349 } else {
2296 if ((r = ssh_agent_sign(auth_sock, pubkey, signature, slen, 2350 if ((r = ssh_agent_sign(auth_sock, pubkey, signature, slenp,
2297 data, dlen, alg, datafellows)) != 0) 2351 data, dlen, alg, datafellows)) != 0)
2298 fatal("%s: ssh_agent_sign failed: %s", 2352 fatal("%s: ssh_agent_sign failed: %s",
2299 __func__, ssh_err(r)); 2353 __func__, ssh_err(r));
diff --git a/sshd_config b/sshd_config
index 31e14a4f0..ee9629102 100644
--- a/sshd_config
+++ b/sshd_config
@@ -1,4 +1,4 @@
1# $OpenBSD: sshd_config,v 1.102 2018/02/16 02:32:40 djm Exp $ 1# $OpenBSD: sshd_config,v 1.103 2018/04/09 20:41:22 tj Exp $
2 2
3# This is the sshd server system-wide configuration file. See 3# This is the sshd server system-wide configuration file. See
4# sshd_config(5) for more information. 4# sshd_config(5) for more information.
@@ -93,7 +93,6 @@ X11Forwarding yes
93PrintMotd no 93PrintMotd no
94#PrintLastLog yes 94#PrintLastLog yes
95#TCPKeepAlive yes 95#TCPKeepAlive yes
96#UseLogin no
97#PermitUserEnvironment no 96#PermitUserEnvironment no
98#Compression delayed 97#Compression delayed
99#ClientAliveInterval 0 98#ClientAliveInterval 0
diff --git a/sshd_config.0 b/sshd_config.0
index 95c17fc8d..0498495fe 100644
--- a/sshd_config.0
+++ b/sshd_config.0
@@ -16,17 +16,17 @@ DESCRIPTION
16 16
17 AcceptEnv 17 AcceptEnv
18 Specifies what environment variables sent by the client will be 18 Specifies what environment variables sent by the client will be
19 copied into the session's environ(7). See SendEnv in 19 copied into the session's environ(7). See SendEnv and SetEnv in
20 ssh_config(5) for how to configure the client. The TERM 20 ssh_config(5) for how to configure the client. The TERM
21 environment variable is always sent whenever the client requests 21 environment variable is always accepted whenever the client
22 a pseudo-terminal as it is required by the protocol. Variables 22 requests a pseudo-terminal as it is required by the protocol.
23 are specified by name, which may contain the wildcard characters 23 Variables are specified by name, which may contain the wildcard
24 M-bM-^@M-^X*M-bM-^@M-^Y and M-bM-^@M-^X?M-bM-^@M-^Y. Multiple environment variables may be separated by 24 characters M-bM-^@M-^X*M-bM-^@M-^Y and M-bM-^@M-^X?M-bM-^@M-^Y. Multiple environment variables may be
25 whitespace or spread across multiple AcceptEnv directives. Be 25 separated by whitespace or spread across multiple AcceptEnv
26 warned that some environment variables could be used to bypass 26 directives. Be warned that some environment variables could be
27 restricted user environments. For this reason, care should be 27 used to bypass restricted user environments. For this reason,
28 taken in the use of this directive. The default is not to accept 28 care should be taken in the use of this directive. The default
29 any environment variables. 29 is not to accept any environment variables.
30 30
31 AddressFamily 31 AddressFamily
32 Specifies which address family should be used by sshd(8). Valid 32 Specifies which address family should be used by sshd(8). Valid
@@ -88,7 +88,7 @@ DESCRIPTION
88 AuthenticationMethods 88 AuthenticationMethods
89 Specifies the authentication methods that must be successfully 89 Specifies the authentication methods that must be successfully
90 completed for a user to be granted access. This option must be 90 completed for a user to be granted access. This option must be
91 followed by one or more comma-separated lists of authentication 91 followed by one or more lists of comma-separated authentication
92 method names, or by the single string any to indicate the default 92 method names, or by the single string any to indicate the default
93 behaviour of accepting any single authentication method. If the 93 behaviour of accepting any single authentication method. If the
94 default is overridden, then successful authentication requires 94 default is overridden, then successful authentication requires
@@ -104,8 +104,8 @@ DESCRIPTION
104 104
105 For keyboard interactive authentication it is also possible to 105 For keyboard interactive authentication it is also possible to
106 restrict authentication to a specific device by appending a colon 106 restrict authentication to a specific device by appending a colon
107 followed by the device identifier bsdauth, pam, or skey, 107 followed by the device identifier bsdauth or pam. depending on
108 depending on the server configuration. For example, 108 the server configuration. For example,
109 "keyboard-interactive:bsdauth" would restrict keyboard 109 "keyboard-interactive:bsdauth" would restrict keyboard
110 interactive authentication to the bsdauth device. 110 interactive authentication to the bsdauth device.
111 111
@@ -120,7 +120,7 @@ DESCRIPTION
120 120
121 The available authentication methods are: "gssapi-with-mic", 121 The available authentication methods are: "gssapi-with-mic",
122 "hostbased", "keyboard-interactive", "none" (used for access to 122 "hostbased", "keyboard-interactive", "none" (used for access to
123 password-less accounts when PermitEmptyPassword is enabled), 123 password-less accounts when PermitEmptyPasswords is enabled),
124 "password" and "publickey". 124 "password" and "publickey".
125 125
126 AuthorizedKeysCommand 126 AuthorizedKeysCommand
@@ -382,11 +382,11 @@ DESCRIPTION
382 382
383 HostbasedAcceptedKeyTypes 383 HostbasedAcceptedKeyTypes
384 Specifies the key types that will be accepted for hostbased 384 Specifies the key types that will be accepted for hostbased
385 authentication as a comma-separated pattern list. Alternately if 385 authentication as a list of comma-separated patterns.
386 the specified value begins with a M-bM-^@M-^X+M-bM-^@M-^Y character, then the 386 Alternately if the specified value begins with a M-bM-^@M-^X+M-bM-^@M-^Y character,
387 specified key types will be appended to the default set instead 387 then the specified key types will be appended to the default set
388 of replacing them. If the specified value begins with a M-bM-^@M-^X-M-bM-^@M-^Y 388 instead of replacing them. If the specified value begins with a
389 character, then the specified key types (including wildcards) 389 M-bM-^@M-^X-M-bM-^@M-^Y character, then the specified key types (including wildcards)
390 will be removed from the default set instead of replacing them. 390 will be removed from the default set instead of replacing them.
391 The default for this option is: 391 The default for this option is:
392 392
@@ -394,9 +394,10 @@ DESCRIPTION
394 ecdsa-sha2-nistp384-cert-v01@openssh.com, 394 ecdsa-sha2-nistp384-cert-v01@openssh.com,
395 ecdsa-sha2-nistp521-cert-v01@openssh.com, 395 ecdsa-sha2-nistp521-cert-v01@openssh.com,
396 ssh-ed25519-cert-v01@openssh.com, 396 ssh-ed25519-cert-v01@openssh.com,
397 rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,
397 ssh-rsa-cert-v01@openssh.com, 398 ssh-rsa-cert-v01@openssh.com,
398 ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, 399 ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
399 ssh-ed25519,ssh-rsa 400 ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
400 401
401 The list of available key types may also be obtained using "ssh 402 The list of available key types may also be obtained using "ssh
402 -Q key". 403 -Q key".
@@ -449,9 +450,10 @@ DESCRIPTION
449 ecdsa-sha2-nistp384-cert-v01@openssh.com, 450 ecdsa-sha2-nistp384-cert-v01@openssh.com,
450 ecdsa-sha2-nistp521-cert-v01@openssh.com, 451 ecdsa-sha2-nistp521-cert-v01@openssh.com,
451 ssh-ed25519-cert-v01@openssh.com, 452 ssh-ed25519-cert-v01@openssh.com,
453 rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,
452 ssh-rsa-cert-v01@openssh.com, 454 ssh-rsa-cert-v01@openssh.com,
453 ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, 455 ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
454 ssh-ed25519,ssh-rsa 456 ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
455 457
456 The list of available key types may also be obtained using "ssh 458 The list of available key types may also be obtained using "ssh
457 -Q key". 459 -Q key".
@@ -478,8 +480,9 @@ DESCRIPTION
478 If one argument is specified, it is used as the packet class 480 If one argument is specified, it is used as the packet class
479 unconditionally. If two values are specified, the first is 481 unconditionally. If two values are specified, the first is
480 automatically selected for interactive sessions and the second 482 automatically selected for interactive sessions and the second
481 for non-interactive sessions. The default is lowdelay for 483 for non-interactive sessions. The default is af21 (Low-Latency
482 interactive sessions and throughput for non-interactive sessions. 484 Data) for interactive sessions and cs1 (Lower Effort) for non-
485 interactive sessions.
483 486
484 KbdInteractiveAuthentication 487 KbdInteractiveAuthentication
485 Specifies whether to allow keyboard-interactive authentication. 488 Specifies whether to allow keyboard-interactive authentication.
@@ -651,9 +654,9 @@ DESCRIPTION
651 HostbasedAuthentication, HostbasedUsesNameFromPacketOnly, IPQoS, 654 HostbasedAuthentication, HostbasedUsesNameFromPacketOnly, IPQoS,
652 KbdInteractiveAuthentication, KerberosAuthentication, LogLevel, 655 KbdInteractiveAuthentication, KerberosAuthentication, LogLevel,
653 MaxAuthTries, MaxSessions, PasswordAuthentication, 656 MaxAuthTries, MaxSessions, PasswordAuthentication,
654 PermitEmptyPasswords, PermitOpen, PermitRootLogin, PermitTTY, 657 PermitEmptyPasswords, PermitListen, PermitOpen, PermitRootLogin,
655 PermitTunnel, PermitUserRC, PubkeyAcceptedKeyTypes, 658 PermitTTY, PermitTunnel, PermitUserRC, PubkeyAcceptedKeyTypes,
656 PubkeyAuthentication, RekeyLimit, RevokedKeys, RDomain, 659 PubkeyAuthentication, RekeyLimit, RevokedKeys, RDomain, SetEnv,
657 StreamLocalBindMask, StreamLocalBindUnlink, TrustedUserCAKeys, 660 StreamLocalBindMask, StreamLocalBindUnlink, TrustedUserCAKeys,
658 X11DisplayOffset, X11Forwarding and X11UseLocalHost. 661 X11DisplayOffset, X11Forwarding and X11UseLocalHost.
659 662
@@ -694,6 +697,28 @@ DESCRIPTION
694 server allows login to accounts with empty password strings. The 697 server allows login to accounts with empty password strings. The
695 default is no. 698 default is no.
696 699
700 PermitListen
701 Specifies the addresses/ports on which a remote TCP port
702 forwarding may listen. The listen specification must be one of
703 the following forms:
704
705 PermitListen port
706 PermitListen host:port
707
708 Multiple permissions may be specified by separating them with
709 whitespace. An argument of any can be used to remove all
710 restrictions and permit any listen requests. An argument of none
711 can be used to prohibit all listen requests. The host name may
712 contain wildcards as described in the PATTERNS section in
713 ssh_config(5). The wildcard M-bM-^@M-^X*M-bM-^@M-^Y can also be used in place of a
714 port number to allow all ports. By default all port forwarding
715 listen requests are permitted. Note that the GatewayPorts option
716 may further restrict which addresses may be listened on. Note
717 also that ssh(1) will request a listen host of M-bM-^@M-^\localhostM-bM-^@M-^] if no
718 listen host was specifically requested, and this this name is
719 treated differently to explicit localhost addresses of
720 M-bM-^@M-^\127.0.0.1M-bM-^@M-^] and M-bM-^@M-^\::1M-bM-^@M-^].
721
697 PermitOpen 722 PermitOpen
698 Specifies the destinations to which TCP port forwarding is 723 Specifies the destinations to which TCP port forwarding is
699 permitted. The forwarding specification must be one of the 724 permitted. The forwarding specification must be one of the
@@ -743,10 +768,12 @@ DESCRIPTION
743 768
744 PermitUserEnvironment 769 PermitUserEnvironment
745 Specifies whether ~/.ssh/environment and environment= options in 770 Specifies whether ~/.ssh/environment and environment= options in
746 ~/.ssh/authorized_keys are processed by sshd(8). The default is 771 ~/.ssh/authorized_keys are processed by sshd(8). Valid options
747 no. Enabling environment processing may enable users to bypass 772 are yes, no or a pattern-list specifying which environment
748 access restrictions in some configurations using mechanisms such 773 variable names to accept (for example "LANG,LC_*"). The default
749 as LD_PRELOAD. 774 is no. Enabling environment processing may enable users to
775 bypass access restrictions in some configurations using
776 mechanisms such as LD_PRELOAD.
750 777
751 PermitUserRC 778 PermitUserRC
752 Specifies whether any ~/.ssh/rc file is executed. The default is 779 Specifies whether any ~/.ssh/rc file is executed. The default is
@@ -773,11 +800,11 @@ DESCRIPTION
773 800
774 PubkeyAcceptedKeyTypes 801 PubkeyAcceptedKeyTypes
775 Specifies the key types that will be accepted for public key 802 Specifies the key types that will be accepted for public key
776 authentication as a comma-separated pattern list. Alternately if 803 authentication as a list of comma-separated patterns.
777 the specified value begins with a M-bM-^@M-^X+M-bM-^@M-^Y character, then the 804 Alternately if the specified value begins with a M-bM-^@M-^X+M-bM-^@M-^Y character,
778 specified key types will be appended to the default set instead 805 then the specified key types will be appended to the default set
779 of replacing them. If the specified value begins with a M-bM-^@M-^X-M-bM-^@M-^Y 806 instead of replacing them. If the specified value begins with a
780 character, then the specified key types (including wildcards) 807 M-bM-^@M-^X-M-bM-^@M-^Y character, then the specified key types (including wildcards)
781 will be removed from the default set instead of replacing them. 808 will be removed from the default set instead of replacing them.
782 The default for this option is: 809 The default for this option is:
783 810
@@ -785,9 +812,10 @@ DESCRIPTION
785 ecdsa-sha2-nistp384-cert-v01@openssh.com, 812 ecdsa-sha2-nistp384-cert-v01@openssh.com,
786 ecdsa-sha2-nistp521-cert-v01@openssh.com, 813 ecdsa-sha2-nistp521-cert-v01@openssh.com,
787 ssh-ed25519-cert-v01@openssh.com, 814 ssh-ed25519-cert-v01@openssh.com,
815 rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,
788 ssh-rsa-cert-v01@openssh.com, 816 ssh-rsa-cert-v01@openssh.com,
789 ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, 817 ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
790 ssh-ed25519,ssh-rsa 818 ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
791 819
792 The list of available key types may also be obtained using "ssh 820 The list of available key types may also be obtained using "ssh
793 -Q key". 821 -Q key".
@@ -827,6 +855,13 @@ DESCRIPTION
827 rdomain(4). If the routing domain is set to %D, then the domain 855 rdomain(4). If the routing domain is set to %D, then the domain
828 in which the incoming connection was received will be applied. 856 in which the incoming connection was received will be applied.
829 857
858 SetEnv Specifies one or more environment variables to set in child
859 sessions started by sshd(8) as M-bM-^@M-^\NAME=VALUEM-bM-^@M-^]. The environment
860 value may be quoted (e.g. if it contains whitespace characters).
861 Environment variables set by SetEnv override the default
862 environment and any variables specified by the user via AcceptEnv
863 or PermitUserEnvironment.
864
830 StreamLocalBindMask 865 StreamLocalBindMask
831 Sets the octal file creation mode mask (umask) used when creating 866 Sets the octal file creation mode mask (umask) used when creating
832 a Unix-domain socket file for local or remote port forwarding. 867 a Unix-domain socket file for local or remote port forwarding.
@@ -1011,18 +1046,19 @@ TOKENS
1011 %s The serial number of the certificate. 1046 %s The serial number of the certificate.
1012 %T The type of the CA key. 1047 %T The type of the CA key.
1013 %t The key or certificate type. 1048 %t The key or certificate type.
1049 %U The numeric user ID of the target user.
1014 %u The username. 1050 %u The username.
1015 1051
1016 AuthorizedKeysCommand accepts the tokens %%, %f, %h, %k, %t, and %u. 1052 AuthorizedKeysCommand accepts the tokens %%, %f, %h, %k, %t, %U, and %u.
1017 1053
1018 AuthorizedKeysFile accepts the tokens %%, %h, and %u. 1054 AuthorizedKeysFile accepts the tokens %%, %h, %U, and %u.
1019 1055
1020 AuthorizedPrincipalsCommand accepts the tokens %%, %F, %f, %h, %i, %K, 1056 AuthorizedPrincipalsCommand accepts the tokens %%, %F, %f, %h, %i, %K,
1021 %k, %s, %T, %t, and %u. 1057 %k, %s, %T, %t, %U, and %u.
1022 1058
1023 AuthorizedPrincipalsFile accepts the tokens %%, %h, and %u. 1059 AuthorizedPrincipalsFile accepts the tokens %%, %h, %U, and %u.
1024 1060
1025 ChrootDirectory accepts the tokens %%, %h, and %u. 1061 ChrootDirectory accepts the tokens %%, %h, %U, and %u.
1026 1062
1027 RoutingDomain accepts the token %D. 1063 RoutingDomain accepts the token %D.
1028 1064
@@ -1043,4 +1079,4 @@ AUTHORS
1043 versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support 1079 versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support
1044 for privilege separation. 1080 for privilege separation.
1045 1081
1046OpenBSD 6.2 February 16, 2018 OpenBSD 6.2 1082OpenBSD 6.4 July 20, 2018 OpenBSD 6.4
diff --git a/sshd_config.5 b/sshd_config.5
index 4c7ee4254..15b82e84d 100644
--- a/sshd_config.5
+++ b/sshd_config.5
@@ -33,8 +33,8 @@
33.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 33.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
34.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 34.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
35.\" 35.\"
36.\" $OpenBSD: sshd_config.5,v 1.263 2018/02/16 02:40:45 djm Exp $ 36.\" $OpenBSD: sshd_config.5,v 1.281 2018/07/20 05:01:10 djm Exp $
37.Dd $Mdocdate: February 16 2018 $ 37.Dd $Mdocdate: July 20 2018 $
38.Dt SSHD_CONFIG 5 38.Dt SSHD_CONFIG 5
39.Os 39.Os
40.Sh NAME 40.Sh NAME
@@ -88,12 +88,14 @@ the session's
88.Xr environ 7 . 88.Xr environ 7 .
89See 89See
90.Cm SendEnv 90.Cm SendEnv
91and
92.Cm SetEnv
91in 93in
92.Xr ssh_config 5 94.Xr ssh_config 5
93for how to configure the client. 95for how to configure the client.
94The 96The
95.Ev TERM 97.Ev TERM
96environment variable is always sent whenever the client 98environment variable is always accepted whenever the client
97requests a pseudo-terminal as it is required by the protocol. 99requests a pseudo-terminal as it is required by the protocol.
98Variables are specified by name, which may contain the wildcard characters 100Variables are specified by name, which may contain the wildcard characters
99.Ql * 101.Ql *
@@ -206,7 +208,7 @@ for more information on patterns.
206.It Cm AuthenticationMethods 208.It Cm AuthenticationMethods
207Specifies the authentication methods that must be successfully completed 209Specifies the authentication methods that must be successfully completed
208for a user to be granted access. 210for a user to be granted access.
209This option must be followed by one or more comma-separated lists of 211This option must be followed by one or more lists of comma-separated
210authentication method names, or by the single string 212authentication method names, or by the single string
211.Cm any 213.Cm any
212to indicate the default behaviour of accepting any single authentication 214to indicate the default behaviour of accepting any single authentication
@@ -225,10 +227,9 @@ keyboard-interactive authentication before public key.
225For keyboard interactive authentication it is also possible to 227For keyboard interactive authentication it is also possible to
226restrict authentication to a specific device by appending a 228restrict authentication to a specific device by appending a
227colon followed by the device identifier 229colon followed by the device identifier
228.Cm bsdauth , 230.Cm bsdauth
229.Cm pam ,
230or 231or
231.Cm skey , 232.Cm pam .
232depending on the server configuration. 233depending on the server configuration.
233For example, 234For example,
234.Qq keyboard-interactive:bsdauth 235.Qq keyboard-interactive:bsdauth
@@ -253,7 +254,7 @@ The available authentication methods are:
253.Qq keyboard-interactive , 254.Qq keyboard-interactive ,
254.Qq none 255.Qq none
255(used for access to password-less accounts when 256(used for access to password-less accounts when
256.Cm PermitEmptyPassword 257.Cm PermitEmptyPasswords
257is enabled), 258is enabled),
258.Qq password 259.Qq password
259and 260and
@@ -693,7 +694,7 @@ or updated credentials from a compatible client. The default is
693.Cm no . 694.Cm no .
694.It Cm HostbasedAcceptedKeyTypes 695.It Cm HostbasedAcceptedKeyTypes
695Specifies the key types that will be accepted for hostbased authentication 696Specifies the key types that will be accepted for hostbased authentication
696as a comma-separated pattern list. 697as a list of comma-separated patterns.
697Alternately if the specified value begins with a 698Alternately if the specified value begins with a
698.Sq + 699.Sq +
699character, then the specified key types will be appended to the default set 700character, then the specified key types will be appended to the default set
@@ -708,9 +709,10 @@ ecdsa-sha2-nistp256-cert-v01@openssh.com,
708ecdsa-sha2-nistp384-cert-v01@openssh.com, 709ecdsa-sha2-nistp384-cert-v01@openssh.com,
709ecdsa-sha2-nistp521-cert-v01@openssh.com, 710ecdsa-sha2-nistp521-cert-v01@openssh.com,
710ssh-ed25519-cert-v01@openssh.com, 711ssh-ed25519-cert-v01@openssh.com,
712rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,
711ssh-rsa-cert-v01@openssh.com, 713ssh-rsa-cert-v01@openssh.com,
712ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, 714ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
713ssh-ed25519,ssh-rsa 715ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
714.Ed 716.Ed
715.Pp 717.Pp
716The list of available key types may also be obtained using 718The list of available key types may also be obtained using
@@ -785,9 +787,10 @@ ecdsa-sha2-nistp256-cert-v01@openssh.com,
785ecdsa-sha2-nistp384-cert-v01@openssh.com, 787ecdsa-sha2-nistp384-cert-v01@openssh.com,
786ecdsa-sha2-nistp521-cert-v01@openssh.com, 788ecdsa-sha2-nistp521-cert-v01@openssh.com,
787ssh-ed25519-cert-v01@openssh.com, 789ssh-ed25519-cert-v01@openssh.com,
790rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,
788ssh-rsa-cert-v01@openssh.com, 791ssh-rsa-cert-v01@openssh.com,
789ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, 792ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
790ssh-ed25519,ssh-rsa 793ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
791.Ed 794.Ed
792.Pp 795.Pp
793The list of available key types may also be obtained using 796The list of available key types may also be obtained using
@@ -852,9 +855,11 @@ If one argument is specified, it is used as the packet class unconditionally.
852If two values are specified, the first is automatically selected for 855If two values are specified, the first is automatically selected for
853interactive sessions and the second for non-interactive sessions. 856interactive sessions and the second for non-interactive sessions.
854The default is 857The default is
855.Cm lowdelay 858.Cm af21
859(Low-Latency Data)
856for interactive sessions and 860for interactive sessions and
857.Cm throughput 861.Cm cs1
862(Lower Effort)
858for non-interactive sessions. 863for non-interactive sessions.
859.It Cm KbdInteractiveAuthentication 864.It Cm KbdInteractiveAuthentication
860Specifies whether to allow keyboard-interactive authentication. 865Specifies whether to allow keyboard-interactive authentication.
@@ -1159,6 +1164,7 @@ Available keywords are
1159.Cm MaxSessions , 1164.Cm MaxSessions ,
1160.Cm PasswordAuthentication , 1165.Cm PasswordAuthentication ,
1161.Cm PermitEmptyPasswords , 1166.Cm PermitEmptyPasswords ,
1167.Cm PermitListen ,
1162.Cm PermitOpen , 1168.Cm PermitOpen ,
1163.Cm PermitRootLogin , 1169.Cm PermitRootLogin ,
1164.Cm PermitTTY , 1170.Cm PermitTTY ,
@@ -1169,6 +1175,7 @@ Available keywords are
1169.Cm RekeyLimit , 1175.Cm RekeyLimit ,
1170.Cm RevokedKeys , 1176.Cm RevokedKeys ,
1171.Cm RDomain , 1177.Cm RDomain ,
1178.Cm SetEnv ,
1172.Cm StreamLocalBindMask , 1179.Cm StreamLocalBindMask ,
1173.Cm StreamLocalBindUnlink , 1180.Cm StreamLocalBindUnlink ,
1174.Cm TrustedUserCAKeys , 1181.Cm TrustedUserCAKeys ,
@@ -1218,6 +1225,48 @@ When password authentication is allowed, it specifies whether the
1218server allows login to accounts with empty password strings. 1225server allows login to accounts with empty password strings.
1219The default is 1226The default is
1220.Cm no . 1227.Cm no .
1228.It Cm PermitListen
1229Specifies the addresses/ports on which a remote TCP port forwarding may listen.
1230The listen specification must be one of the following forms:
1231.Pp
1232.Bl -item -offset indent -compact
1233.It
1234.Cm PermitListen
1235.Sm off
1236.Ar port
1237.Sm on
1238.It
1239.Cm PermitListen
1240.Sm off
1241.Ar host : port
1242.Sm on
1243.El
1244.Pp
1245Multiple permissions may be specified by separating them with whitespace.
1246An argument of
1247.Cm any
1248can be used to remove all restrictions and permit any listen requests.
1249An argument of
1250.Cm none
1251can be used to prohibit all listen requests.
1252The host name may contain wildcards as described in the PATTERNS section in
1253.Xr ssh_config 5 .
1254The wildcard
1255.Sq *
1256can also be used in place of a port number to allow all ports.
1257By default all port forwarding listen requests are permitted.
1258Note that the
1259.Cm GatewayPorts
1260option may further restrict which addresses may be listened on.
1261Note also that
1262.Xr ssh 1
1263will request a listen host of
1264.Dq localhost
1265if no listen host was specifically requested, and this this name is
1266treated differently to explicit localhost addresses of
1267.Dq 127.0.0.1
1268and
1269.Dq ::1 .
1221.It Cm PermitOpen 1270.It Cm PermitOpen
1222Specifies the destinations to which TCP port forwarding is permitted. 1271Specifies the destinations to which TCP port forwarding is permitted.
1223The forwarding specification must be one of the following forms: 1272The forwarding specification must be one of the following forms:
@@ -1320,6 +1369,12 @@ options in
1320.Pa ~/.ssh/authorized_keys 1369.Pa ~/.ssh/authorized_keys
1321are processed by 1370are processed by
1322.Xr sshd 8 . 1371.Xr sshd 8 .
1372Valid options are
1373.Cm yes ,
1374.Cm no
1375or a pattern-list specifying which environment variable names to accept
1376(for example
1377.Qq LANG,LC_* ) .
1323The default is 1378The default is
1324.Cm no . 1379.Cm no .
1325Enabling environment processing may enable users to bypass access 1380Enabling environment processing may enable users to bypass access
@@ -1366,7 +1421,7 @@ The default is
1366.Cm yes . 1421.Cm yes .
1367.It Cm PubkeyAcceptedKeyTypes 1422.It Cm PubkeyAcceptedKeyTypes
1368Specifies the key types that will be accepted for public key authentication 1423Specifies the key types that will be accepted for public key authentication
1369as a comma-separated pattern list. 1424as a list of comma-separated patterns.
1370Alternately if the specified value begins with a 1425Alternately if the specified value begins with a
1371.Sq + 1426.Sq +
1372character, then the specified key types will be appended to the default set 1427character, then the specified key types will be appended to the default set
@@ -1381,9 +1436,10 @@ ecdsa-sha2-nistp256-cert-v01@openssh.com,
1381ecdsa-sha2-nistp384-cert-v01@openssh.com, 1436ecdsa-sha2-nistp384-cert-v01@openssh.com,
1382ecdsa-sha2-nistp521-cert-v01@openssh.com, 1437ecdsa-sha2-nistp521-cert-v01@openssh.com,
1383ssh-ed25519-cert-v01@openssh.com, 1438ssh-ed25519-cert-v01@openssh.com,
1439rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,
1384ssh-rsa-cert-v01@openssh.com, 1440ssh-rsa-cert-v01@openssh.com,
1385ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, 1441ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
1386ssh-ed25519,ssh-rsa 1442ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
1387.Ed 1443.Ed
1388.Pp 1444.Pp
1389The list of available key types may also be obtained using 1445The list of available key types may also be obtained using
@@ -1438,6 +1494,21 @@ will be bound to this
1438If the routing domain is set to 1494If the routing domain is set to
1439.Cm \&%D , 1495.Cm \&%D ,
1440then the domain in which the incoming connection was received will be applied. 1496then the domain in which the incoming connection was received will be applied.
1497.It Cm SetEnv
1498Specifies one or more environment variables to set in child sessions started
1499by
1500.Xr sshd 8
1501as
1502.Dq NAME=VALUE .
1503The environment value may be quoted (e.g. if it contains whitespace
1504characters).
1505Environment variables set by
1506.Cm SetEnv
1507override the default environment and any variables specified by the user
1508via
1509.Cm AcceptEnv
1510or
1511.Cm PermitUserEnvironment .
1441.It Cm StreamLocalBindMask 1512.It Cm StreamLocalBindMask
1442Sets the octal file creation mode mask 1513Sets the octal file creation mode mask
1443.Pq umask 1514.Pq umask
@@ -1726,24 +1797,26 @@ The serial number of the certificate.
1726The type of the CA key. 1797The type of the CA key.
1727.It %t 1798.It %t
1728The key or certificate type. 1799The key or certificate type.
1800.It \&%U
1801The numeric user ID of the target user.
1729.It %u 1802.It %u
1730The username. 1803The username.
1731.El 1804.El
1732.Pp 1805.Pp
1733.Cm AuthorizedKeysCommand 1806.Cm AuthorizedKeysCommand
1734accepts the tokens %%, %f, %h, %k, %t, and %u. 1807accepts the tokens %%, %f, %h, %k, %t, %U, and %u.
1735.Pp 1808.Pp
1736.Cm AuthorizedKeysFile 1809.Cm AuthorizedKeysFile
1737accepts the tokens %%, %h, and %u. 1810accepts the tokens %%, %h, %U, and %u.
1738.Pp 1811.Pp
1739.Cm AuthorizedPrincipalsCommand 1812.Cm AuthorizedPrincipalsCommand
1740accepts the tokens %%, %F, %f, %h, %i, %K, %k, %s, %T, %t, and %u. 1813accepts the tokens %%, %F, %f, %h, %i, %K, %k, %s, %T, %t, %U, and %u.
1741.Pp 1814.Pp
1742.Cm AuthorizedPrincipalsFile 1815.Cm AuthorizedPrincipalsFile
1743accepts the tokens %%, %h, and %u. 1816accepts the tokens %%, %h, %U, and %u.
1744.Pp 1817.Pp
1745.Cm ChrootDirectory 1818.Cm ChrootDirectory
1746accepts the tokens %%, %h, and %u. 1819accepts the tokens %%, %h, %U, and %u.
1747.Pp 1820.Pp
1748.Cm RoutingDomain 1821.Cm RoutingDomain
1749accepts the token %D. 1822accepts the token %D.
diff --git a/ssherr.c b/ssherr.c
index 3c0009d69..8ad3d5750 100644
--- a/ssherr.c
+++ b/ssherr.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssherr.c,v 1.7 2017/09/12 06:32:08 djm Exp $ */ 1/* $OpenBSD: ssherr.c,v 1.8 2018/07/03 11:39:54 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2011 Damien Miller 3 * Copyright (c) 2011 Damien Miller
4 * 4 *
@@ -139,6 +139,8 @@ ssh_err(int n)
139 return "Invalid key length"; 139 return "Invalid key length";
140 case SSH_ERR_NUMBER_TOO_LARGE: 140 case SSH_ERR_NUMBER_TOO_LARGE:
141 return "number is too large"; 141 return "number is too large";
142 case SSH_ERR_SIGN_ALG_UNSUPPORTED:
143 return "signature algorithm not supported";
142 default: 144 default:
143 return "unknown error"; 145 return "unknown error";
144 } 146 }
diff --git a/ssherr.h b/ssherr.h
index c0b59211e..348da5a20 100644
--- a/ssherr.h
+++ b/ssherr.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssherr.h,v 1.5 2017/09/12 06:32:08 djm Exp $ */ 1/* $OpenBSD: ssherr.h,v 1.6 2018/07/03 11:39:54 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2011 Damien Miller 3 * Copyright (c) 2011 Damien Miller
4 * 4 *
@@ -79,6 +79,7 @@
79#define SSH_ERR_PROTOCOL_ERROR -55 79#define SSH_ERR_PROTOCOL_ERROR -55
80#define SSH_ERR_KEY_LENGTH -56 80#define SSH_ERR_KEY_LENGTH -56
81#define SSH_ERR_NUMBER_TOO_LARGE -57 81#define SSH_ERR_NUMBER_TOO_LARGE -57
82#define SSH_ERR_SIGN_ALG_UNSUPPORTED -58
82 83
83/* Translate a numeric error code to a human-readable error string */ 84/* Translate a numeric error code to a human-readable error string */
84const char *ssh_err(int n); 85const char *ssh_err(int n);
diff --git a/sshkey-xmss.c b/sshkey-xmss.c
index 5d66ee790..aaae70289 100644
--- a/sshkey-xmss.c
+++ b/sshkey-xmss.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: sshkey-xmss.c,v 1.1 2018/02/23 15:58:38 markus Exp $ */ 1/* $OpenBSD: sshkey-xmss.c,v 1.3 2018/07/09 21:59:10 markus Exp $ */
2/* 2/*
3 * Copyright (c) 2017 Markus Friedl. All rights reserved. 3 * Copyright (c) 2017 Markus Friedl. All rights reserved.
4 * 4 *
@@ -66,7 +66,7 @@ struct ssh_xmss_state {
66 treehash_inst *treehash; 66 treehash_inst *treehash;
67 67
68 u_int32_t idx; /* state read from file */ 68 u_int32_t idx; /* state read from file */
69 u_int32_t maxidx; /* resticted # of signatures */ 69 u_int32_t maxidx; /* restricted # of signatures */
70 int have_state; /* .state file exists */ 70 int have_state; /* .state file exists */
71 int lockfd; /* locked in sshkey_xmss_get_state() */ 71 int lockfd; /* locked in sshkey_xmss_get_state() */
72 int allow_update; /* allow sshkey_xmss_update_state() */ 72 int allow_update; /* allow sshkey_xmss_update_state() */
@@ -583,7 +583,7 @@ sshkey_xmss_update_state(const struct sshkey *k, sshkey_printfn *pr)
583 } 583 }
584 idx = PEEK_U32(k->xmss_sk); 584 idx = PEEK_U32(k->xmss_sk);
585 if (idx == state->idx) { 585 if (idx == state->idx) {
586 /* no signature happend, no need to update */ 586 /* no signature happened, no need to update */
587 ret = 0; 587 ret = 0;
588 goto done; 588 goto done;
589 } else if (idx != state->idx + 1) { 589 } else if (idx != state->idx + 1) {
@@ -625,7 +625,7 @@ sshkey_xmss_update_state(const struct sshkey *k, sshkey_printfn *pr)
625 close(fd); 625 close(fd);
626 goto done; 626 goto done;
627 } 627 }
628 if (atomicio(vwrite, fd, (void *)sshbuf_ptr(enc), sshbuf_len(enc)) != 628 if (atomicio(vwrite, fd, sshbuf_mutable_ptr(enc), sshbuf_len(enc)) !=
629 sshbuf_len(enc)) { 629 sshbuf_len(enc)) {
630 ret = SSH_ERR_SYSTEM_ERROR; 630 ret = SSH_ERR_SYSTEM_ERROR;
631 PRINT("%s: write new state file data: %s", __func__, nstatefile); 631 PRINT("%s: write new state file data: %s", __func__, nstatefile);
diff --git a/sshkey.c b/sshkey.c
index 088872860..91e99a262 100644
--- a/sshkey.c
+++ b/sshkey.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: sshkey.c,v 1.64 2018/03/22 07:05:48 markus Exp $ */ 1/* $OpenBSD: sshkey.c,v 1.66 2018/07/03 13:20:25 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
4 * Copyright (c) 2008 Alexander von Gernler. All rights reserved. 4 * Copyright (c) 2008 Alexander von Gernler. All rights reserved.
@@ -83,47 +83,65 @@ static int sshkey_from_blob_internal(struct sshbuf *buf,
83struct keytype { 83struct keytype {
84 const char *name; 84 const char *name;
85 const char *shortname; 85 const char *shortname;
86 const char *sigalg;
86 int type; 87 int type;
87 int nid; 88 int nid;
88 int cert; 89 int cert;
89 int sigonly; 90 int sigonly;
90}; 91};
91static const struct keytype keytypes[] = { 92static const struct keytype keytypes[] = {
92 { "ssh-ed25519", "ED25519", KEY_ED25519, 0, 0, 0 }, 93 { "ssh-ed25519", "ED25519", NULL, KEY_ED25519, 0, 0, 0 },
93 { "ssh-ed25519-cert-v01@openssh.com", "ED25519-CERT", 94 { "ssh-ed25519-cert-v01@openssh.com", "ED25519-CERT", NULL,
94 KEY_ED25519_CERT, 0, 1, 0 }, 95 KEY_ED25519_CERT, 0, 1, 0 },
95#ifdef WITH_XMSS 96#ifdef WITH_XMSS
96 { "ssh-xmss@openssh.com", "XMSS", KEY_XMSS, 0, 0, 0 }, 97 { "ssh-xmss@openssh.com", "XMSS", NULL, KEY_XMSS, 0, 0, 0 },
97 { "ssh-xmss-cert-v01@openssh.com", "XMSS-CERT", 98 { "ssh-xmss-cert-v01@openssh.com", "XMSS-CERT", NULL,
98 KEY_XMSS_CERT, 0, 1, 0 }, 99 KEY_XMSS_CERT, 0, 1, 0 },
99#endif /* WITH_XMSS */ 100#endif /* WITH_XMSS */
100#ifdef WITH_OPENSSL 101#ifdef WITH_OPENSSL
101 { "ssh-rsa", "RSA", KEY_RSA, 0, 0, 0 }, 102 { "ssh-rsa", "RSA", NULL, KEY_RSA, 0, 0, 0 },
102 { "rsa-sha2-256", "RSA", KEY_RSA, 0, 0, 1 }, 103 { "rsa-sha2-256", "RSA", NULL, KEY_RSA, 0, 0, 1 },
103 { "rsa-sha2-512", "RSA", KEY_RSA, 0, 0, 1 }, 104 { "rsa-sha2-512", "RSA", NULL, KEY_RSA, 0, 0, 1 },
104 { "ssh-dss", "DSA", KEY_DSA, 0, 0, 0 }, 105 { "ssh-dss", "DSA", NULL, KEY_DSA, 0, 0, 0 },
105# ifdef OPENSSL_HAS_ECC 106# ifdef OPENSSL_HAS_ECC
106 { "ecdsa-sha2-nistp256", "ECDSA", KEY_ECDSA, NID_X9_62_prime256v1, 0, 0 }, 107 { "ecdsa-sha2-nistp256", "ECDSA", NULL,
107 { "ecdsa-sha2-nistp384", "ECDSA", KEY_ECDSA, NID_secp384r1, 0, 0 }, 108 KEY_ECDSA, NID_X9_62_prime256v1, 0, 0 },
109 { "ecdsa-sha2-nistp384", "ECDSA", NULL,
110 KEY_ECDSA, NID_secp384r1, 0, 0 },
108# ifdef OPENSSL_HAS_NISTP521 111# ifdef OPENSSL_HAS_NISTP521
109 { "ecdsa-sha2-nistp521", "ECDSA", KEY_ECDSA, NID_secp521r1, 0, 0 }, 112 { "ecdsa-sha2-nistp521", "ECDSA", NULL,
113 KEY_ECDSA, NID_secp521r1, 0, 0 },
110# endif /* OPENSSL_HAS_NISTP521 */ 114# endif /* OPENSSL_HAS_NISTP521 */
111# endif /* OPENSSL_HAS_ECC */ 115# endif /* OPENSSL_HAS_ECC */
112 { "ssh-rsa-cert-v01@openssh.com", "RSA-CERT", KEY_RSA_CERT, 0, 1, 0 }, 116 { "ssh-rsa-cert-v01@openssh.com", "RSA-CERT", NULL,
113 { "ssh-dss-cert-v01@openssh.com", "DSA-CERT", KEY_DSA_CERT, 0, 1, 0 }, 117 KEY_RSA_CERT, 0, 1, 0 },
118 { "rsa-sha2-256-cert-v01@openssh.com", "RSA-CERT",
119 "ssh-rsa-sha2-256", KEY_RSA_CERT, 0, 1, 1 },
120 { "rsa-sha2-512-cert-v01@openssh.com", "RSA-CERT",
121 "ssh-rsa-sha2-512", KEY_RSA_CERT, 0, 1, 1 },
122 { "ssh-dss-cert-v01@openssh.com", "DSA-CERT", NULL,
123 KEY_DSA_CERT, 0, 1, 0 },
124 { "ssh-rsa-cert-v01@openssh.com", "RSA-CERT", NULL,
125 KEY_RSA_CERT, 0, 1, 0 },
126 { "rsa-sha2-256-cert-v01@openssh.com", "RSA-CERT",
127 "ssh-rsa-sha2-256", KEY_RSA_CERT, 0, 1, 1 },
128 { "rsa-sha2-512-cert-v01@openssh.com", "RSA-CERT",
129 "ssh-rsa-sha2-512", KEY_RSA_CERT, 0, 1, 1 },
130 { "ssh-dss-cert-v01@openssh.com", "DSA-CERT", NULL,
131 KEY_DSA_CERT, 0, 1, 0 },
114# ifdef OPENSSL_HAS_ECC 132# ifdef OPENSSL_HAS_ECC
115 { "ecdsa-sha2-nistp256-cert-v01@openssh.com", "ECDSA-CERT", 133 { "ecdsa-sha2-nistp256-cert-v01@openssh.com", "ECDSA-CERT", NULL,
116 KEY_ECDSA_CERT, NID_X9_62_prime256v1, 1, 0 }, 134 KEY_ECDSA_CERT, NID_X9_62_prime256v1, 1, 0 },
117 { "ecdsa-sha2-nistp384-cert-v01@openssh.com", "ECDSA-CERT", 135 { "ecdsa-sha2-nistp384-cert-v01@openssh.com", "ECDSA-CERT", NULL,
118 KEY_ECDSA_CERT, NID_secp384r1, 1, 0 }, 136 KEY_ECDSA_CERT, NID_secp384r1, 1, 0 },
119# ifdef OPENSSL_HAS_NISTP521 137# ifdef OPENSSL_HAS_NISTP521
120 { "ecdsa-sha2-nistp521-cert-v01@openssh.com", "ECDSA-CERT", 138 { "ecdsa-sha2-nistp521-cert-v01@openssh.com", "ECDSA-CERT", NULL,
121 KEY_ECDSA_CERT, NID_secp521r1, 1, 0 }, 139 KEY_ECDSA_CERT, NID_secp521r1, 1, 0 },
122# endif /* OPENSSL_HAS_NISTP521 */ 140# endif /* OPENSSL_HAS_NISTP521 */
123# endif /* OPENSSL_HAS_ECC */ 141# endif /* OPENSSL_HAS_ECC */
124#endif /* WITH_OPENSSL */ 142#endif /* WITH_OPENSSL */
125 { "null", "null", KEY_NULL, 0, 0, 0 }, 143 { "null", "null", NULL, KEY_NULL, 0, 0, 0 },
126 { NULL, NULL, -1, -1, 0, 0 } 144 { NULL, NULL, NULL, -1, -1, 0, 0 }
127}; 145};
128 146
129const char * 147const char *
@@ -2199,8 +2217,8 @@ sshkey_froms(struct sshbuf *buf, struct sshkey **keyp)
2199 return r; 2217 return r;
2200} 2218}
2201 2219
2202int 2220static int
2203sshkey_sigtype(const u_char *sig, size_t siglen, char **sigtypep) 2221get_sigtype(const u_char *sig, size_t siglen, char **sigtypep)
2204{ 2222{
2205 int r; 2223 int r;
2206 struct sshbuf *b = NULL; 2224 struct sshbuf *b = NULL;
@@ -2224,6 +2242,50 @@ sshkey_sigtype(const u_char *sig, size_t siglen, char **sigtypep)
2224 return r; 2242 return r;
2225} 2243}
2226 2244
2245/*
2246 * Returns the expected signature algorithm for a given public key algorithm.
2247 */
2248const char *
2249sshkey_sigalg_by_name(const char *name)
2250{
2251 const struct keytype *kt;
2252
2253 for (kt = keytypes; kt->type != -1; kt++) {
2254 if (strcmp(kt->name, name) != 0)
2255 continue;
2256 if (kt->sigalg != NULL)
2257 return kt->sigalg;
2258 if (!kt->cert)
2259 return kt->name;
2260 return sshkey_ssh_name_from_type_nid(
2261 sshkey_type_plain(kt->type), kt->nid);
2262 }
2263 return NULL;
2264}
2265
2266/*
2267 * Verifies that the signature algorithm appearing inside the signature blob
2268 * matches that which was requested.
2269 */
2270int
2271sshkey_check_sigtype(const u_char *sig, size_t siglen,
2272 const char *requested_alg)
2273{
2274 const char *expected_alg;
2275 char *sigtype = NULL;
2276 int r;
2277
2278 if (requested_alg == NULL)
2279 return 0;
2280 if ((expected_alg = sshkey_sigalg_by_name(requested_alg)) == NULL)
2281 return SSH_ERR_INVALID_ARGUMENT;
2282 if ((r = get_sigtype(sig, siglen, &sigtype)) != 0)
2283 return r;
2284 r = strcmp(expected_alg, sigtype) == 0;
2285 free(sigtype);
2286 return r ? 0 : SSH_ERR_SIGN_ALG_UNSUPPORTED;
2287}
2288
2227int 2289int
2228sshkey_sign(const struct sshkey *key, 2290sshkey_sign(const struct sshkey *key,
2229 u_char **sigp, size_t *lenp, 2291 u_char **sigp, size_t *lenp,
diff --git a/sshkey.h b/sshkey.h
index 4e89049f1..0cbdcfd74 100644
--- a/sshkey.h
+++ b/sshkey.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: sshkey.h,v 1.24 2018/02/23 15:58:38 markus Exp $ */ 1/* $OpenBSD: sshkey.h,v 1.26 2018/07/03 13:20:25 djm Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. 4 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
@@ -192,11 +192,12 @@ int sshkey_puts_opts(const struct sshkey *, struct sshbuf *,
192int sshkey_plain_to_blob(const struct sshkey *, u_char **, size_t *); 192int sshkey_plain_to_blob(const struct sshkey *, u_char **, size_t *);
193int sshkey_putb_plain(const struct sshkey *, struct sshbuf *); 193int sshkey_putb_plain(const struct sshkey *, struct sshbuf *);
194 194
195int sshkey_sigtype(const u_char *, size_t, char **);
196int sshkey_sign(const struct sshkey *, u_char **, size_t *, 195int sshkey_sign(const struct sshkey *, u_char **, size_t *,
197 const u_char *, size_t, const char *, u_int); 196 const u_char *, size_t, const char *, u_int);
198int sshkey_verify(const struct sshkey *, const u_char *, size_t, 197int sshkey_verify(const struct sshkey *, const u_char *, size_t,
199 const u_char *, size_t, const char *, u_int); 198 const u_char *, size_t, const char *, u_int);
199int sshkey_check_sigtype(const u_char *, size_t, const char *);
200const char *sshkey_sigalg_by_name(const char *);
200 201
201/* for debug */ 202/* for debug */
202void sshkey_dump_ec_point(const EC_GROUP *, const EC_POINT *); 203void sshkey_dump_ec_point(const EC_GROUP *, const EC_POINT *);
diff --git a/sshlogin.c b/sshlogin.c
index cea3e7697..1b2ee5f85 100644
--- a/sshlogin.c
+++ b/sshlogin.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: sshlogin.c,v 1.32 2015/12/26 20:51:35 guenther Exp $ */ 1/* $OpenBSD: sshlogin.c,v 1.33 2018/07/09 21:26:02 markus Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -55,13 +55,15 @@
55#include <unistd.h> 55#include <unistd.h>
56#include <limits.h> 56#include <limits.h>
57 57
58#include "sshlogin.h"
59#include "ssherr.h"
58#include "loginrec.h" 60#include "loginrec.h"
59#include "log.h" 61#include "log.h"
60#include "buffer.h" 62#include "sshbuf.h"
61#include "misc.h" 63#include "misc.h"
62#include "servconf.h" 64#include "servconf.h"
63 65
64extern Buffer loginmsg; 66extern struct sshbuf *loginmsg;
65extern ServerOptions options; 67extern ServerOptions options;
66 68
67/* 69/*
@@ -88,8 +90,9 @@ static void
88store_lastlog_message(const char *user, uid_t uid) 90store_lastlog_message(const char *user, uid_t uid)
89{ 91{
90#ifndef NO_SSH_LASTLOG 92#ifndef NO_SSH_LASTLOG
91 char *time_string, hostname[HOST_NAME_MAX+1] = "", buf[512]; 93 char *time_string, hostname[HOST_NAME_MAX+1] = "";
92 time_t last_login_time; 94 time_t last_login_time;
95 int r;
93 96
94 if (!options.print_lastlog) 97 if (!options.print_lastlog)
95 return; 98 return;
@@ -97,7 +100,9 @@ store_lastlog_message(const char *user, uid_t uid)
97# ifdef CUSTOM_SYS_AUTH_GET_LASTLOGIN_MSG 100# ifdef CUSTOM_SYS_AUTH_GET_LASTLOGIN_MSG
98 time_string = sys_auth_get_lastlogin_msg(user, uid); 101 time_string = sys_auth_get_lastlogin_msg(user, uid);
99 if (time_string != NULL) { 102 if (time_string != NULL) {
100 buffer_append(&loginmsg, time_string, strlen(time_string)); 103 if ((r = sshbuf_put(loginmsg,
104 time_string, strlen(time_string))) != 0)
105 fatal("%s: buffer error: %s", __func__, ssh_err(r));
101 free(time_string); 106 free(time_string);
102 } 107 }
103# else 108# else
@@ -108,12 +113,13 @@ store_lastlog_message(const char *user, uid_t uid)
108 time_string = ctime(&last_login_time); 113 time_string = ctime(&last_login_time);
109 time_string[strcspn(time_string, "\n")] = '\0'; 114 time_string[strcspn(time_string, "\n")] = '\0';
110 if (strcmp(hostname, "") == 0) 115 if (strcmp(hostname, "") == 0)
111 snprintf(buf, sizeof(buf), "Last login: %s\r\n", 116 r = sshbuf_putf(loginmsg, "Last login: %s\r\n",
112 time_string); 117 time_string);
113 else 118 else
114 snprintf(buf, sizeof(buf), "Last login: %s from %s\r\n", 119 r = sshbuf_putf(loginmsg, "Last login: %s from %s\r\n",
115 time_string, hostname); 120 time_string, hostname);
116 buffer_append(&loginmsg, buf, strlen(buf)); 121 if (r != 0)
122 fatal("%s: buffer error: %s", __func__, ssh_err(r));
117 } 123 }
118# endif /* CUSTOM_SYS_AUTH_GET_LASTLOGIN_MSG */ 124# endif /* CUSTOM_SYS_AUTH_GET_LASTLOGIN_MSG */
119#endif /* NO_SSH_LASTLOG */ 125#endif /* NO_SSH_LASTLOG */
diff --git a/ttymodes.c b/ttymodes.c
index f9fdb92de..f0c2a5d37 100644
--- a/ttymodes.c
+++ b/ttymodes.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ttymodes.c,v 1.33 2018/02/16 04:43:11 dtucker Exp $ */ 1/* $OpenBSD: ttymodes.c,v 1.34 2018/07/09 21:20:26 markus Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -55,8 +55,8 @@
55#include "packet.h" 55#include "packet.h"
56#include "log.h" 56#include "log.h"
57#include "compat.h" 57#include "compat.h"
58#include "buffer.h" 58#include "sshbuf.h"
59#include "compat.h" 59#include "ssherr.h"
60 60
61#define TTY_OP_END 0 61#define TTY_OP_END 0
62/* 62/*
@@ -276,17 +276,18 @@ special_char_decode(u_int c)
276 * being constructed. 276 * being constructed.
277 */ 277 */
278void 278void
279tty_make_modes(int fd, struct termios *tiop) 279ssh_tty_make_modes(struct ssh *ssh, int fd, struct termios *tiop)
280{ 280{
281 struct termios tio; 281 struct termios tio;
282 int baud; 282 struct sshbuf *buf;
283 Buffer buf; 283 int r, ibaud, obaud;
284 284
285 buffer_init(&buf); 285 if ((buf = sshbuf_new()) == NULL)
286 fatal("%s: sshbuf_new failed", __func__);
286 287
287 if (tiop == NULL) { 288 if (tiop == NULL) {
288 if (fd == -1) { 289 if (fd == -1) {
289 debug("tty_make_modes: no fd or tio"); 290 debug("%s: no fd or tio", __func__);
290 goto end; 291 goto end;
291 } 292 }
292 if (tcgetattr(fd, &tio) == -1) { 293 if (tcgetattr(fd, &tio) == -1) {
@@ -297,27 +298,29 @@ tty_make_modes(int fd, struct termios *tiop)
297 tio = *tiop; 298 tio = *tiop;
298 299
299 /* Store input and output baud rates. */ 300 /* Store input and output baud rates. */
300 baud = speed_to_baud(cfgetospeed(&tio)); 301 obaud = speed_to_baud(cfgetospeed(&tio));
301 buffer_put_char(&buf, TTY_OP_OSPEED); 302 ibaud = speed_to_baud(cfgetispeed(&tio));
302 buffer_put_int(&buf, baud); 303 if ((r = sshbuf_put_u8(buf, TTY_OP_OSPEED)) != 0 ||
303 baud = speed_to_baud(cfgetispeed(&tio)); 304 (r = sshbuf_put_u32(buf, obaud)) != 0 ||
304 buffer_put_char(&buf, TTY_OP_ISPEED); 305 (r = sshbuf_put_u8(buf, TTY_OP_ISPEED)) != 0 ||
305 buffer_put_int(&buf, baud); 306 (r = sshbuf_put_u32(buf, ibaud)) != 0)
307 fatal("%s: buffer error: %s", __func__, ssh_err(r));
306 308
307 /* Store values of mode flags. */ 309 /* Store values of mode flags. */
308#define TTYCHAR(NAME, OP) \ 310#define TTYCHAR(NAME, OP) \
309 buffer_put_char(&buf, OP); \ 311 if ((r = sshbuf_put_u8(buf, OP)) != 0 || \
310 buffer_put_int(&buf, special_char_encode(tio.c_cc[NAME])); 312 (r = sshbuf_put_u32(buf, \
313 special_char_encode(tio.c_cc[NAME]))) != 0) \
314 fatal("%s: buffer error: %s", __func__, ssh_err(r)); \
311 315
312#define SSH_TTYMODE_IUTF8 42 /* for SSH_BUG_UTF8TTYMODE */ 316#define SSH_TTYMODE_IUTF8 42 /* for SSH_BUG_UTF8TTYMODE */
313 317
314#define TTYMODE(NAME, FIELD, OP) \ 318#define TTYMODE(NAME, FIELD, OP) \
315 if (OP == SSH_TTYMODE_IUTF8 && (datafellows & SSH_BUG_UTF8TTYMODE)) { \ 319 if (OP == SSH_TTYMODE_IUTF8 && (datafellows & SSH_BUG_UTF8TTYMODE)) { \
316 debug3("%s: SSH_BUG_UTF8TTYMODE", __func__); \ 320 debug3("%s: SSH_BUG_UTF8TTYMODE", __func__); \
317 } else { \ 321 } else if ((r = sshbuf_put_u8(buf, OP)) != 0 || \
318 buffer_put_char(&buf, OP); \ 322 (r = sshbuf_put_u32(buf, ((tio.FIELD & NAME) != 0))) != 0) \
319 buffer_put_int(&buf, ((tio.FIELD & NAME) != 0)); \ 323 fatal("%s: buffer error: %s", __func__, ssh_err(r)); \
320 }
321 324
322#include "ttymodes.h" 325#include "ttymodes.h"
323 326
@@ -326,9 +329,10 @@ tty_make_modes(int fd, struct termios *tiop)
326 329
327end: 330end:
328 /* Mark end of mode data. */ 331 /* Mark end of mode data. */
329 buffer_put_char(&buf, TTY_OP_END); 332 if ((r = sshbuf_put_u8(buf, TTY_OP_END)) != 0 ||
330 packet_put_string(buffer_ptr(&buf), buffer_len(&buf)); 333 (r = sshpkt_put_stringb(ssh, buf)) != 0)
331 buffer_free(&buf); 334 fatal("%s: packet error: %s", __func__, ssh_err(r));
335 sshbuf_free(buf);
332} 336}
333 337
334/* 338/*
@@ -336,16 +340,24 @@ end:
336 * manner from a packet being read. 340 * manner from a packet being read.
337 */ 341 */
338void 342void
339tty_parse_modes(int fd, int *n_bytes_ptr) 343ssh_tty_parse_modes(struct ssh *ssh, int fd)
340{ 344{
341 struct termios tio; 345 struct termios tio;
342 int opcode, baud; 346 struct sshbuf *buf;
343 int n_bytes = 0; 347 const u_char *data;
344 int failure = 0; 348 u_char opcode;
345 349 u_int baud, u;
346 *n_bytes_ptr = packet_get_int(); 350 int r, failure = 0;
347 if (*n_bytes_ptr == 0) 351 size_t len;
352
353 if ((r = sshpkt_get_string_direct(ssh, &data, &len)) != 0)
354 fatal("%s: packet error: %s", __func__, ssh_err(r));
355 if (len == 0)
356 return;
357 if ((buf = sshbuf_from(data, len)) == NULL) {
358 error("%s: sshbuf_from failed", __func__);
348 return; 359 return;
360 }
349 361
350 /* 362 /*
351 * Get old attributes for the terminal. We will modify these 363 * Get old attributes for the terminal. We will modify these
@@ -357,42 +369,48 @@ tty_parse_modes(int fd, int *n_bytes_ptr)
357 failure = -1; 369 failure = -1;
358 } 370 }
359 371
360 for (;;) { 372 while (sshbuf_len(buf) > 0) {
361 n_bytes += 1; 373 if ((r = sshbuf_get_u8(buf, &opcode)) != 0)
362 opcode = packet_get_char(); 374 fatal("%s: packet error: %s", __func__, ssh_err(r));
363 switch (opcode) { 375 switch (opcode) {
364 case TTY_OP_END: 376 case TTY_OP_END:
365 goto set; 377 goto set;
366 378
367 case TTY_OP_ISPEED: 379 case TTY_OP_ISPEED:
368 n_bytes += 4; 380 if ((r = sshbuf_get_u32(buf, &baud)) != 0)
369 baud = packet_get_int(); 381 fatal("%s: packet error: %s",
382 __func__, ssh_err(r));
370 if (failure != -1 && 383 if (failure != -1 &&
371 cfsetispeed(&tio, baud_to_speed(baud)) == -1) 384 cfsetispeed(&tio, baud_to_speed(baud)) == -1)
372 error("cfsetispeed failed for %d", baud); 385 error("cfsetispeed failed for %d", baud);
373 break; 386 break;
374 387
375 case TTY_OP_OSPEED: 388 case TTY_OP_OSPEED:
376 n_bytes += 4; 389 if ((r = sshbuf_get_u32(buf, &baud)) != 0)
377 baud = packet_get_int(); 390 fatal("%s: packet error: %s",
391 __func__, ssh_err(r));
378 if (failure != -1 && 392 if (failure != -1 &&
379 cfsetospeed(&tio, baud_to_speed(baud)) == -1) 393 cfsetospeed(&tio, baud_to_speed(baud)) == -1)
380 error("cfsetospeed failed for %d", baud); 394 error("cfsetospeed failed for %d", baud);
381 break; 395 break;
382 396
383#define TTYCHAR(NAME, OP) \ 397#define TTYCHAR(NAME, OP) \
384 case OP: \ 398 case OP: \
385 n_bytes += 4; \ 399 if ((r = sshbuf_get_u32(buf, &u)) != 0) \
386 tio.c_cc[NAME] = special_char_decode(packet_get_int()); \ 400 fatal("%s: packet error: %s", __func__, \
387 break; 401 ssh_err(r)); \
402 tio.c_cc[NAME] = special_char_decode(u); \
403 break;
388#define TTYMODE(NAME, FIELD, OP) \ 404#define TTYMODE(NAME, FIELD, OP) \
389 case OP: \ 405 case OP: \
390 n_bytes += 4; \ 406 if ((r = sshbuf_get_u32(buf, &u)) != 0) \
391 if (packet_get_int()) \ 407 fatal("%s: packet error: %s", __func__, \
392 tio.FIELD |= NAME; \ 408 ssh_err(r)); \
393 else \ 409 if (u) \
394 tio.FIELD &= ~NAME; \ 410 tio.FIELD |= NAME; \
395 break; 411 else \
412 tio.FIELD &= ~NAME; \
413 break;
396 414
397#include "ttymodes.h" 415#include "ttymodes.h"
398 416
@@ -410,11 +428,12 @@ tty_parse_modes(int fd, int *n_bytes_ptr)
410 * to stop. 428 * to stop.
411 */ 429 */
412 if (opcode > 0 && opcode < 160) { 430 if (opcode > 0 && opcode < 160) {
413 n_bytes += 4; 431 if ((r = sshbuf_get_u32(buf, NULL)) != 0)
414 (void) packet_get_int(); 432 fatal("%s: packet error: %s", __func__,
433 ssh_err(r));
415 break; 434 break;
416 } else { 435 } else {
417 logit("parse_tty_modes: unknown opcode %d", 436 logit("%s: unknown opcode %d", __func__,
418 opcode); 437 opcode);
419 goto set; 438 goto set;
420 } 439 }
@@ -422,10 +441,10 @@ tty_parse_modes(int fd, int *n_bytes_ptr)
422 } 441 }
423 442
424set: 443set:
425 if (*n_bytes_ptr != n_bytes) { 444 len = sshbuf_len(buf);
426 *n_bytes_ptr = n_bytes; 445 sshbuf_free(buf);
427 logit("parse_tty_modes: n_bytes_ptr != n_bytes: %d %d", 446 if (len > 0) {
428 *n_bytes_ptr, n_bytes); 447 logit("%s: %zu bytes left", __func__, len);
429 return; /* Don't process bytes passed */ 448 return; /* Don't process bytes passed */
430 } 449 }
431 if (failure == -1) 450 if (failure == -1)
diff --git a/uidswap.c b/uidswap.c
index 8bf6b244e..49f76d818 100644
--- a/uidswap.c
+++ b/uidswap.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: uidswap.c,v 1.39 2015/06/24 01:49:19 dtucker Exp $ */ 1/* $OpenBSD: uidswap.c,v 1.41 2018/07/18 11:34:04 dtucker Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -49,6 +49,7 @@ static gid_t saved_egid = 0;
49/* Saved effective uid. */ 49/* Saved effective uid. */
50static int privileged = 0; 50static int privileged = 0;
51static int temporarily_use_uid_effective = 0; 51static int temporarily_use_uid_effective = 0;
52static uid_t user_groups_uid;
52static gid_t *saved_egroups = NULL, *user_groups = NULL; 53static gid_t *saved_egroups = NULL, *user_groups = NULL;
53static int saved_egroupslen = -1, user_groupslen = -1; 54static int saved_egroupslen = -1, user_groupslen = -1;
54 55
@@ -92,10 +93,11 @@ temporarily_use_uid(struct passwd *pw)
92 fatal("getgroups: %.100s", strerror(errno)); 93 fatal("getgroups: %.100s", strerror(errno));
93 } else { /* saved_egroupslen == 0 */ 94 } else { /* saved_egroupslen == 0 */
94 free(saved_egroups); 95 free(saved_egroups);
96 saved_egroups = NULL;
95 } 97 }
96 98
97 /* set and save the user's groups */ 99 /* set and save the user's groups */
98 if (user_groupslen == -1) { 100 if (user_groupslen == -1 || user_groups_uid != pw->pw_uid) {
99 if (initgroups(pw->pw_name, pw->pw_gid) < 0) 101 if (initgroups(pw->pw_name, pw->pw_gid) < 0)
100 fatal("initgroups: %s: %.100s", pw->pw_name, 102 fatal("initgroups: %s: %.100s", pw->pw_name,
101 strerror(errno)); 103 strerror(errno));
@@ -110,7 +112,9 @@ temporarily_use_uid(struct passwd *pw)
110 fatal("getgroups: %.100s", strerror(errno)); 112 fatal("getgroups: %.100s", strerror(errno));
111 } else { /* user_groupslen == 0 */ 113 } else { /* user_groupslen == 0 */
112 free(user_groups); 114 free(user_groups);
115 user_groups = NULL;
113 } 116 }
117 user_groups_uid = pw->pw_uid;
114 } 118 }
115 /* Set the effective uid to the given (unprivileged) uid. */ 119 /* Set the effective uid to the given (unprivileged) uid. */
116 if (setgroups(user_groupslen, user_groups) < 0) 120 if (setgroups(user_groupslen, user_groups) < 0)
@@ -131,37 +135,6 @@ temporarily_use_uid(struct passwd *pw)
131 strerror(errno)); 135 strerror(errno));
132} 136}
133 137
134void
135permanently_drop_suid(uid_t uid)
136{
137#ifndef NO_UID_RESTORATION_TEST
138 uid_t old_uid = getuid();
139#endif
140
141 debug("permanently_drop_suid: %u", (u_int)uid);
142 if (setresuid(uid, uid, uid) < 0)
143 fatal("setresuid %u: %.100s", (u_int)uid, strerror(errno));
144
145#ifndef NO_UID_RESTORATION_TEST
146 /*
147 * Try restoration of UID if changed (test clearing of saved uid).
148 *
149 * Note that we don't do this on Cygwin, or on Solaris-based platforms
150 * where fine-grained privileges are available (the user might be
151 * deliberately allowed the right to setuid back to root).
152 */
153 if (old_uid != uid &&
154 (setuid(old_uid) != -1 || seteuid(old_uid) != -1))
155 fatal("%s: was able to restore old [e]uid", __func__);
156#endif
157
158 /* Verify UID drop was successful */
159 if (getuid() != uid || geteuid() != uid) {
160 fatal("%s: euid incorrect uid:%u euid:%u (should be %u)",
161 __func__, (u_int)getuid(), (u_int)geteuid(), (u_int)uid);
162 }
163}
164
165/* 138/*
166 * Restores to the original (privileged) uid. 139 * Restores to the original (privileged) uid.
167 */ 140 */
diff --git a/uidswap.h b/uidswap.h
index 1c1163d75..4ac91aa04 100644
--- a/uidswap.h
+++ b/uidswap.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: uidswap.h,v 1.13 2006/08/03 03:34:42 deraadt Exp $ */ 1/* $OpenBSD: uidswap.h,v 1.14 2018/07/18 11:34:05 dtucker Exp $ */
2 2
3/* 3/*
4 * Author: Tatu Ylonen <ylo@cs.hut.fi> 4 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -15,4 +15,3 @@
15void temporarily_use_uid(struct passwd *); 15void temporarily_use_uid(struct passwd *);
16void restore_uid(void); 16void restore_uid(void);
17void permanently_set_uid(struct passwd *); 17void permanently_set_uid(struct passwd *);
18void permanently_drop_suid(uid_t);
diff --git a/umac.c b/umac.c
index eab831072..ccae39f30 100644
--- a/umac.c
+++ b/umac.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: umac.c,v 1.16 2017/12/12 15:06:12 naddy Exp $ */ 1/* $OpenBSD: umac.c,v 1.17 2018/04/10 00:10:49 djm Exp $ */
2/* ----------------------------------------------------------------------- 2/* -----------------------------------------------------------------------
3 * 3 *
4 * umac.c -- C Implementation UMAC Message Authentication 4 * umac.c -- C Implementation UMAC Message Authentication
@@ -65,7 +65,7 @@
65/* #define AES_IMPLEMENTAION 1 1 = OpenSSL, 2 = Barreto, 3 = Gladman */ 65/* #define AES_IMPLEMENTAION 1 1 = OpenSSL, 2 = Barreto, 3 = Gladman */
66/* #define SSE2 0 Is SSE2 is available? */ 66/* #define SSE2 0 Is SSE2 is available? */
67/* #define RUN_TESTS 0 Run basic correctness/speed tests */ 67/* #define RUN_TESTS 0 Run basic correctness/speed tests */
68/* #define UMAC_AE_SUPPORT 0 Enable auhthenticated encrytion */ 68/* #define UMAC_AE_SUPPORT 0 Enable authenticated encryption */
69 69
70/* ---------------------------------------------------------------------- */ 70/* ---------------------------------------------------------------------- */
71/* -- Global Includes --------------------------------------------------- */ 71/* -- Global Includes --------------------------------------------------- */
@@ -295,9 +295,9 @@ static void pdf_gen_xor(pdf_ctx *pc, const UINT8 nonce[8], UINT8 buf[8])
295 * Before beginning another hash calculation the nh_reset() routine 295 * Before beginning another hash calculation the nh_reset() routine
296 * must be called. The single-buffer routine, nh(), is equivalent to 296 * must be called. The single-buffer routine, nh(), is equivalent to
297 * the sequence of calls nh_update() and nh_final(); however it is 297 * the sequence of calls nh_update() and nh_final(); however it is
298 * optimized and should be prefered whenever the multiple-buffer interface 298 * optimized and should be preferred whenever the multiple-buffer interface
299 * is not necessary. When using either interface, it is the client's 299 * is not necessary. When using either interface, it is the client's
300 * responsability to pass no more than L1_KEY_LEN bytes per hash result. 300 * responsibility to pass no more than L1_KEY_LEN bytes per hash result.
301 * 301 *
302 * The routine nh_init() initializes the nh_ctx data structure and 302 * The routine nh_init() initializes the nh_ctx data structure and
303 * must be called once, before any other PDF routine. 303 * must be called once, before any other PDF routine.
@@ -319,8 +319,8 @@ static void pdf_gen_xor(pdf_ctx *pc, const UINT8 nonce[8], UINT8 buf[8])
319typedef struct { 319typedef struct {
320 UINT8 nh_key [L1_KEY_LEN + L1_KEY_SHIFT * (STREAMS - 1)]; /* NH Key */ 320 UINT8 nh_key [L1_KEY_LEN + L1_KEY_SHIFT * (STREAMS - 1)]; /* NH Key */
321 UINT8 data [HASH_BUF_BYTES]; /* Incoming data buffer */ 321 UINT8 data [HASH_BUF_BYTES]; /* Incoming data buffer */
322 int next_data_empty; /* Bookeeping variable for data buffer. */ 322 int next_data_empty; /* Bookkeeping variable for data buffer. */
323 int bytes_hashed; /* Bytes (out of L1_KEY_LEN) incorperated. */ 323 int bytes_hashed; /* Bytes (out of L1_KEY_LEN) incorporated. */
324 UINT64 state[STREAMS]; /* on-line state */ 324 UINT64 state[STREAMS]; /* on-line state */
325} nh_ctx; 325} nh_ctx;
326 326
@@ -851,7 +851,7 @@ static void poly_hash(uhash_ctx_t hc, UINT32 data_in[])
851 851
852 852
853/* The final step in UHASH is an inner-product hash. The poly hash 853/* The final step in UHASH is an inner-product hash. The poly hash
854 * produces a result not neccesarily WORD_LEN bytes long. The inner- 854 * produces a result not necessarily WORD_LEN bytes long. The inner-
855 * product hash breaks the polyhash output into 16-bit chunks and 855 * product hash breaks the polyhash output into 16-bit chunks and
856 * multiplies each with a 36 bit key. 856 * multiplies each with a 36 bit key.
857 */ 857 */
diff --git a/utf8.c b/utf8.c
index bc131385f..db7cb8f35 100644
--- a/utf8.c
+++ b/utf8.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: utf8.c,v 1.7 2017/05/31 09:15:42 deraadt Exp $ */ 1/* $OpenBSD: utf8.c,v 1.8 2018/08/21 13:56:27 schwarze Exp $ */
2/* 2/*
3 * Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org> 3 * Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org>
4 * 4 *
@@ -53,6 +53,8 @@ static int vasnmprintf(char **, size_t, int *, const char *, va_list);
53 * For state-dependent encodings, recovery is impossible. 53 * For state-dependent encodings, recovery is impossible.
54 * For arbitrary encodings, replacement of non-printable 54 * For arbitrary encodings, replacement of non-printable
55 * characters would be non-trivial and too fragile. 55 * characters would be non-trivial and too fragile.
56 * The comments indicate what nl_langinfo(CODESET)
57 * returns for US-ASCII on various operating systems.
56 */ 58 */
57 59
58static int 60static int
@@ -60,9 +62,12 @@ dangerous_locale(void) {
60 char *loc; 62 char *loc;
61 63
62 loc = nl_langinfo(CODESET); 64 loc = nl_langinfo(CODESET);
63 return strcmp(loc, "US-ASCII") != 0 && strcmp(loc, "UTF-8") != 0 && 65 return strcmp(loc, "UTF-8") != 0 &&
64 strcmp(loc, "ANSI_X3.4-1968") != 0 && strcmp(loc, "646") != 0 && 66 strcmp(loc, "US-ASCII") != 0 && /* OpenBSD */
65 strcmp(loc, "") != 0; 67 strcmp(loc, "ANSI_X3.4-1968") != 0 && /* Linux */
68 strcmp(loc, "ISO8859-1") != 0 && /* AIX */
69 strcmp(loc, "646") != 0 && /* Solaris, NetBSD */
70 strcmp(loc, "") != 0; /* Solaris 6 */
66} 71}
67 72
68static int 73static int
diff --git a/version.h b/version.h
index a3fa6e0b9..e7df751e1 100644
--- a/version.h
+++ b/version.h
@@ -1,6 +1,6 @@
1/* $OpenBSD: version.h,v 1.81 2018/03/24 19:29:03 markus Exp $ */ 1/* $OpenBSD: version.h,v 1.82 2018/07/03 11:42:12 djm Exp $ */
2 2
3#define SSH_VERSION "OpenSSH_7.7" 3#define SSH_VERSION "OpenSSH_7.8"
4 4
5#define SSH_PORTABLE "p1" 5#define SSH_PORTABLE "p1"
6#define SSH_RELEASE_MINIMUM SSH_VERSION SSH_PORTABLE 6#define SSH_RELEASE_MINIMUM SSH_VERSION SSH_PORTABLE
diff --git a/xmss_wots.c b/xmss_wots.c
index b4702ed8d..ed904cd75 100644
--- a/xmss_wots.c
+++ b/xmss_wots.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: xmss_wots.c,v 1.2 2018/02/26 03:56:44 dtucker Exp $ */ 1/* $OpenBSD: xmss_wots.c,v 1.3 2018/04/10 00:10:49 djm Exp $ */
2/* 2/*
3wots.c version 20160722 3wots.c version 20160722
4Andreas Hülsing 4Andreas Hülsing
@@ -65,7 +65,7 @@ static void expand_seed(unsigned char *outseeds, const unsigned char *inseed, co
65 * Computes the chaining function. 65 * Computes the chaining function.
66 * out and in have to be n-byte arrays 66 * out and in have to be n-byte arrays
67 * 67 *
68 * interpretes in as start-th value of the chain 68 * interprets in as start-th value of the chain
69 * addr has to contain the address of the chain 69 * addr has to contain the address of the chain
70 */ 70 */
71static void gen_chain(unsigned char *out, const unsigned char *in, unsigned int start, unsigned int steps, const wots_params *params, const unsigned char *pub_seed, uint32_t addr[8]) 71static void gen_chain(unsigned char *out, const unsigned char *in, unsigned int start, unsigned int steps, const wots_params *params, const unsigned char *pub_seed, uint32_t addr[8])